Call for Submissions

ACSAC is an internationally recognized forum where practitioners, researchers, and developers in information system security meet to learn and to exchange practical ideas and experiences.

If you are developing practical solutions to problems relating to protecting commercial enterprises' or countries' information infrastructures, consider submitting your work to the Annual Computer Security Applications Conference.

We solicit submissions that address the application of security technology, the implementation of systems, and lessons learned. While we are interested in a variety of topics, we especially encourage submissions in the area of our Hard Topic Theme for 2017, Big Data for Security.

Format Description Deadline Notification
(tentative)
Technical Trackpeer-reviewed papers on new workJune 8, 2017
 11:59pm ET
Aug. 18, 2017
Case Studiesreal-world security application reportsJune 8, 2017Aug. 15, 2017
Panelsinteractive expert panelsJune 8, 2017Aug. 15, 2017
Professional
Development
Courses
in-depth courses on current security topicsJune 8, 2017July 19, 2017
Workshops1-2 day sessions on hot topicsJune 8, 2017Aug. 15, 2017
Postersnew and innovative preliminary workAug. 1 to
Sept. 8
, 2017
rolling
Works in Progressshort works-in-progress reportsSept. 8, 2017Sept. 14, 2017
Conferenceshipsstudent grant requestsSept. 8, 2017Oct. 15, 2017

Submission Formats:

Technical Track Paper Submissions (contact Program Chair)

  • Davide Balzarotti, Eurecom (Program Chair)
  • Juan Caballero, IMDEA Software Institute (Program Co-Chair)
We solicit papers offering novel contributions in any aspect of applied security. Papers are encouraged on results that have been demonstrated to be useful for improving information systems security and that address lessons learned from actual application. Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. Please ensure that your submission is a PDF file of a maximum of 10 pages, excluding well-marked references and appendices limited to 5 pages. (Updated 5/7/17) Submissions must be generated using the new ACM 2017 acmart template available at http://www.acm.org/sigs/publications/proceedings-templates, using the [sigconf, anonymous] options. Submissions should not use older ACM templates (e.g., sig-alternate). If you encounter any problems with the acmart template, please contact acmtexsupport@aptaracorp.com. You can also report problems with the template to https://github.com/borisveytsman/acmart/issues so that they are reviewed by SIG volunteers.

All submissions must be anonymous (i.e., papers should not contain author names or affiliations, or obvious citations). In the rare case that citing previous work in the 3rd person is impossible, blind the reference and notify the PC Chair.

Submissions are to be made using the OpenConf system on this site. Only PDF files will be accepted and papers must be submitted by the deadline listed on the conference website. All authors of accepted papers must guarantee that their papers will be presented at the conference. In case the authors encounter problems to obtain a VISA to participate to the conference, they are encouraged to contact the Program Chairs as soon as possible to discuss possible solutions.

Papers will be reviewed in two consecutive rounds, and early-reject notifications will be sent to authors after the first round, if a paper has received only strongly negative reviews. Appeals based on factual disagreements may be submitted to the Program Chairs, who may appoint an independent reviewer to decide the appeal. In any case, papers cannot be re-submitted elsewhere until the authors are notified of acceptance or rejection, early or otherwise. These constraints are hard constraints. Submissions not meeting these guidelines risk rejection without consideration of their merits.

Hard Topic Theme

This year, ACSAC especially encourages submissions in the area of Big Data *for* Security. The security industry is rapidly amassing an incredible amount of information: billions of malicious samples and emails attachments, Internet-wide scans that can be repeated multiple times a day, collections of DNS queries and HTTP requests, and an unprecedented amount of open source software to mine for vulnerabilities are only the tip of the iceberg. This information allows researchers to observe phenomena that do not manifest on a small scale and can play an important role in many other aspects of security, from analytics and intelligence support, to training automated classification and reasoning techniques. However, using large datasets in security also faces many technical and scientific challenges. Therefore, we need to design new data-driven techniques and we need to rethink our existing solutions to take advantage of this vast amount of information to improve security.

Submissions in this area include (but are not limited to) the use of machine learning and data mining techniques to explore and extract information from large datasets of security-relevant information, or to better cluster and classify their data. They also include the presentation of new large-scale data collection and analysis techniques, and the discussion of longitudinal studies that bring new insights into attackers' behavior, or help researchers to better understand the evolution of a given threat.

Artifact Submission

Security research is often criticized for the poor reproducibility of its results. Unfortunately, authors seldom release the software they develop and the datasets they use to perform their experiments. This makes it difficult to compare different solutions and force other researchers to undergo the tedious and error-prone task of re-implementing previous approaches and to compare solutions on different datasets, which is not desirable.

To help improve this situation, this year ACSAC encourages authors of accepted papers to submit software and data artifacts and make them publicly available to the entire community . These artifacts are not part of the paper evaluation. Their submission is strictly optional and occurs only after a paper has been accepted - to prevent any influence on the decision process. Authors who decide to participate in this program will interact with a special committee dedicated to verifying the submitted artifacts (e.g., to test that source code compiles and runs correctly, or that datasets content match their description). Authors can decide what they want to submit (software, data, or both) and the verification procedure will take place in parallel with the preparation of the camera-ready version of the paper. The authors of the submitted artifacts need to commit to keep them available online on a publicly accessible website for a minimum period of three months between October and December 2017.

We believe that this is an important initiative that can help the entire community increase its reputation, and make research in the security field proceeds faster by taking advantage of systems previously built by other researchers. Therefore we plan to reward authors who participate in this program with a special mention during the conference and on the ACSAC webpage, a stamp of reproducibility on their papers, and (if enough authors participate to the program) by reserving a Distinguished Paper Award for this group.

More info


Case Studies in Applied Security (contact Case Studies Chair)

  • Larry Wagoner, NSA (Case Studies Co-Chair)
  • Randy Smith, Boeing (Case Studies Co-Chair)
The Case Studies in Applied Security Track is a critical part of the technical conference. It is an opportunity for professionals to share information that is current without writing a detailed technical paper, but enables attendees to learn about the next generation of products and solutions. It is open to anyone in the community such as vendors, network providers, systems integrators, government civil/federal/military programs or users across the spectrum of computer security applications. Potentially this is where attendees can learn about client needs and vendors solutions. This year we are especially interested in automated solutions based on existing knowledge. While the Case Studies will not be included in the Proceedings, the presentations will be posted to the ACSAC site following the conference.

More info


Professional Development Courses (contact Professional Development Chair)

  • Daniel Faigin, The Aerospace Corporation, USA. (Professional Development Chair)
Courses (formerly known as Tutorials) are full (6 hour) or half (3 hour) day classes on how to apply or use a particular technology to address a security need. A typical course submission includes an abstract of the course, a brief (1-2 page) outline, an instructor bio, an indication of length, and notes on prerequisites and textbooks. Course instructors receive an honorarium and expenses. If you would like to indicate a topic you would like to see, you may do that as well; please suggest an instructor if you can.

More info


Panels (contact Panels Chair)

  • Suzanne McIntosh, Cloudera and NYU (Panels Co-Chair)
  • Adam Aviv, USNA
Panels are encouraged on the topics listed above. Panels may frame a debate on a controversial question or summarize interesting results, but they must encourage audience participation. A typical submission will include a proposed moderator, panel members (usually 3-5) and an abstract of the proposed topic.

More info


Workshops (contact Workshops Chair)

  • Harvey Rubinovitz, The MITRE Corporation (Workshops Chair)
ACSAC workshops are on up to date topics that attendees usually rate to provide a useful and exciting forum for information technology professionals (e.g., standards developers, software developers, security engineers, security officers) to exchange ideas, concerns, and opinions.

More info


Posters (contact Posters Chair)

  • Thomas Moyer, MIT Lincoln Laboratory (Posters Chair)
The poster session provides an opportunity for researchers and practitioners to present their new and innovative preliminary work in an informal, interactive setting. Conference attendees can learn about novel on-going research projects that might not yet be complete, but whose preliminary results are already interesting. Poster presenters will have an opportunity to discuss their work and get invaluable feedback from knowledgeable sources at an early stage of their research.

More info


Works In Progress (contact WIP Chair)

  • Thomas Moyer, MIT Lincoln Laboratory (WiP Chair)
The Works in Progress (WiP) session offers short presentations (5 minutes maximum) of ongoing work. These presentations highlight the most current work in both business and academia, emphasizing goals and value added, accomplishments to date, and future plans. Special consideration is given to topics that discuss real life security experience, including system implementation, deployment, and lessons learned.

More info


Conferenceship Grants

ACSAC offers conferenceships to enable students to attend the conference. This program will help pay for some of the cost to attend ACSAC. Additional information about this program is available on the Student Awards page.


Additional Information

ACSAC does not accept "speaking proposals" per se, however; you are encouraged to submit suggestions in the form of a one paragraph description of a topic and a biography of the proposed presenter. Depending on a proposal's technical content, it may be acceptable as a case study. If a full paper is available, it may be acceptable as a technical paper. If a presentation by a group of related speakers is contemplated, a proposal for this session may be acceptable as a panel or forum. If a proposal for a half day or full day seminar is appropriate, it may be acceptable as a tutorial. If a one or two page technical writeup is available that describes work that is not yet completed, it may be acceptable as a poster. Finally, if your have an interest in a full day interactive dialogue, exchanging ideas, opinions and concerns between multiple presenters and attendees, consider being a workshop presenter.

For More Information

About the Sponsor

Applied Computer Security Associates (ACSA) had its genesis in the first Aerospace Computer Security Applications Conference in 1985. That conference was a success and evolved into the Annual Computer Security Applications Conference (ACSAC). Several years ago the word "Aerospace" was dropped from the name to promote a wider range of government and commercial applications. ACSA was incorporated in 1987 as a non-profit association of computer security professionals who have a common goal of improving the understanding, theory, and practice of computer security. ACSA continues to be the primary sponsor of the annual conference.

In 1989, ACSA began the Distinguished Lecture Series at the annual conference. Each year, an outstanding computer security professional is invited to present a lecture of current topical interest to the security community. In 1991, ACSA began a Best-Paper by a Student Award, presented at the Annual conference. This award is intended to encourage active student participation in the annual conference. The award winning student author receives an honorarium and all expenses to the conference.

ACSA continues to be committed to serving the security community by finding additional approaches for encouraging and facilitating dialogue and technical interchange. ACSA is always interested in suggestions from interested professionals and computer security professional organizations on how to achieve these goals.

Additional ACSA Events:
NSPW – New Security Paradigms Workshop
LASER – Learning from Authoritative Security Experiment Results