Conference Information
ACSAC 2019: Annual Computer Security Applications Conference
Submission Date:
2019-06-15 Extended
Notification Date:
Conference Date:
San Juan, Puerto Rico, USA
CCF: b   CORE: a   QUALIS: a1   Viewed: 16457   Tracked: 82   Attend: 10

Conference Location
Call For Papers
Submission Formats:

Technical Track Paper Submissions (contact Program Chair)

    Guofei Gu, Texas A&M University (Program Chair)
    Danfeng (Daphne) Yao, Virginia Tech (Program Co-Chair)

We solicit papers offering novel contributions in any aspect of applied security. Papers are encouraged on results that have been demonstrated to be useful for improving information systems security and that address lessons learned from the actual application. Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. Please ensure that your submission is a PDF file of a maximum of 10 pages, excluding well-marked references and appendices limited to 5 pages. Committee members are not required to read the appendices. Submissions must be generated using the ACM acmart template available at, using the [sigconf, anonymous] options. Submissions should not use older ACM templates (e.g., sig-alternate).

All submissions must be anonymous (i.e., papers should not contain author names or affiliations, or obvious citations). In the rare case that citing previous work in the 3rd person is impossible, blind the reference and notify the PC Chair. Submissions violating any of the above constraints, e.g., going beyond the page limit, moving to Appendices content that belongs in the main body, or failing to properly anonymize, risk rejection without consideration of their merits.

Submissions are to be made using the HotCRP system. Only PDF files will be accepted and papers must be submitted by the deadline listed on the conference website. Papers will be reviewed in two consecutive rounds, and early-reject notifications will be sent to authors after the first round, if a paper has received only strongly negative reviews. Appeals based on factual disagreements may be submitted to the Program Chairs, who may appoint an independent reviewer to decide the appeal. In any case, papers cannot be re-submitted elsewhere until the authors are notified of acceptance or rejection, early or final, and until any appeal has been resolved.

All authors of accepted papers must guarantee that their papers will be presented at the conference. In case the authors encounter problems to obtain a VISA to participate in the conference, they are encouraged to contact the Program Chairs as soon as possible to discuss possible solutions.

Hard Topic Theme: Deployable and Impactful Security — Submissions are to be made using the HotCRP system
This year's hard topic theme solicits research results and technologies that are more practical and applied, and can be potentially deployed, where they can have a direct impact on improving the quality of cybersecurity in real-world systems. Deployable and impactful security generally involves the design and development of defensive solutions, rather than simply expose weaknesses and vulnerabilities. While ACSAC has always solicited work on applied security, by having it as a hard topic theme we hope to put greater emphasis on deployability and impactfulness.

Deployable and impactful security needs to address key real-world challenges, which may include accuracy, runtime overhead, ground-truth labeling, human aspects, usability, and energy consumption. Deployable and impactful security does not necessarily mean building a complete system, which may not be realistic, particularly in an academic environment. However, the work needs to identify key deployment challenges, explain the deficiencies in state-of-the-art solutions, and experimentally demonstrate the effectiveness of the proposed approaches and (potential) impact to the real world. The work may involve prototyping, defining metrics, benchmark evaluation, and experimental comparison with state-of-the-art approaches in testbeds or real-world pilots, possibly with operational data. Having the deployability and impactfulness goal motivates one to focus on solving the most critical real-world challenges, which may otherwise be ignored by the fast-moving research community.

Artifact Submission
Security research is often criticized for the poor reproducibility of its results. Unfortunately, authors seldom release the software they develop and the datasets they use to perform their experiments. This makes it difficult to compare different solutions and force other researchers to undergo the tedious and error-prone task of re-implementing previous approaches and to compare solutions on different datasets, which may not be a fair comparison.

To help improve this situation, ACSAC encourages authors of accepted papers to submit software and data artifacts and make them publicly available to the entire community. These artifacts are not part of the paper evaluation. Their submission is strictly optional and occurs only after a paper has been accepted - to prevent any influence on the decision process. Authors who decide to participate in this program will interact with a special committee dedicated to verifying the submitted artifacts (e.g., to test that source code compiles and runs correctly, or that datasets content match their description). Authors can decide what they want to submit (software, data, or both) and the verification procedure will take place in parallel with the preparation of the camera-ready version of the paper. The authors of the submitted artifacts need to commit to keeping them available online on a publicly accessible website for a minimum period of three months between October and December 2020.

We believe that this is an important initiative that can help the entire community increase its reputation, and make research in the security field proceeds faster by taking advantage of systems previously built by other researchers. Therefore we plan to reward authors who participate in this program with a special mention during the conference and on the ACSAC webpage, a stamp of reproducibility on their papers, and (if enough authors participate to the program) by reserving a Distinguished Paper Award for this group.

» Technical Track submission details and FAQ

Case Studies in Applied Security (contact Case Studies Co-Chairs)

    Larry Wagoner, NSA (Case Studies Co-Chair)
    Randy Smith, Boeing (Case Studies Co-Chair)

The Case Studies in Applied Security Track is a critical part of the technical conference. It is an opportunity for professionals to share information that is current without writing a detailed technical paper, but enables attendees to learn about the next generation of products and solutions. It is open to anyone in the community such as vendors, network providers, systems integrators, government civil/federal/military programs or users across the spectrum of computer security applications. Potentially this is where attendees can learn about client needs and vendors solutions. In keeping with this year's theme of "Big Data for Security", we seek presentations where Big Data techniques and Emergent Properties of Data were leveraged to solve cybersecurity problems; both successful examples and lessons learned are encouraged. We also welcome broader submissions addressing solutions to current cybersecurity challenges. While the Case Studies will not be included in the Proceedings, the presentations will be posted to the ACSAC site following the conference.

» Case Studies submission details and FAQ

Training Workshops (contact Training Chair)

    Daniel Faigin, The Aerospace Corporation, USA. (Training Chair)

Training Workshops are a full day (6 hours) hands-on experience that combines traditional training segments with hands-on application of the material presented. The goal should be to have the formal instructional portions be no more than 50% of the overall experience. General cybersecurity training is available from a wide variety of in-person and online sources, so ACSAC courses must provide a unique spin and hands-on experience not easily available elsewhere. Instructors receive an honorarium and expenses. If you would like to indicate a topic you would like to see, you may do that as well; please suggest an instructor if you can.

» Training Workshops submission details and FAQ

Panels (contact Panels Chair)

    Charles Payne, Adventium Labs (Panels Chair)

Panels should encourage audience participation and focus on the sharp edges of a topic where there is controversy or where there are widely varying positions. Panels focused on a topic related to the conference theme are especially welcomed, but this is not a hard requirement; some additional topics are listed here. A typical panel proposal should list the moderator, three panel members and an abstract of the proposed topic. Full details are provided on the Panels webpage.

» Panels submission details and FAQ

Workshops (contact Workshops Chair)

    Harvey Rubinovitz, The MITRE Corporation (Workshops Chair)

ACSAC workshops are on up to date topics that attendees usually rate to provide a useful and exciting forum for information technology professionals (e.g., standards developers, software developers, security engineers, security officers) to exchange ideas, concerns, and opinions.

» Workshops submission details and FAQ

Posters (contact Posters Co-Chairs)

    Adam Aviv, USNA (Poster Co-Chair)
    Kevin Roundy, Symantec Research Labs (Poster Co-Chair)

The poster session provides an opportunity for researchers and practitioners to present their new and innovative preliminary work in an informal, interactive setting. Conference attendees can learn about novel on-going research projects that might not yet be complete, but whose preliminary results are already interesting. Poster presenters will have an opportunity to discuss their work and get invaluable feedback from knowledgeable sources at an early stage of their research.

» Posters submission details and FAQ

Works in Progress (contact WIP Co-Chairs)

    Adam Aviv, USNA (WiP Co-Chair)
    Kevin Roundy, Symantec Research Labs (WiP Co-Chair)

The Works in Progress (WiP) session offers short presentations (5 minutes maximum) of ongoing work. These presentations highlight the most current work in both business and academia, emphasizing goals and value added, accomplishments to date, and future plans. Special consideration is given to topics that discuss real life security experience, including system implementation, deployment, and lessons learned.

» WiP submission details and FAQ
Last updated by Dou Sun in 2019-06-11
Acceptance Ratio
Related Conferences
CCFCOREQUALISShortFull NameSubmissionNotificationConference
ICTCInternational Conference on ICT Convergence2019-08-012019-09-012019-10-16
CSAInternational Conference on Computer Science and its Applications2014-08-052014-08-202014-12-17
ARMWorkshop on Adaptive and Reflective Middleware2016-08-262016-10-032016-12-12
ICCAAEInternational Conference on Computer Applications and Applied Electronics2016-08-262016-08-312016-09-10
ICCDAInternational Conference on Computer Design and Applications2011-03-012011-03-152011-05-27
bTrustBusInternational Conference on Trust, Privacy, and Security in Digital Business2016-04-042016-06-062016-09-05
CIAInternational Conference on Computer, Information and Application2016-03-302016-04-152016-05-19
aa*a1EurocryptInternational Conference on the Theory and Applications of Cryptographic Techniques2019-09-262020-01-212020-05-10
bb2IWANNInternational Work Conference on Artificial Neural Networks2019-03-012019-03-212019-06-12
cba2COMPSACInternational Computer Software and Applications Conference2020-01-202020-04-032020-07-13