Call for Submissions

ACSAC is an internationally recognized forum where practitioners, researchers, and developers in information system security meet to learn and to exchange practical ideas and experiences.

If you are developing practical solutions to problems related to the protection of users, commercial enterprises, or countries' information infrastructures, consider submitting your work to the Annual Computer Security Applications Conference.

We solicit submissions that address the application of security technology, the implementation of systems, and the discussion of lessons learned. While we are interested in a variety of topics, we especially encourage submissions in the area of our Hard Topic Theme for 2018, Big Data for Security.

Format Description Deadline Notification
Technical Trackpeer-reviewed papers on new workJune 15, 2018
 11:59pm PST
Aug. 23, 2018
Case Studiesreal-world security application reportsJune 15, 2018Aug. 15, 2018
Panelsinteractive expert panelsJune 15, 2018Aug. 15, 2018
in-depth courses on new and emerging security topicsJune 15, 2018July 19, 2018
Workshops1-2 day sessions on hot topicsJune 15, 2018Aug. 15, 2018
Postersnew and innovative preliminary workAug. 1 to
Nov. 15
, 2018
Works in Progressshort works-in-progress reportsSept. 15, 2018Sept. 30, 2018
Conferenceshipsstudent grant requestsSept. 15, 2018Oct. 15, 2018

Submission Formats:

Technical Track Paper Submissions (contact Program Chairs)

  • Juan Caballero, IMDEA Software Institute (Program Chair)
  • Guofei Gu, Texas A&M University (Program Co-Chair)
We solicit papers offering novel contributions in any aspect of applied security. Papers are encouraged on results that have been demonstrated to be useful for improving information systems security and that address lessons learned from actual application. Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. Please ensure that your submission is a PDF file of a maximum of 10 pages, excluding well-marked references and appendices limited to 5 pages. Committee members are not required to read the appendices. Submissions must be generated using the ACM 2017 acmart template available at, using the [sigconf, anonymous] options. Submissions should not use older ACM templates (e.g., sig-alternate).

All submissions must be anonymous (i.e., papers should not contain author names or affiliations, or obvious citations). In the rare case that citing previous work in the 3rd person is impossible, blind the reference and notify the PC Chair. Submissions violating any of the above constraints, e.g., going beyond the page limit, moving to Appendices content that belongs in the main body, or failing to properly anonymize, risk rejection without consideration of their merits.

Submissions are to be made using the OpenConf system. Only PDF files will be accepted and papers must be submitted by the deadline listed on the conference website.

Papers will be reviewed in two consecutive rounds, and early-reject notifications will be sent to authors after the first round, if a paper has received only strongly negative reviews. Appeals based on factual disagreements may be submitted to the Program Chairs, who may appoint an independent reviewer to decide the appeal. In any case, papers cannot be re-submitted elsewhere until the authors are notified of acceptance or rejection, early or final, and until any appeal has been resolved.

All authors of accepted papers must guarantee that their papers will be presented at the conference. In case the authors encounter problems to obtain a VISA to participate to the conference, they are encouraged to contact the Program Chairs as soon as possible to discuss possible solutions.

Hard Topic Theme

This year, ACSAC especially encourages submissions in the area of Big Data for Security. The security industry is rapidly amassing an incredible amount of information: billions of malicious samples and emails attachments, Internet-wide scans that can be repeated multiple times a day, collections of DNS queries and HTTP requests, and an unprecedented amount of open source software to mine for vulnerabilities are only the tip of the iceberg. This information allows researchers to observe phenomena that do not manifest on a small scale and can play an important role in many other aspects of security, from analytics and intelligence support, to training automated classification and reasoning techniques. However, using large datasets in security also faces many technical and scientific challenges. Therefore, we need to design new data-driven techniques and we need to rethink our existing solutions to take advantage of this vast amount of information to improve security.

Submissions in this area include (but are not limited to) the use of machine learning and data mining techniques to explore and extract information from large datasets of security-relevant information, defenses against adversarial machine learning, and novel techniques to cluster and classify security data. They also include the presentation of new large-scale data collection and analysis techniques, and the discussion of longitudinal studies that bring new insights into attackers' behavior, or help researchers to better understand the evolution of a given threat.

Artifact Submission

Security research is often criticized for the poor reproducibility of its results. Unfortunately, authors seldom release the software they develop and the datasets they use to perform their experiments. This makes it difficult to compare different solutions and force other researchers to undergo the tedious and error-prone task of re-implementing previous approaches and to compare solutions on different datasets, which may not be a fair comparison.

To help improve this situation, ACSAC encourages authors of accepted papers to submit software and data artifacts and make them publicly available to the entire community. These artifacts are not part of the paper evaluation. Their submission is strictly optional and occurs only after a paper has been accepted - to prevent any influence on the decision process. Authors who decide to participate in this program will interact with a special committee dedicated to verifying the submitted artifacts (e.g., to test that source code compiles and runs correctly, or that datasets content match their description). Authors can decide what they want to submit (software, data, or both) and the verification procedure will take place in parallel with the preparation of the camera-ready version of the paper. The authors of the submitted artifacts need to commit to keep them available online on a publicly accessible website for a minimum period of three months between October and December 2018.

We believe that this is an important initiative that can help the entire community increase its reputation, and make research in the security field proceeds faster by taking advantage of systems previously built by other researchers. Therefore, we plan to reward authors who participate in this program with a special mention during the conference and on the ACSAC webpage, a stamp of reproducibility on their papers, and (if enough authors participate to the program) by reserving a Distinguished Paper Award for this group.

» Technical Track submission details and FAQ

Case Studies in Applied Security (contact Case Studies Co-Chairs)

  • Larry Wagoner, NSA (Case Studies Co-Chair)
  • Randy Smith, Boeing (Case Studies Co-Chair)
The Case Studies in Applied Security Track is a critical part of the technical conference. It is an opportunity for professionals to share information that is current without writing a detailed technical paper, but enables attendees to learn about the next generation of products and solutions. It is open to anyone in the community such as vendors, network providers, systems integrators, government civil/federal/military programs or users across the spectrum of computer security applications. Potentially this is where attendees can learn about client needs and vendors solutions. In keeping with this year's theme of "Big Data for Security", we seek presentations where Big Data techniques and Emergent Properties of Data were leveraged to solve cybersecurity problems; both successful examples and lessons learned are encouraged. We also welcome broader submissions addressing solutions to current cybersecurity challenges. While the Case Studies will not be included in the Proceedings, the presentations will be posted to the ACSAC site following the conference.

» Case Studies submission details and FAQ

Professional Development Courses (contact Professional Development Co-Chairs)

  • Daniel Faigin, The Aerospace Corporation, USA. (Professional Development Co-Chair)
  • Michael Clifford, Noblis NSP (Professional Development Co-Chair)
Courses (formerly known as Tutorials) are full (6 hour) or half (3 hour) day classes on how to apply or use a particular technology to address a security need. We especially welcome courses on new and emerging topics. A typical course submission includes an abstract of the course, a brief (1-2 page) outline, an instructor bio, an indication of length, and notes on prerequisites and textbooks. Course instructors receive an honorarium and expenses. If you would like to indicate a topic you would like to see, you may do that as well; please suggest an instructor if you can.

» Courses submission details and FAQ

Panels (contact Panels Chair)

  • Suzanne McIntosh, New York University - Courant Institute and Center for Data Science (Panels Chair)

Panels should encourage audience participation and focus on the sharp edges of a topic where there is controversy or where there are widely varying positions. Panels focused on a topic related to the conference theme are especially welcomed, but this is not a hard requirement; some additional topics are listed here. A typical panel proposal should list the moderator, three panel members and an abstract of the proposed topic. Full details are provided on the Panels webpage.

» Panels submission details and FAQ

Workshops (contact Workshops Chair)

  • Harvey Rubinovitz, The MITRE Corporation (Workshops Chair)
ACSAC workshops are on up to date topics that attendees usually rate to provide a useful and exciting forum for information technology professionals (e.g., standards developers, software developers, security engineers, security officers) to exchange ideas, concerns, and opinions.

» Workshops submission details and FAQ

Posters (contact Posters Co-Chairs)

  • Thomas Moyer, University of North Carolina at Charlotte (Posters Co-Chair)
  • Adam Aviv, USNA (Poster Co-Chair)
The poster session provides an opportunity for researchers and practitioners to present their new and innovative preliminary work in an informal, interactive setting. Conference attendees can learn about novel on-going research projects that might not yet be complete, but whose preliminary results are already interesting. Poster presenters will have an opportunity to discuss their work and get invaluable feedback from knowledgeable sources at an early stage of their research.

» Posters submission details and FAQ

Works in Progress (contact WIP Co-Chairs)

  • Thomas Moyer, University of North Carolina at Charlotte (WiP Co-Chair)
  • Adam Aviv, USNA (WiP Co-Chair)
The Works in Progress (WiP) session offers short presentations (5 minutes maximum) of ongoing work. These presentations highlight the most current work in both business and academia, emphasizing goals and value added, accomplishments to date, and future plans. Special consideration is given to topics that discuss real life security experience, including system implementation, deployment, and lessons learned.

» WiP submission details and FAQ

Conferenceship Grants

ACSAC offers conferenceships to enable students to attend the conference. This program will help pay for some of the cost to attend ACSAC. Additional information about this program is available on the Student Conferenceships page.

Additional Information

ACSAC does not accept "speaking proposals" per se, however; you are encouraged to submit suggestions in the form of a one paragraph description of a topic and a biography of the proposed presenter. Depending on a proposal's technical content, it may be acceptable as a case study. If a full paper is available, it may be acceptable as a technical paper. If a presentation by a group of related speakers is contemplated, a proposal for this session may be acceptable as a panel. If a proposal for a half day or full day seminar is appropriate, it may be acceptable as a professional development course. If a one or two page technical write-up is available that describes work that is not yet completed, it may be acceptable as a poster. Finally, if your have an interest in a full day interactive dialogue, exchanging ideas, opinions and concerns between multiple presenters and attendees, consider being a workshop presenter.

For More Information

About the Sponsor

Applied Computer Security Associates (ACSA) had its genesis in the first Aerospace Computer Security Applications Conference in 1985. That conference was a success and evolved into the Annual Computer Security Applications Conference (ACSAC). Several years ago the word "Aerospace" was dropped from the name to promote a wider range of government and commercial applications. ACSA was incorporated in 1987 as a non-profit association of computer security professionals who have a common goal of improving the understanding, theory, and practice of computer security. ACSA continues to be the primary sponsor of the annual conference.

In 1989, ACSA began the Distinguished Lecture Series at the annual conference. Each year, an outstanding computer security professional is invited to present a lecture of current topical interest to the security community. In 1991, ACSA began a Best-Paper by a Student Award, presented at the Annual conference. This award is intended to encourage active student participation in the annual conference. The award-winning student author receives an honorarium and all expenses to the conference.

ACSA continues to be committed to serving the security community by finding additional approaches for encouraging and facilitating dialogue and technical interchange. ACSA is always interested in suggestions from interested professionals and computer security professional organizations on how to achieve these goals.

Additional ACSA Events:
NSPW – New Security Paradigms Workshop
LASER – Learning from Authoritative Security Experiment Results