All tracks/topics are open to both research and industry contributions.
Tracks:
ARCH: Security frameworks, architectures and protocols
Formal aspects of security;
Security analysis methodologies;
Security verification; Security protocols;
Security architectures and formalisms;
Security and design vulnerability;
Security and privacy protection;
Performance and security;
Secure group communication/multicast;
Software design security;
Middleware security;
Security for nomadic code;
Intrusion detection systems;
Static analysis for software security; Security modeling
METRICS: Security, trust and privacy measurement
Security, trust and privacy metrics; Security assurance metrics; Security measurement architectures; Metrics for adaptive security systems; Taxonomical and ontological support of security metrics; Experiments and benchmarks for security measurements; Embedding security measurability in software and service architectures; Risk-driven assessment of security; Assessment of effectiveness, efficiency and correctness of security; Mapping security metrics and security assurance metrics; Mapping security measurements and non-functional requirements
Secure protocols;
Applied cryptography;
Smart cards;
Biometrics;
Digital rights management;
Electronic surveillance;
Database security
SYSSEC: System security
Internet security;
Security in wireless;
Sensor/cellular network security;
Ad hoc network security;
Security in peer-to-peer networks;
Security in wireless multimedia systems;
Security in different networks (mesh, personal, local, metropolitan, GSM, Bluetooth, WiMax, IEEE 802.x, etc.);
Security of emergency services
INFOSEC: Information security
Information hiding;
Anonymity;
Authentication;
Data Integrity;
Security data mining;
Data confidentiality and integrity;
Information flow protection;
Trustworthy networks: authentication, privacy and security models;
Secure service discovery;
Secure location-based service;
Information survivability
RISK: Risk and security
Operational risk (opRisk); OpRisk and field studies; Reputation risk; Risk and security-awareness; Business continuity and disaster recovery; Privacy-awareness; Security and trust
MALWA: Malware and Anti-malware
Threat taxonomies and modeling; Security threats; Threats propagation; Anti-malware technologies;
Engineering anti-malware;
Anti-virus, anti-spyware, anti-phishing;
Malware propagation models;
Profiling security information;
Vulnerability analysis and countermeasures;
Denial of service attacks;
Measurements and metrics;
Testing samples and techniques;
Quarantine/reuse decisions;
Anti-malware tool performance;
Anti-malware tool suites;
Open-source anti-malware;
Host-based anti-malware;
On-line anti-malware scanning
MISUSE: Electronic abuse protection
Messaging, viruses, spyware;
Advanced misuse detection techniques /machine learning, natural language processing, challenge-response, etc./; Message filtering, blocking, authentication;
Digital signatures;
Generalized spamming /over email, Internet telephony, instant messaging, mobile phone, phishing, etc. /; Spam compression and recognition;
Learning misuse patterns;
Payment schemes;
Economics of generalized spam;
Tracking abuse tactics and patterns;
Protecting legitimate use patterns;
Methods for testing protection robustness;
Costs and benefits of messaging use and misuse;
Standards for messaging and misuse reporting;
Legal aspects /identity theft, privacy, freedom of speech, etc./
ANTIFO: Anti-forensics
Advanced anti-forensics mechanisms;
Smart anti-forensics;
e-discovery industry and anti-forensics;
Overwriting data and metadata;
Data hiding approaches;
Detecting forensics analysis;
Anti-forensics tools;
Unix-, Windows-, and Linux anti-forensics techniques;
Open source anti-forensics tools;
Network anti-forensics tools
PRODAM: Profiling data mining
User and traffic profiling;
Data mining and visualization;
Profile mining and knowledge discovery;
Mining lifecycle for profile collections;
Profile warehouse construction;
Profile portfolio and profile discovery;
Profiling game users and game traffic;
Profiling transactions;
Simpson'd paradox;
Real-time profiling mechanisms;
Patterns for information profiling;
Profiling engines;
Profiling metrics;
Forensics;
Profiling applications (banks, on-line shopping, etc.);
Data mining-based user profile prediction
SECHOME: Smart home security
Fundamentals for SHS;
Privacy and protection for SHS;
Identify and location management in SHS;
Authentication and authorization in SHS;
Access control and security policies in SHS;
Trust and reputation management;
Security context-based interfaces for SHS;
SHS for accessibility and elderly/disabled people;
Real-time challenges for SHS in eHealth environments;
Architectures and systems for SHS;
Network technologies and protocols for SHS;
Ubiquitous/pervasive platform and middleware for SHS;
Services and applications for SHS;
SHS on campuses and hotels;
SHS for mission critical laboratories;
Content protection and digital rights management for SHS;
Intelligent devices, sensor network/RFID for SHS;
Intrusion detection and computer forensics for SHS;
SHS and Homeland security;
Personal data privacy and protection in SHS;
Emerging standards and technologies for SHS; Commercial and industrial for SHS;
Case studies, prototypes and experience
SECDYN: Security and privacy in dynamic environments
Fundamentals on highly dynamic environments;
Privacy and predefined access control dilemma;
Privacy police, provisions and obligations;
Dependability in dynamic environments;
Protection of digital documents in dynamic environments;
On-line activities in high dynamic systems;
Law enforcement in high dynamic systems;
Personalization;
Privacy and transparency;
Distributed usage control;
Privacy compliance; Secure ambient intelligence; Secure embedded microprocessor architectures; Secure compilation techniques
ECOSEC: Ecosystem security and trust
Secure and trusted service compositions in peer-to-peer networks;
Secure data management in collaborative peer-to-peer networks;
Security and reputation models for self-adaptive overlay networks;
Identity and trust management in dynamic, self-organizing environments;
Social institutional-based trust models for self-evolving communities
CRYPTO: Cryptography
Foundations of cryptography;
Applied cryptography;
Cryptanalysis;
Signatures schemes and trust models;
Cryptographic algorithms;
Electronic payment systems;
High-performance encryption methods;
Group-oriented cryptography;
Identity-based cryptography;
Anonymous authentication;
Cryptography for multi-user environments;
Cryptography and secure localization systems;
Attacks on cryptosystems
CYBER-Threat
e-Crime; Epidemiological models for warware and cyber-crime propagation; Record and retrieval of cyber-crimes; Cyber-crime prevention; Cyber-crime vulnerabilities; Cyber-counterattack at source; Distributed cyber-attacks; Orchestrated cyber-attacks; Recursion attacks; Cyber-storm attacks; Cyber-pranks, hoaxes; Phishing/Pharming and anti-phishing; Cyber-terrorism; Online cyber-crime reporting; Accuracy and security of cyber-reports; Fighting cyber-crimes; Cyber-crime laws