Skip to main content

Cybersecurity Artifacts Competition and Impact Award

Deadline: September 15 October 2
Notification: October 13 October 30

The competition is open to cybersecurity artifacts previously published in all peer-reviewed venues (conferences, journals), both in academia and industry, not just at ACSAC.

Make Submission

Importance of Cybersecurity Artifacts

Since 2017, ACSAC has encouraged the publication of software and data artifacts of academic research papers accepted at the conference. We strongly believe that publishing artifacts is an important step towards facilitating the reproducibility of research results and contributing to the real-world deployment of novel and reliable security solutions. To this end, this year we are introducing a new Artifacts Competition that is broadly open to cybersecurity artifacts previously published in all peer-reviewed venues (conferences, journals), both in academia and industry.

Cybersecurity Artifacts Competition

This competition invites the submission of applied cybersecurity artifacts that have been published in previous years in academic or industry venues. In particular, the competition aims to identify previously published applied security artifacts that have demonstrated meaningful impact for the security and privacy research communities. For instance, demonstrable impact may be represented by an artifact that has been reused in multiple subsequent publications by different research groups, that has received multiple "stars" and/or "forks" on platforms such as GitHub, or that has been successfully transitioned to a commercial technology.

Eligible Submissions

Eligible submissions include artifacts that meet the following conditions:

  1. The artifact is related to applied security or privacy technologies.
  2. The artifact consists of one or more of the following
    1. open-source software
    2. open or reusable dataset
    3. online service that can be used free of charge for research
    4. open testbed that can be used free of charge for research
    5. user study materials such as questionnaires or codebooks for qualitative analyses
  3. The artifact is part of previously published academic or industry research.
  4. For this year’s competition, the artifact must have been published before 2021 (i.e., the publication date must be on or before Dec. 31, 2020) and demonstrate that it has since accumulated some meaningful (even if small) impact with benefits for the security research community. This timeline will be rolling forward accordingly each year.

Definition of "Impact"

Examples of demonstrable impact include, but are not limited to, the following:

  1. The artifact has been reused and cited in subsequent research publications presented in academic or industry venues.
  2. The artifact has been released as open-source software and has received demonstrable appreciation by the security community (e.g., in the form of "stars," "forks," or other types of citations).
  3. The artifact has been successfully transitioned to a commercial technology.
  4. The artifact consists of an online service that is open to the public or to researchers and demonstrates a significant number of users benefiting from it.
  5. The artifact has become a de facto benchmark for one or more use cases.

Submission Process

To take part in the competition, authors should submit the following:

  1. A URL pointing to the artifacts’ online repository and documentation.
  2. A short paper that describes what problem the artifacts address, how the artifacts work, and provides evidence of the artifacts’ impact since their initial release.

Short papers accompanying the artifacts submission must be in PDF format and not exceed 4 pages, excluding well-marked references. The paper format should follow the 2-column ACM acmart template available at, using the [sigconf] option.

Make Submission

Initial Review, Finalists Notifications and Presentations at ACSAC

The Artifacts Competition Committee will review the artifacts by evaluating the description paper that accompanies each submission, the utility of the artifact, as well as other available documentation (e.g., online documentation).

Based on the quality of the description, documentation, utility of the artifacts and evidence of impact, the committee will select up to 10 top finalist artifacts for further review. The authors of these finalist submissions will be notified and will be invited to the ACSAC conference for an oral presentation of their artifacts’ design, technical demonstration, and impact.

Impact Award and Publication

The Artifacts Competition committee will then select up to three best artifacts among the finalist submissions, which will be awarded the "2023 ACSAC Cybersecurity Artifacts Impact Award" (1st place, 2nd place, and 3rd place) at the conference. Short papers of all the finalist submissions will be published on the ACSAC website with open access.


For questions regarding this competition, please contact