Commentary and Opinion
Sven Dietrich's review of Attacking Network Protocols by James Forshaw
NewsBits: Announcements and correspondence from readers (please contribute!)
Listing of academic positions available by
Posted January 2018
Date position announcement closes: when filled
Cipher calendar announcements are on Twitter; follow "ciphernews"
Requests for inclusion in the list should sent per instructions.
new calls or announcements added since Cipher E141 (the calls-for-papers and the calendar announcements may differ slightly in content or time of update):
SADFE 2018 12th International Workshop on Systematic Approaches to Digital Forensics Engineering, Co-located with 39th IEEE Symposium on Security and Privacy (IEEE S&P 2018), San Francisco, CA, USA, May 24, 2018. (Submissions are due 31 January 2018)
SADFE (Systematic Approaches to Digital Forensic Engineering) promotes systematic approaches to digital forensic investigation on failures of today's cyber systems and networks. SADFE furthers Digital Forensic Engineering (DFE) advancement as a disciplined and holistic scientific practice. The 12th International Conference on Systematic Approaches to Digital Forensic Engineering (SADFE) is calling for paper submissions in the broad field of Digital Forensics from both practitioner and researcher's perspectives. With the dynamic change and rapid expansion of the types of electronic devices, networked applications, and investigation challenges, systematic approaches for automating the process of gathering, analyzing and presenting digital evidence are in unprecedented demands. The SADFE conference aims at promoting solutions for related problems. Past speakers and attendees of SADFE have included computer scientists, social scientists, forensic practitioners, lawyers and judges. The synthesis of hard technology and science with social science and practice forms the foundation of this conference. Papers focusing on any of the system, legal, or practical aspects of digital forensics are solicited. Topics to be Addressed:
SP 2019 40th IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 20-22, 2019. (Submissions are due first day of each month)
Since 1980 in Oakland, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation and measurement of secure systems. Topics of interest include:
WCCI-Blockchain 2018 Blockchain Research and Applications Session, Held in conjunction with the 2018 World Congress on Computational Intelligence (WCCI 2018), Rio de Janeiro, Brasil, July 8-13, 2018. (Submissions are due 1 February 2018)
The blockchain emerged as a novel distributed consensus scheme that allows transactions, and any other data, to be securely stored and verified in a decentralized way. Considered by some as revolutionary as the Internet, the blockchain has the potential to underpin concepts, frameworks, regulations, and economics. The nascent field of blockchain research is highly interdisciplinary, and has the potential for fascinating research projects and results, sitting at the intersection of computer science, cryptography, economics, engineering, finance, law, mathematics, and politics. Many technical challenges arise with the rapid development of distributed ledger technologies. There is a great interest in applying blockchain to different application scenarios and in solving complex problems. This technology also offers superb opportunities to support the transformation of business models. This special session aims to provide a forum for researchers in this area to carefully analyze current systems or propose new ones, in order to create a scientific background for a solid development of new blockchain technology systems.
USENIX Security 2018 27th USENIX Security Symposium, Baltimore, MD, USA, August 15-17, 2018. (Submissions are due 8 February 2018)
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security and privacy of computer systems and networks. All researchers are encouraged to submit papers covering novel and scientifically significant practical works in computer security. USENIX Security is interested in all aspects of computing systems security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.
SOUPS 2018 14th Symposium on Usable Privacy and Security, Baltimore, MD, USA, August 12-14, 2018. (Submissions are due 12 February 2018)
The Fourteenth Symposium on Usable Privacy and Security will bring together an interdisciplinary group of researchers and practitioners in human computer interaction, security, and privacy. We invite authors to submit previously unpublished papers describing research or experience in all areas of usable privacy and security. We welcome a variety of research methods, including both qualitative and quantitative approaches. Papers will be judged on their scientific quality, overall quality, and value to the community.
Crypto 2018 38th International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2018. (Submissions are due 13 February 2018)
Original contributions on all technical aspects of cryptology are solicited for submission to Crypto 2018, the 38th Annual International Cryptology Conference. Submissions are welcome on any cryptographic topic including, but not limited to:
BioSTAR 2018 3rd International Workshop on Bio-inspired Security, Trust, Assurance and Resilience, Co-located with 39th IEEE Symposium on Security and Privacy (IEEE S&P 2018), San Francisco, CA, USA, May 24, 2018. (Submissions are due 15 February 2018)
As computing and communication systems continue to expand and offer new services, these advancements require more dynamic, diverse, and interconnected computing infrastructures. Unfortunately, defending and maintaining resilient and trustworthy operation of these complex systems are increasingly difficult challenges. Conventional approaches to Security, Trust, Assurance and Resilience (STAR for short) are often too narrowly focused and cannot easily scale to manage large, coordinated and persistent attacks in these environments. Designs found in nature are increasingly used as a source of inspiration for STAR and related networking and intelligence solutions for complex computing and communication environments. Nature's footprint is present in the world of Information Technology, where there are an astounding number of computational bio-inspired techniques. These well-regarded approaches include genetic algorithms, neural networks, ant algorithms, immune systems just to name a few. For example several networking management and security technologies have successfully adopted some of nature's approaches, such as swarm intelligence, artificial immune systems, sensor networks, moving target defense, diversity-based software design, etc. Nature has also developed an outstanding ability to recognize individuals or foreign objects and adapt/evolve to protect a group or a single organism. Solutions that incorporate these nature-inspired characteristics often have improved performance and/or provided new capabilities beyond more traditional methods. The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of nature-inspired STAR aspects in computing and communications. Topics of interests include, but are not limited to:
WIIoTS 2018 Workshop on Industrial Internet of Things Security, Bilbao, Spain, June 4-7, 2018. (Submissions are due 16 February 2018)
The Industrial Internet of Things (IIoT) is an emerging paradigm in today's (control) industry, comprising Internet-enabled cyber-physical devices with the ability to couple to the new interconnection technologies such as cloud/fog computing. Under this perspective, the new industrial cyber-physical "things" can be accessible and available from remote locations, the information of which can be processed and stored in distributed locations, favouring the cooperation, the performance in field, and the achievement of operational tasks working at optimal times. However, the incorporation of the IIoT in the new scenarios of the fourth industrial revolution, also known as Industry 4.0, entails having to consider the new security and privacy issues that can threaten the wellbeing of the new IIoT ecosystem and its coexistence with the existing industrial technologies, with a high risk of impact on the end-users. Therefore, this workshop will create a collaboration platform for experts from academia, governments and industry to address the new IIoT security and privacy challenges. Papers related to security and privacy of embedded systems working in industrial and control environments, such as SCADA, smart grid, smart cities, manufacturing systems, water systems, and in critical infrastructures in general, are all welcome at WIIoTS 2018.
IVSW 2018 3rd International Verification and Security Workshop, Costa Brava, Spain, July 2-4, 2018. (Submissions are due 21 February 2018)
Issues related to verification and security are increasingly important in modern electronic systems. In particular, the huge complexity of electronic systems has led to growth in quality, reliability and security needs in several application domains as well as pressure for low cost products. There is a corresponding increasing demand for cost-effective verification techniques and security solutions. These needs have increased dramatically with the increased complexity of electronic systems and the fast adoption of these systems in all aspects of our daily lives. The goal of IVSW is to bring industry practitioners and researchers from the fields of verification, validation, test, reliability and security to exchange innovative ideas and to develop new methodologies for solving the difficult challenges facing us today in various SoC design environments. The workshop seeks submissions from academia and industry presenting novel research results on the following topics of interest:
PETS 2018 18th Privacy Enhancing Technologies Symposium, Barcelona, Spain, July 24-27, 2018. (Submissions are due 28 February 2018)
The annual Privacy Enhancing Technologies Symposium (PETS) brings together privacy experts from around the world to present and discuss recent advances and new perspectives on research in privacy technologies. Papers undergo a journal-style reviewing process and accepted papers are published in Proceedings on Privacy Enhancing Technologies (PoPETs), a scholarly, open access journal. Submitted papers should present novel practical and/or theoretical research into the design, analysis, experimentation, or fielding of privacy-enhancing technologies. While PETS/PoPETs has traditionally been home to research on anonymity systems and privacy-oriented cryptography, we strongly encourage submissions on a number of both well-established and emerging privacy-related topics, for which examples are provided below. PoPETs also solicits submissions for Systematization of Knowledge (SoK) papers. These are papers that critically review, evaluate, and contextualize work in areas for which a body of prior literature exists, and whose contribution lies in systematizing the existing knowledge in that area. Authors are encouraged to view our FAQ about the submission process.
SecDev 2018 IEEE Security Development Conference, Cambridge, MA, USA, September 30-October 2, 2018. (Submissions are due 5 March 2018)
SecDev is a venue for presenting ideas, research, and experience about how to develop secure systems. SecDev is distinguished by its focus on the theory, techniques, and tools for how to "build security in" to computing systems, and not simply discover the absence of security. Its goal is to encourage and disseminate ideas for secure system development among academia, industry, and government. Developers have valuable experiences and ideas that can inform academic research, and researchers have concepts, studies, and even code and tools that could benefit developers. Great SecDev contributions could come from attendees of industrial conferences like AppSec, RSA, Black Hat, and Shmoocon; from attendees of academic conferences like IEEE S&P, IEEE CSF, USENIX Security, PLDI, FSE, ISSTA, SOUPS, and others; and from newcomers. SecDev solicits four types of contributions. First, SecDev is a forum for novel research papers that present innovations, experience-based insights, or a vision about how to "build security in" to existing and new computing systems. Position papers with exceptional visions will also be considered. Second, SecDev seeks Best Practices (BP) papers that provide an in-depth clarification and integration of solutions on a major security area. The paper needs to provide new perspectives and insights, although it could draw upon prior work. Third, SecDev seeks hands-on and interactive tutorials on processes, frameworks, languages, and tools for building security in. The goal is to share knowledge on the art and science of secure systems development. Fourth, SecDev seeks abstracts from practitioners to share their practical experiences and challenges in security development.
ESSoS 2018 International Symposium on Engineering Secure Software and Systems, Campus Paris-Saclay, France, June 26-27, 2018. (Submissions are due 9 March 2018)
Software-based systems permeate the very fabric of our society from enterprise IT systems and mobile devices to smart home and city environments. Consequently, computer security is becoming an increasingly inter-disciplinary subject requiring attention to the various aspects of securing our software-based infrastructure. One must pay careful attention to ensure compatibility with existing software and the wider socio-technical context (e.g., users and organisations) which it inhabits. This, in turn, requires an approach that integrates insights from computer security research with rigorous software engineering methods to ensure the security and resilience of our digital infrastructure. ESSoS therefore welcomes contributions that are at the border of system security and software engineering. The goal of this symposium is to bring together researchers and practitioners to advance the state of the art and practice in secure software engineering. Being one of the few conference-level events dedicated to this topic, it explicitly aims to bridge the software engineering and software security communities. The symposium features two days of technical program including two keynote presentations. In addition to academic papers, the symposium encourages submission of high-quality, informative industrial experience papers about successes and failures in secure software engineering and the lessons learned. Furthermore, the symposium also accepts short idea papers that crisply describe a promising direction, approach, or insight.
ARES 2018 13th International Conference on Availability, Reliability and Security, Hamburg, Germany, August 27-30, 2018. (Submissions are due 16 March 2018)
The 13th International Conference on Availability, Reliability and Security ("ARES - The International Dependability Conference") will bring together researchers and practitioners in the area of dependability. ARES will highlight the various aspects of dependability - with special focus on the crucial linkage between availability, reliability and security. ARES aims at a full and detailed discussion of the research issues of dependability as an integrative concept that covers amongst others availability, safety, confidentiality, integrity, maintainability and security in the different fields of applications. ARES will emphasize the interplay between foundations and practical issues of dependability in emerging areas such as e-government, m-government, location-based applications, ubiquitous computing, autonomous computing, chances of grid computing etc. ARES is devoted to the critical examination and research challenges of the various aspects of Dependable Computing and the definition of a future road map.
DASC 2018 16th IEEE International Conference on Dependable, Autonomic and Secure Computing, Athens, Greece, August 12-15, 2018. (Submissions are due 30 March 2018)
IEEE DASC 2018 aims to bring together computer scientists, industrial engineers, and researchers to discuss and exchange experimental and theoretical results, novel designs, work-in-progress, experience, case studies, and trend-setting ideas in the areas of dependability, security, trust and/or autonomic computing systems. Topics of particular interests include the following tracks, but are not limited to:
DBSec 2018 32nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy, Bergamo, Italy, July 16-18, 2018. (Submissions are due 30 March 2018)
DBSec is an annual international conference covering research in data and applications security and privacy. The 32nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2018) will be held in Bergamo, Italy. The conference seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of data protection, privacy, and applications security. Topics of interest include, but are not limited to:
ICDF2C 2018 10th EAI International Conference on Digital Forensics & Cyber Crime, New Orleans, LA, USA, September 10-12, 2018. (Submissions are due 30 April 2018)
Cyberspace is becoming increasingly central to the basic function of modern society. Cybercrime and cyberwarfare have emerged as major threats to the integrity of digital information and to the functioning of cyber-controlled physical systems. Such threats have direct consequences for almost all individuals, businesses and organizations, government institutions, and civic processes. Digital forensics and cybercrime investigations are multidisciplinary areas that encompass law and law enforcement, computer science and engineering, IT operations, economics and finance, data analytics and criminal justice. ICDF2C brings together researchers and practitioners from all these areas in order to scientifically address the numerous challenges due to the rapid increase in the amount and variety of data under investigation, as well as the growing complexity of both the threats and the targeted systems.
SciSec 2018 1st International Conference on Science of Cyber Security, Beijing, China, August 12-14, 2018. (Submissions are due 1 May 2018)
This new forum aims to catalyze the research collaborations between the relevant communities and disciplines that can work together to deepen our understanding of, and build a firm foundation for, the emerging Science of Cyber Security. Publications in this venue would distinguish themselves from others by taking or thinking from a holistic perspective about cyber security, rather than the building-block perspective. Each submission will be reviewed (double blind) by at least 3 reviewers. The program committee plans to select and award a Best Paper and a Best Student Paper. The post-conference proceedings will be published in Springer's Lecture Notes in Computer Science (LNCS) series. Areas of interest include:
Staying in touch....
IEEE Computer Society's Technical Committee on Security and Privacy
|TC home page||TC Officers|
|How to join the TCSP (or other TCs)||Open Access Proceedings|
|Cipher past issues archive|