_/_/_/_/ _/_/_/ _/_/_/_/ _/ _/ _/_/_/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/_/ _/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/ _/ _/ _/ _/_/_/_/ _/ _/ ============================================================================ Newsletter of the IEEE Computer Society's TC on Security and Privacy Electronic Issue 171 January 30, 2023 Hilarie Orman, Editor Sven Dietrich, Assoc. Editor cipher-editor @ ieee-security.org cipher-assoc-editor @ ieee-security.org Sven Dietrich Yong Guan Book Review Editor Calendar Editor cipher-bookrev @ ieee-security.org cipher-cfp @ ieee-security.org ============================================================================ The newsletter is also at http://www.ieee-security.org/cipher.html Cipher is published 6 times per year Contents: * Letter from the Editor * Commentary and Opinion and News o Sven Dietrich's review of the book, "Artificial Intelligence and National Security" by Reza Montasari o News from the Media - Who Guards the Guardian? - Leaks Jitter Twitter - Met a Fake on Meta - Royal Mail Is Not Amused - Hive Collapse o Book reviews, Conference Reports and Commentary and News items from past Cipher issues are available at the Cipher website * Conference and Workshop Announcements o Upcoming calls-for-papers and events * List of Computer Security Academic Positions, by Cynthia Irvine * Staying in Touch o Information for subscribers and contributors o Recent address changes * Links for the IEEE Computer Society TC on Security and Privacy o Becoming a member of the TC o TC Officers o TC publications for sale ==================================================================== Letter from the Editor ==================================================================== Dear Readers: This month marks the 20th year since the inaugural issue of "Security and Privacy" magazine*, published by the Computer Society. The magazine complements the Security and Privacy Symposium with articles for a audience that includes security practitioners, interested technical experts from a general background, as well as academics. The magazine and symposium communities overlap in several dimensions, and the magazine often includes summaries of some of the Symposium papers. This month the magazine takes a look back at the papers from 2003. There were only 19 papers presented at the symposium that year, and while some were prescient in their investigations of what are today's methods and problems, it would have been difficult to foresee that 20 years later, hundreds of papers would be necessary to cover the scope of active research in security and privacy. We see the need for this research almost daily when reading newspaper headlines about the effects of cybercrime as businesses shutdown to restore their systems, and users find their personal data has been disclosed and their personal assets are endangered. Constant vigilance is a necessity in our endangered computer world. We have a book review this month from Sven Dietrich about the use of artificial intelligence in matters of national security. The collection of essays touch on matters such as policy, privacy, and law enforcement. AI will probably come to underpin decision-making in security systems. It is time to start thinking about the implications. An international coalition of law enforcement agencies, including the FBI, recently disabled a ransomware operation that cost businesses, especially healthcare providers, perhaps as much as $100M in ransom, not to mention the cost of restoring their systems and recovering from days or weeks of inability to function except through paper records. From the accounts, the takedown of "The Hive" was a painstaking operation involving months of surveillance and clever, legal, hacking. An amazing number of people now have expertise in combatting cybercrime, and that is a notable change from 20 years ago. The immortal bard saw similarities between the society of honeybees and human governments, and perhaps these hoary lines have new life, if only accidentally, in considering the FBI operation against "The Hive": "We bring it to the hive and, like the bees, Are murdered for our pains." (Henry IV) "The commons, like an angry hive of bees That want their leader, scatter up and down And care not who they sting in his revenge." (Henry VI) "Full merrily the humble-bee doth sing, Till he hath lost his honey and his sting." (Troilus and Cressida) May the angry and merry bees of malware keep their distance from us all. Hilarie Orman cipher-editor @ ieee-security.org * https://www.computer.org/csdl/magazine/sp ==================================================================== Commentary and Opinion ==================================================================== Book reviews from past issues of Cipher are archived at http://www.ieee-security.org/Cipher/BookReviews.html, and conference reports are archived at http://www.ieee-security.org/Cipher/ConfReports.html ____________________________________________________________________ Book Review By Sven Dietrich Jan 30, 2023 ____________________________________________________________________ "Artificial Intelligence and National Security" by Reza Montasari Springer Verlag, 2022 ISBN ISBN 978-3-031-06708-2, ISBN 978-3-031-06709-9 (eBook) VIII, 230 pages "I'm sorry Dave, I'm afraid I can't do that." We often associate Artificial Intelligence (AI) with dystopian movie scenes, such as this one, a quote by HAL 9000 from Stanley Kubrick's 1968 science-fiction movie "2001: A Space Odyssey." The idea is that of a human-created AI system going out of control and turning against the humans in some ways. Recent discussions around OpenAI's chatbot ChatGPT are reminiscent of that, asking the question: "What if?" We have seen these discussions initiated by both the public and policymakers, resulting in, among others, NIST's AI risk management framework, AI committees in government agencies, and a public dialogue on the matter. In tune with these concerns, Reza Montasari's fall 2022 release of the Springer book "Artificial Intelligence and National Security" is a series of curated papers on various topics related to the book title. These papers are mostly focusing on the use of AI for national security and a wide range of legal, ethical, moral and privacy challenges that come with it. Some of the papers are co-authored by Montasari, some are not. A total of eleven articles, effectively chapters, are featured in this book. The topics sometimes overlap a little, so here is an overview of these papers. The first one, "Artificial Intelligence and the Spread of Mis- and Disinformation" talks about the post-truth era and the use of AI for nefarious information campaigns, invoking thoughts of another dystopian work, 1984. It discusses the clear difference between mis- and disinformation, and the double-edge sword of AI here: creation and mitigation are both possible for this topic, which is very timely. The second one, "How States' Recourse to Artificial Intelligence for National Security Purposes Threatens Our Most Fundamental Rights" explores the pitfalls of the use of AI technology in the context of human rights violations or constitutional rights violations, depending on your jurisdiction. Here the reader will find discussions of the impact of surveillance technologies on both sides of the fence, whatever your fence may be. The third one, "The Use of AI in Managing Big Data Analysis Demands: Status and Future Directions" taps in the controversies of big data analysis. Data is easy to accumulate, and the ramifications can be deep: while data can originate from one location, its origin can be varied due to the vast nature of the Internet or the presence of multinational companies across the globe. The fourth one, "The Use of Artificial Intelligence in Content Moderation in Countering Violent Extremism on Social Media Platforms" touches upon the moderation of extreme views being proliferation in social media platforms, which isn't always successful when applied with AI techniques. The fifth one, "A Critical Analysis into the Beneficial and Malicious Utilisations of Artificial Intelligence" performs a survey of benign and malicious uses of AI. A rather optimistic view argues that benign uses may outweigh the malicious ones. The sixth one, "Countering Terrorism: Digital Policing of Open Source Intelligence and Social Media Using Artificial Intelligence" is similar to the fourth one, discussing moderation, analysis, and policing of social media using AI. The seventh one, "Cyber Threat Prediction and Modelling" considers threat prediction and modelling at the business level, e.g. for C-Suite executives, for those seeking risk management appraoches using AI. The eighth one, "A Critical Analysis of the Dark Web Challenges to Digital Policing" investigates the dark and deep web and what policies may be needed to limit illegal behavior there. The ninth one, "Insights into the Next Generation of Policing: Understanding the Impact of Technology on the Police Force in the Digital Age" muses about the impact of AI on the police work and patrolling the digital beat. /nThe tenth one, "The Dark Web and Digital Policing" is similar to the eighth one, and tries to find a middle ground between enforcing laws in the dark web as well as protecting it. The eleventh one, finally, "Pre-emptive Policing: Can Technology be the Answer to Solving London's Knife Crime Epidemic?" talks about combining various modern techniques, including AI, for combating real physical crime (rather than cybercrime) in a real city, London in this case. It's not quite a "Minority Report" theme, yet another dystopian reference by this reviewer, but many enforcement agencies already use the assistance of smart technologies for combating crime. The book is really meant to be thought-provoking, to enable discussions to what extent of the law or with what technological capability, AI or not, this world should be moving forward. It is by no means complete, but each paper (or chapter) provides good starting points with extensive references for reading further into each domain that is brought forth in this book. Overall this is a timely book, especially in light of the discussions about the OpenAI chatbot ChatGPT (as well as Dall-E image manipulation) and the role of AI technologies in modern society in recent weeks. I hope you will enjoy reading it. --------------------------------------------------------------------- Sven Dietrich reviews technology and security books for IEEE Cipher. He welcomes your thoughts at spock at ieee dot org ==================================================================== News Briefs ==================================================================== News briefs from past issues of Cipher are archived at http://www.ieee-security.org/Cipher/NewsBriefs.html --------------------------------- Who Guards the Guardian? Guardian confirms it was hit by ransomware attack https://www.theguardian.com/media/2023/jan/11/guardian-confirms-it-was-hit-by-ransomware-attack Media firm says personal data of UK staff members was accessed in 'highly sophisticated' cyber-attack last month Date: 11 Jan 2023 Publisher: The Guardian By Dan Milmo: Summary: The Guardian newspaper said that its internal systems were affected by a ransomware attack on December 20. The attack was probably launched via a phishing campaign. The paper said no personal data of subscribers or staff was leaked. However, employees were asked to work from home while the IT staff completed recovery procedures. There was no statement about whether or not a ransom had been paid. [Ed. Perhaps the attack made The Guardian more aware of cybercrime than it had been previously. In looking over the news item we collected for this issue of Cipher, we noticed that all of them were from The Guardian during January. Let's hope the paper continues being a good source of security information.] --------------------------------- Leaks Jitter Twitter Hackers reportedly leak email addresses of more than 200 million Twitter users https://www.theguardian.com/technology/2023/jan/05/twitter-users-data-hacked-email-address-phone-numbers Information posted on a hacking forum in 'one of the most significant' breaches of users' email addresses and phone numbers Date: 5 Jan 2023 Publisher: Reuters Summary: Experts say that information about Twitter users was gathered at some indefinite past time and posted in early January of 2023. The data might be a year or two old. The correletion between Twitter handle and email address could be a significant headache for users who expected identity privacy. The sheer number of email addresses is significant, but the worst problem for the social media company might be the fallout from EU regulations about protecting user data. --------------------------------- Met a Fake on Meta Meta alleges surveillance firm collected data on 600,000 users via fake accounts https://www.theguardian.com/technology/2023/jan/12/meta-voyager-labs-surveillance-fake-accounts Lawsuit targets Voyager after Guardian investigation uncovered police partnership and company's claims it could predict crime Date: 12 Jan 2023 Publisher: The Guardian By: Sam Levin and Johana Bhuiyan Summary: Sometimes the social media companies violate the privacy of their users, and sometimes they are pawns in a different game. Meta is suing a company, Voyager, that has used information from Facebook and Instagram accounts to predict crime, including terrorism, and to report those predictions to law enforcement. The Voyager tools accomplished their data collection through thousands of fake accounts that violated Meta's terms of use. The fake accounts are said to have been both passive and active. Some where controlled by police personnel observing or interacting with targeted people. Voyager is not the only company producing tools that use social media for surveillance. The Guardian article opines that "tech firms working to offset the industry's slowing growth have increasingly answered law enforcement’s call for new surveillance and policing products." This is a dilemma for the social media companies because they are obligated in various ways to protect user privacy, but they are also platforms for covert surveillance by governments. Voyager's customer in this case, the Los Angeles Police Department, was delighted by the insights the tool gave them. --------------------------------- Royal Mail Is Not Amused Royal Mail ransomware attackers threaten to publish stolen data https://www.theguardian.com/business/2023/jan/12/royal-mail-ransomware-attackers-threaten-to-publish-stolen-data Postal service has been unable to send letters and parcels overseas since Wednesday due to hacking Date:2 Jan 2023 Publisher: The Guardian By: Jasper Jolly Summary: The UK postal service's international service was rendered inoperative due to ransomware from a group known as Lockbit, probably originating from Russian hackers. The hackers threatened to publish unspecified stolen data unless the ransom was paid. The postal service's domestic operatons were unaffected. The Royal Mail worked with the government's cybersecurity agencies to try to cope with the damage. --------------------------- Royal Mail progressing to full operations following ransomware attack https://therecord.media/royal-mail-nearly-back-to-full-operations-following-ransomware-attack/ Date: January 26, 2023 Publisher: The Record By: Alexander Martin Summary: Two weeks after a ransomware attack, the UK Royal Mail reported that it had nearly dug itself out of the damage and would be able to resume international operations. There was no word on whether or not the ransom had been paid, though given the length of the downtime, one suspects that it was not. Noting that ransomware attacks are becoming more frequent, the article goes on to note this depressing assessment of the effect on businesses and governements: "British government sources dealing directly with the ransomware issue told The Record they saw no light at the end of the tunnel ..." --------------------------- See also: 11 Jan 2023, Computer Weekly, Royal Mail services hit by major cyber attack https://www.computerweekly.com/news/252529095/Royal-Mail-overseas-services-hit-by-major-cyber-attack "Royal Mail is experiencing severe service disruption to our international export services following a cyber incident," said a spokesperson. While the postal service's domestic operations were unaffected, the recovery of international services was a major chore. Even more than a week later, full operation had not been restored. https://www.computerweekly.com/news/252529371/International-post-resumes-thanks-to-Royal-Mail-workarounds --------------------------------- Hive Collapse 'We hacked the hackers,' says deputy attorney general of group that has received over $100m in extortion payments from victims https://www.theguardian.com/us-news/2023/jan/26/hive-ransomware-servers-seized-us Date: 26 Jan 2023 Publisher: The Guardian By Hugo Lowell: Summary: For several months the FBI has been keeping tabs on the server for a notorious ransomware site called The Hive. They were able to help some victims get the decryption keys for freeing their data without paying ransom, but attacks continued. the international coalition of law enforcement agencies finally infiltrated the server. Though details of the legal exploit are public, it seems that the server was the command and control center for the ransomware software. By seizing the site, they got access to the software that generated the encryption and decryption keys. The FBI worked with victims to learn about how the software affected their systems, and they were finally able to devise a method for gaining full access to the server, which now displays a web page announcing the seizure and the agencies that cooperated in the operation. ==================================================================== Listing of academic positions available by Cynthia Irvine ==================================================================== http://cisr.nps.edu/jobscipher.html -------------- This job listing is maintained as a service to the academic community. If you have an academic position in computer security and would like to have in it included on this page, send the following information: Institution, City, State, Position title, date position announcement closes, and URL of position description to: irvine@cs.nps.navy.mil ==================================================================== Conference and Workshop Announcements ==================================================================== ==================================================================== Upcoming Calls-For-Papers and Events ==================================================================== The complete Cipher Calls-for-Papers is located at http://www.ieee-security.org/CFP/Cipher-Call-for-Papers.html The Cipher event Calendar is at http://www.ieee-security.org/Calendar/cipher-hypercalendar.html Cipher calendar entries are announced on Twitter; follow ciphernews Requests for inclusion in the list should sent per instructions: http://www.ieee-security.org/Calendar/submitting.html IFIP 11.9 DF 2023 19th Annual IFIP WG 11.9 International Conference on Digital Forensics, SRI International, Arlington, Virginia, USA, January 30-31, 2023. http://www.ifip119.org CSF 2023 36th IEEE Computer Security Foundations Symposium, Dubrovnik, Croatia, July 10-14, 2023. https://csf2023.ieee-security.org Submission dates: 13 May 2022, 30 September 2022, and 3 February 2023 OSNeHM 2023 1st International workshop on Online Social Networks in the Human-centric Metaverse, Co-located with the Web Conference 2023, Austin, Texas, USA, April 30 - May 4, 2023. https://osnehm.iit.cnr.it/ Submission date: 6 February 2023 USENIX Security 2023 32nd USENIX Security Symposium, Anaheim, CA, USA, August 9-11, 2023. https://www.usenix.org/conference/usenixsecurity23/call-for-papers Submission date: 7 June 2022, 11 October 2022, and 7 February 2023 CSCML 2023 7th International Symposium on Cyber Security Cryptography and Machine Learning, Virtually, Beer-Sheva, Israel, June 29-30, 2023. https://www.cscml.org/cscml2023 Submission date: 7 February 2023 SaTML 2023 IEEE Conference on Secure and Trustworthy Machine Learning, Raleigh, North Carolina, USA, February 8-10, 2023. https://satml.org DFRWS 2023 23rd Annual Digital Forensics Research Conference, Baltimore, MD, USA, July 9-12, 2023. https://dfrws.org/conferences/dfrws-usa-2023/ Submission date: 10 February 2023 NDSS 2023 32nd Network and Distributed System Security Symposium, San Diego, California, USA, February 27 - March 3, 2023. https://www.ndss-symposium.org/ndss2023-call-for-papers/ VehicleSec 2023 Inaugural Symposium on Vehicle Security and Privacy, Held in conjunction with the Network and Distributed System Security Symposium (NDSS 2023), San Diego, CA, USA, February 27, 2023. https://www.ndss-symposium.org/ndss2023/cfp-vehiclesec/ USEC 2023 Usable Security and Privacy Symposium, Held in conjunction with NDSS 2023, San Diego, California, USA, February 27 - March 3, 2023. https://www.usablesecurity.net/USEC/usec23/ PETS 2023 23rd Privacy Enhancing Technologies Symposium, Lausanne, Switzerland, Hybrid, July 10-15, 2023. https://petsymposium.org/cfp23.php Submission dates: 31 May 2022, 31 August 2022, 30 November 2022, 28 February 2023 WTMC 2023 8th International Workshop on Traffic Measurements for Cybersecurity, Co-located with 8th IEEE European Symposium on Security and Privacy (IEEE EuroS&P 2023), Delft, The Netherlands, July 7, 2023. https://wtmc.info/ Submission date: 10 March 2023 FSE 2023 29th Fast Software Encryption, Beijing, China, March 20-24, 2023. https://fse.iacr.org/2023/ RAID 2023 26th International Symposium on Research in Attacks, Intrusions and Defenses, Hong Kong, October 16-18, 2023. https://raid2023.org/call.html Submission date: 23 March 2023 FHE 2023 2nd Annual FHE.org Conference on Fully Homomorphic Encryption, Co-located with Real World Crypto 2023, Tokyo, Japan, March 26, 2023. https://fhe.org/conferences/conference-2023/home CODASPY 2023 ACM Conference on Data and Application Security and Privacy, Charlotte, NC, USA, April 24-26, 2023. http://www.codaspy.org/2023/ OSNeHM 2023 1st International workshop on Online Social Networks in the Human-centric Metaverse, Co-located with the Web Conference 2023, Austin, Texas, USA, April 30 - May 4, 2023. https://osnehm.iit.cnr.it/ HOST 2023 16th IEEE International Symposium on Hardware Oriented Security and Trust, San Jose, CA, USA, May 1-4, 2023. http://www.hostsymposium.org CCS 2023 30th ACM Conference on Computer and Communications Security, Copenhagen, Denmark, November 26-30, 2023. https://www.sigsac.org/ccs/CCS2023/index.html Submission date: 19 January 2023 and 4 May 2023 SP 2023 44th IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May 22-26, 2023. https://www.ieee-security.org/TC/SP2023/cfpapers.html ESORICS 2023 28th European Symposium on Research in Computer Security, Hague, Netherlands, September 25-29, 2023. https://esorics2023.org Submission dates: 22 January 2023 and 28 May 2023 USENIX Security 2024 33rd USENIX Security Symposium, Philadelphia, PA, USA, August 14-16, 2024. https://www.usenix.org/conference/usenixsecurity24 Submission dates: 6 June 2023, 17 October 2023, and 8 February 2024 MetaCom 2023 International Conference on Metaverse Computing, Networking and Applications, Kyoto, Japan, June 26-28, 2023. http://www.ieee-metacom.org/2023 CSCML 2023 7th International Symposium on Cyber Security Cryptography and Machine Learning, Virtually, Beer-Sheva, Israel, June 29-30, 2023. https://www.cscml.org/cscml2023 Euro S&P 2023 8th IEEE European Symposium on Security and Privacy, Delft, Netherlands, July 3-7, 2023. https://eurosp2023.ieee-security.org/cfp.html WTMC 2023 8th International Workshop on Traffic Measurements for Cybersecurity, Co-located with 8th IEEE European Symposium on Security and Privacy (IEEE EuroS&P 2023), Delft, The Netherlands, July 7, 2023. https://wtmc.info/ DFRWS 2023 23rd Annual Digital Forensics Research Conference, Baltimore, MD, USA, July 9-12, 2023. https://dfrws.org/conferences/dfrws-usa-2023/ ASIACCS 2023 18th ACM ASIA Conference on Computer and Communications Security, Melbourne, Australia, July 10-14, 2023. https://asiaccs2023.org/ PETS 2023 23rd Privacy Enhancing Technologies Symposium, Lausanne, Switzerland, Hybrid, July 10-15, 2023. https://petsymposium.org/cfp23.php CSF 2023 36th IEEE Computer Security Foundations Symposium, Dubrovnik, Croatia, July 10-14, 2023. https://csf2023.ieee-security.org USENIX Security 2023 32nd USENIX Security Symposium, Anaheim, CA, USA, August 9-11, 2023. https://www.usenix.org/conference/usenixsecurity23/call-for-papers USENIX Security 2024 33rd USENIX Security Symposium, Philadelphia, PA, USA, August 14-16, 2024. https://www.usenix.org/conference/usenixsecurity24 Submission dates: 6 June 2023, 17 October 2023, and 8 February 2024 ESORICS 2023 28th European Symposium on Research in Computer Security, Hague, Netherlands, September 25-29, 2023. https://esorics2023.org RAID 2023 26th International Symposium on Research in Attacks, Intrusions and Defenses, Hong Kong, October 16-18, 2023. https://raid2023.org/call.html CCS 2023 30th ACM Conference on Computer and Communications Security, Copenhagen, Denmark, November 26-30, 2023. https://www.sigsac.org/ccs/CCS2023/index.html USENIX Security 2024 33rd USENIX Security Symposium, Philadelphia, PA, USA, August 14-16, 2024. https://www.usenix.org/conference/usenixsecurity24 Submission dates: 6 June 2023, 17 October 2023, and 8 February 2024 USENIX Security 2024 33rd USENIX Security Symposium, Philadelphia, PA, USA, August 14-16, 2024. https://www.usenix.org/conference/usenixsecurity24 ==================================================================== Information on the Technical Committee on Security and Privacy ==================================================================== ____________________________________________________________________ Information for Subscribers and Contributors ____________________________________________________________________ SUBSCRIPTIONS: Two options, each with two options: 1. To receive the full ascii CIPHER issues as e-mail, send e-mail to cipher-admin@ieee-security.org (which is NOT automated) with subject line "subscribe". OR send a note to cipher-request@mailman.xmission.com with the subject line "subscribe" (this IS automated - thereafter you can manage your subscription options, including unsubscribing, yourself) 2. To receive a short e-mail note announcing when a new issue of CIPHER is available for Web browsing send e-mail to cipher-admin@ieee-security.org (which is NOT automated) with subject line "subscribe postcard". OR send a note to cipher-postcard-request@mailman.xmission.com with the subject line "subscribe" (this IS automated - thereafter you can manage your subscription options, including unsubscribing, yourself) To remove yourself from the subscription list, send e-mail to cipher-admin@ieee-security.org with subject line "unsubscribe" or "unsubscribe postcard" or, if you have subscribed directly to the xmission.com mailing list, use your password (sent monthly) to unsubscribe per the instructions at http://mailman.xmission.com/cgi-bin/mailman/listinfo/cipher or http://mailman.xmission.com/cgi-bin/mailman/listinfo/cipher-postcard Those with access to hypertext browsers may prefer to read Cipher that way. It can be found at URL http://www.ieee-security.org/cipher.html CONTRIBUTIONS: to cipher @ ieee-security.org are invited. Cipher is a NEWSletter, not a bulletin board or forum. It has a fixed set of departments, defined by the Table of Contents. Please indicate in the subject line for which department your contribution is intended. Calendar and Calls-for-Papers entries should be sent to cipher-cfp @ ieee-security.org and they will be automatically included in both departments. To facilitate the semi-automated handling, please send either a text version of the CFP or a URL from which a text version can be easily obtained. For Calendar entries, please include a URL and/or e-mail address for the point-of-contact. For Calls for Papers, please submit a one paragraph summary. See this and past issues for examples. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. All reuses of Cipher material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy, publications using Cipher material should obtain permission from the contributors. ____________________________________________________________________ Recent Address Changes ____________________________________________________________________ Address changes from past issues of Cipher are archived at http://www.ieee-security.org/Cipher/AddressChanges.html _____________________________________________________________________ How to become <> a member of the IEEE Computer Society's TC on Security and Privacy _____________________________________________________________________ You may easily join the TC on Security & Privacy (or other TCs) by completing the on-line form at IEEE at https://www.computer.org/web/tandc/technical-committees ______________________________________________________________________ TC Conference Publications Online ______________________________________________________________________ The proceedings of previous conferences are available from the Computer Society's Digital Library. IEEE Security and Privacy Symposium IEEE Computer Security Foundations IEEE European Security and Privacy Symposium From 2012 onward, these are available without charge from the digital library 12 months after the conference. ____________________________________________________________________________ TC Officers ____________________________________________________________________________ Chair: Security and Privacy Symposium Chair Emeritus: Brian Parno Rakesh Bobba Associate Professor Associate Professor Carnegie Mellon University Oregon State University tcchair at ieee-security.org https://eecs.oregonstate.edu/ people/bobba-rakesh Vice Chair: Treasurer: Gabriela Ciocarlie Yong Guan Elpha Secure Professor tcchair at ieee-security.org Department of Electrical and Computer Engineering Iowa State University, Ames, IA 50011 treasurer@ieee-security.org Newsletter Editor: Security and Privacy Symposium, 2023 Chair: Hilarie Orman Daniel Takabi Purple Streak, Inc. Associate Professor 500 S. Maple Dr. Georgia State University Woodland Hills, UT 84653 https://cas.gsu.edu/profile/daniel-takabi cipher-editor@ieee-security.org sp23-chair@ieee-security.org TC Awards Chair: Tegan Brennan Assistant Professor Stevens Institute of Technology tbrenna5 at stevens.edu ____________________________________________________________________________ BACK ISSUES: Cipher is archived at: http://www.ieee-security.org/cipher.html Cipher is published 6 times per year --=====================_purplestreak_932242421235479791===--