Conferences  >  Informatics  >  Information Security and Information Privacy

Entwickler Akademie

Vom 27. – 29. März 2023 präsentiert die Entwickler Akademie das Intensivseminar für IT-Security. Das IT Security Camp bietet während drei Workshoptagen einen ausführlichen Einstieg in die Thematik der IT-Sicherheit. Die Schulung mit Coach Christian Schneider ist durch den hohen Übungsanteil sehr praxisnah.

Das Training mit Christian Schneider, der als freiberuflicher White Hat Hacker, Trainer und Security-Coach tätig ist, richtet sich an Pentesting- und DevSecOps-interessierte Entwickler:innen, Test Engineers und DevOps Engineers, die an einem Intensiveinstieg in IT-Security interessiert sind. Die Teilnehmer:innen erlernen in drei Tagen nach dem Basiswerkzeug, tiefere offensive Fähigkeiten sowie defensive Techniken zur Automation von Security-Checks in CI/CD Pipelines. Das Programm besteht aus vier komplexen Teilen, in welchen das Ziel verfolgt wird, die Sicherheit eigener Projekte nachhaltig zu erhöhen.

Email: okougioumtzidou@sandsmedia.com

International Association for Cryptologic Research (IACR)

Real World Crypto Symposium aims to bring together cryptography researchers with developers implementing cryptography in real-world systems. The conference goal is to strengthen the dialogue between these two communities. Topics covered focus on uses of cryptography in real-world environments such as the Internet, the cloud, and embedded devices.

Cryptography, Blockchain and Information Security,    Algorithms and Data Structures

SANS Institute

Hands-On Cyber Security Training Taught by Real-World Practitioners. Attend in Orlando, FL or Live Online. Learn real-world cyber security skills from top industry experts during SANS 2023 (April 2-7). Join us in Orlando, FL or Live Online to experience interactive training with hands-on labs, practice your skills during one of our NetWars Tournaments, and network with your peers in real time. Choose your course and register now!

SANS Customer Service;     Phone: [301-654-7267];     Email: support@sans.org

cybersecurity, cyber security, cybersecurity training, cyber security training

Digital Forensics,    Mobile Computing & Telecommunication

The 14th International Workshop on Constructive Side-Channel Analysis and Secure Design will be organized by the Technical University of Munich and the Fraunhofer Institute for Applied and Integrated Security and will be held at the Fraunhofer Institute of Applied and Integrated Security in Garching near Munich.

Side-channel analysis (SCA) and implementation attacks have become an important field of research and a real threat. In order to enhance the resistance of cryptographic and security critical implementations within the design phase, constructive attacks and analyzing techniques may serve as a quality metric to optimize the design and development process. Since 2010, COSADE provides an international platform for researchers, academics, and industry participants to present their work and their current research topics.

Code-based cryptography is the area of research that focuses on the study of cryptosystems based on error-correcting codes, following the seminal work of McEliece and Niederreiter in the late 1970s - early 1980s. These systems have shown no vulnerabilities to quantum attackers and this research branch is widely regarded as one of the most promising in the so-called area of Post-Quantum Cryptography. Current efforts in code-based cryptography are directed at producing fast, secure and efficient schemes. Research in this area has also been fostered by the recent NIST's Post-Quantum Standardization call. The goal of this two-day event is to promote this research area to an increasingly larger audience.

co-located with Eurocrypt 2023

Over the last two decades a very wide range of standards have been developed covering many aspects of cyber security. These documents have been published by national and international formal standardisation bodies, as well as by industry consortia. Many of these standards have become very widely used - to take just one example, the ISO/IEC 27000 series of standards has become the internationally adopted basis for managing corporate information security. Despite their wide use, there will always be a need to revise existing security standards and to add new standards to cover new domains. The purpose of this conference is to discuss the many research problems deriving from studies of existing standards, the development of revisions to existing standards, and the exploration of completely new areas of standardisation. Indeed, many security standards bodies are only beginning to address the issue of transparency, so that the process of selecting security techniques for standardisation can be seen to be as scientific and unbiased as possible.

The SSR conferences are intended to cover the full spectrum of research on security standardisation, including, but not restricted to, work on cryptographic techniques (including ANSI, IEEE, IETF, ISO/IEC JTC 1/SC 27, ITU-T and NIST), security management, security evaluation criteria, network security, privacy and identity management, smart cards and RFID tags, biometrics, security modules, and industry-specific security standards (e.g. those produced by the payments, telecommunications and computing industries for such things as payment protocols, mobile telephony and trusted computing).

Association for Computing Machinery (ACM)

ACM SIGSAC announces the continuation of its annual ACM Conference on Data and Application Security and Privacy. The thirteenth conference will be held in Charlotte, NC, United States. With rapid global penetration of the Internet and smart phones and the resulting productivity and social gains, the world is becoming increasingly dependent on its cyber infrastructure. Criminals, spies and predators of all kinds have learned to exploit this landscape much quicker than defenders have advanced in their technologies. Security and Privacy has become an essential concern of applications and systems throughout their lifecycle. Security concerns have rapidly moved up the software stack as the Internet and web have matured. The security, privacy, functionality, cost and usability tradeoffs necessary in any practical system can only be effectively achieved at the data and application layers. This conference provides a dedicated venue for high-quality research in this arena, and seeks to foster a community with this focus in cyber security.

RSA Conference LLC

IEEE International Symposium on Hardware Oriented Security and Trust (HOST) is the premier symposium that facilitates the rapid growth of hardware-based security research and development. Since 2008, HOST has served as the globally recognized event for researchers and practitioners to advance knowledge and technologies related to hardware security and assurance.

Cryptography, Blockchain and Information Security,    Computing Hardware

Financial Cryptography and Data Security is a major international forum for research, advanced development, education, exploration, and debate regarding information assurance, with a specific focus on commercial contexts. The conference covers all aspects of securing transactions and systems. Original works focusing on both fundamental and applied real-world deployments on all aspects surrounding commerce security are solicited. Submissions need not be exclusively concerned with cryptography. Systems security and interdisciplinary works are particularly encouraged. The goal of the conference is to bring security and cryptography researchers and practitioners together with economists, bankers, implementers and policy-makers.

Cryptography, Blockchain and Information Security,    Mathematical Economics and Finance

Entwickler Akademie

Das Intensivtraining mit Christian Schneider, der als freiberuflicher White Hat Hacker, Trainer und Security-Coach tätig ist, richtet sich an Pentesting- und DevSecOps-interessierte Entwickler:innen, Test Engineers und DevOps Engineers, die an einem Intensiveinstieg in IT-Security interessiert sind.

Die Teilnehmer:innen erlernen in drei Tagen nach dem Basiswerkzeug, tiefere offensive Fähigkeiten sowie defensive Techniken zur Automation von Security-Checks in CI/CD Pipelines. Das Programm besteht aus vier komplexen Teilen, in welchen das Ziel verfolgt wird, die Sicherheit eigener Projekte nachhaltig zu erhöhen.

Einleitend werden die Web-Security Schwachstellen anhand der Trainingsanwendung präsentiert. Die Teilnehmenden betrachten die Ursachen der Lücken sowie deren Ausnutzungsrisiken und Formen der Absicherung. Im nächsten Schritt wird die Nutzung offensiverer Techniken erlernt, um tiefer in Systeme einzudringen (Post-Exploitation) und Rückkanäle sinnvoll aufzubauen. Der dritte Themenbereich befasst sich mit den Schwachstellen-Scans. Die Teilnehmer:innen untersuchen dabei teil-automatisiert die Außen- und Innensicht einer Anwendung: Beginnend mit der dynamischen Analyse zur Laufzeit (DAST) und darüberhinausgehend werden hierzu Methoden zur statischen Code-Analyse eingesetzt (unter Nutzung von OpenSource-Werkzeugen), um tiefere Abdeckung zu erzielen. Abschließend wird im vierten Teil des Camps die Frage verfolgt, wie man die Security-Scans soweit vollautomatisch laufen lassen kann, dass diese in Jenkins Build-Pipelines integriert werden. Es werden unter anderem Maßnahmen aufgezeigt, wie die teil-manuelle Analyse voll-automatisiert stattfinden kann (DevSecOps).

Entwickler Akademie;     Email: info@entwickler-akademie.de

IT Security, Sicherheitslücke finden, CI/CD Pipelines, Pentesting, Security-Checks, Container-Platform-Reviews, SQL-Injection

Hackmanit GmbH

RuhrSec is the annual English speaking non-profit IT security conference with cutting-edge security talks by renowned experts. RuhrSec provides academic and industry talks, the typical University feeling, and a highly recommended social event.

Email: ruhrsec@hackmanit.de

IT security, IT-Security, non-profit, Academia, Industry, cutting-edge, Bochum, Germany, RuhrSec

Smart Grid Forums Ltd

This forum brings together utility CISOs with their IT and OT cybersecurity teams for an in-depth discussion around the impact of geopolitics on the evolving threat landscape, the emergence of new grid vulnerabilities in the context of increased grid innovation and interconnection, the latest IT and OT cybersecurity solutions on the market and in development, and the implications of multiple regulatory frameworks with competing demands underpinning cybersecurity strategies.

Phone: [+442080571700];     Email: registration@smartgrid-forums.com

Smart grid, power grid, IT, OT, Information Technology, Operational Technology, Cybersecurity, engineering, electircal engineering

Electric Power Transmission, Power Grid, Smart Grid,    Electrical Engineering

HackMiami X 2023 Conference will consist of training classes on May 19, 2023 and speaking tracks on Saturday May 20, 2023.

anonymity | anti-forensics | arduino and all maker-stuffs | artificial intelligence | affiliate marketing | biohacking | botnets | carding | code releases | compliance frameworks | career development | corporate espionage | crimeware | critical infrastructure | cryptocurrency | cryptography | DDoS | digital currency | digital self defense | DFIR | electronic crime | electronic civil rights issues | electronic weapons | encryption | ethics | exploit kits | exploitation methods | forensics | forgery | fraud methodologies | fraud prevention | hacker culture | hackerspaces | hacking | HAM radio | identify theft | implantable technologies | information security | intelligence gathering | investigation methods | law and legal concepts | law enforcement | lockpicking | machine learning | malware | mobile technologies | mobile exploitation | money laundering | NFTs | network infrastructure attacks | open source intelligence (OSINT) | open source software | operating systems | penetration testing | privacy | phreaking | pirate radio | programming | ransomware | radio culture | red/blue/purple teams | reverse engineering | robotics | satellite hacking | SCADA | scripting | security culture | social engineering | software cracking | software defined radio | software development | software/tool releases | spam |state sponsored espionage /APTs | steganography | subsersive technologies | third party risk | threat intelligence | threat hunting | voIP hacking | vulnerability analysis | vulnerability disclosures | web application attacks | wireless hacking

Entwickler Akademie

Das Trainingsevent richtet sich an Entwickler:innen, Test Engineers, DevOps Profis und Anwendern von IT-Security. Das Programm erstellt Christian Schneider, freiberuflicher Whitehat Hacker und erfahrener IT-Security Coach. Außerdem bietet er selbst auf dem Summit Workshops an. Die Trainer:innen und Speaker:innen führen in Hands-On-Workshops in moderne Security-Prozesse ein, informieren über wichtige Tools für Security-Analyse und -Tests und zeigen, welche konkreten Maßnahmen gegen Angreifer:innen wirken.

Aus drei parallel laufenden Tracks können Teilnehmende sich die Workshopthemen aussuchen, die am besten zu den eigenen Projekten passen: 1. Infrastruktur und Kubernetes, 2. Web- und API-Security und 3. DevSecOps. 15 national und international anerkannte Professionals der IT-Security-Branche vermitteln praxisnahes Wissen in über 20 Workshops und fünf inspirierenden Sessions.

Entwickler Akademie;     Email: okougioumtzidou@sandsmedia.com

GitHub, Kubernetes, Web- und API-Security, DevSecOps, Infrastruktur und Kubernetes, Angular, Fullstack Security, GitLab, Service Mesh Security

Training in Computer Science, Courses,    Software Engineering

CIRM – Centre International de Rencontres Mathématiques

The International Conference on Codes, Cryptology and Information Security (C2SI) IACR is a recognized biennial conference, organized in cooperation with the International Association for Cryptologic Research -- IACR, focusing on all aspects of coding theory, cryptology, and information security, attracting cutting-edge results from world-renowned scientists in the area. LNCS C2SI-2023 will be held at the Faculty of Sciences of Mohammed V University in Rabat (Morocco) on May 29-31, 2023.

Topics of interest include but are not limited to: Error-correcting codes, Code-based Cryptography, Post-quantum cryptography, Information security

NATO Cooperative Cyber Defence Centre of Excellence

CyCon 2023’s central theme is Meeting Reality. It seeks to challenge our assumptions about cyber conflict and associated technologies in general, in addition to their role in peacetime as well as crisis and conflict. Do our policies and legal frameworks stand the test of time? What technologies have turned out to be game changers and which have been overrated? CyCon 2023 encourages the discussion of concepts of cyber conflict as tested by real world events, addressing questions that might have appeared niche and theoretical just a few years ago, but now have proven to be of real life significance.

cyber conflict, multi-domain operations, National cyber strategies and policies, Private companies in cyber conflict, Non-state actors, Legal aspects of cyber recruitment, Biometric data processing for identification or targeting purposes, drones, autonomous capabilities, Cyber training needs before and during armed conflict, Military cyber exercises, Narrative control in/through cyberspace, Information and intelligence sharing, International law aspects of propaganda and influence operations, Cyber neutrality, Cyber cooperation vs competition between Russia and China, Critical infrastructure security, Cybersecurity of industrial control systems, Secured 5G and next generation networks, Cybersecurity aspects of transport industry (maritime, aviation, railroad), Satellite communication security, AI use-cases in cybersecurity, AI-based intrusion detection systems, Secured AI military applications, AI-based malware detection and analysis, Novel cyber-attacks and malware analysis in the context of Russo-Ukrainian conflict

ACNS is an annual conference focusing on current developments that advance the areas of applied cryptography, cyber security (including network and computer security) and privacy. The goal is to represent both academic research works as well as developments in industrial and technical frontiers. Submissions may focus on the modelling, design, analysis (including security proofs and attacks), development (e.g. implementations), deployment (e.g. system integration), and maintenance (e.g. performance measurements, usability studies) of algorithms, protocols, standards, implementations, technologies devices, systems standing in relation with applied cryptography, cyber security and privacy, while advancing or bringing new insights to the state of the art.

Cryptography, Blockchain and Information Security,    Networks, Internet

in conjunction with ACNS 2023

Despite the promise in data protection, federated learning faces new security and privacy threats. Some recent research has shown that it is possible to infer training data information by observing shared models. In addition, there is strong desire to protect models because model design needs significant investment and they are treated as important digital assets. However, models are exposed to everyone in the default design of federated learning. Furthermore, malicious participants may exist in federated learning and they would compromise the whole learning process by sharing wrong models. There also may exist free-riders that enjoy the shared model, without making contributions. Addressing the above challenges of federated learning security and privacy needs significant research efforts on theories, algorithms, architecture, and experiences of system deployment and maintenance. Therefore, this workshop aims to offer a platform for researchers from both academia and industry to publish recent research findings and to discuss opportunities, challenges and solutions related to security and privacy of federated learning.

DFRWS

DFRWS welcomes new perspectives that push the envelope of what is currently possible in digital forensic, and that provide practical solutions for real-world problems.

Email: frankb@dfrws.org

Industrial control system / SCADA forensics, Deleted data recovery and analysis from IaaS and SaaS environments, Multimedia authentication, beyond theory to real-world applications, Aerospace forensics, including analysis of satellite system and communications, Digital forensic preparedness / readiness, Digital investigation case management, Digital evidence sharing and exchange, Digital forensic triage / survey, Digital forensic tool validation, - Machine learning and data mining for digital evidence extraction/query, Malware and targeted attacks (analysis and attribution), Forensics analysis and visualization of Big Data, Non-traditional forensic scenarios / contexts, Network and distributed system forensics, Mobile and embedded device forensics, Cloud and virtualized environments

Cyber-Physical Systems (CPS) of interest to this workshop consist of large-scale interconnected systems of heterogeneous components interacting with their physical environments. There exist a multitude of CPS devices and applications deployed to serve critical functions in our lives thus making security an important non-functional attribute of such systems. This workshop will provide a platform for professionals from academia, government, and industry to discuss novel ways to address the ever-present security challenges facing CPS. We seek submissions describing theoretical and practical solutions to security challenges in CPS. Submissions pertinent to the security of embedded systems, IoT, SCADA, smart grid, and other critical infrastructure are welcome.

The 18th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2023) will be held in Melbourne Australia from July 10th to July 14th, 2023.

Building on the success of ACM Conference on Computer and Communications Security (CCS), the ACM Special Interest Group on Security, Audit, and Control (SIGSAC) formally established the annual ACM Asia Conference on Computer and Communications Security (ASIACCS). The inaugural ASIACCS was held in Taipei (2006). Since then ASIACCS has been held in Singapore (2007), Tokyo (2008), Sydney (2009), Beijing (2010), Hong Kong (2011), Seoul (2012), Hangzhou (2013), Kyoto (2014), Singapore (2015), Xi’an (2016), Abu Dhabi (2017), Songdo (2018), Auckland (2019), Taipei (2020, virtual), Hong Kong (2021, virtual) and Nagasaki (2022, hybrid).

Banff International Research Station (BIRS) / UBCO

Contextual integrity is a framework for formalizing context of data use, and offers a descriptive categorization of information flows as either appropriate or inappropriate based upon the context and cultural norms. This workshop will combine tools from differential privacy and contextual integrity to develop context-based prescriptions for the use and implementation of differential privacy. It will bring together a multi-disciplinary team of privacy researchers from computer science, information science, statistics, business, law, and public policy to address this multifaceted challenge.

USENIX Association

USENIX Association

SBA Research

The International Conference on Availability, Reliability and Security (ARES) brings together researchers and practitioners in the field of IT security & privacy. Since 2005, ARES serves as an important platform to exchange, discuss and transfer knowledge and is hosted every year in another European city.

Conference Management;     Email: ares@sba-research.org

Authorization, Authentication, and Access Control Automated Vulnerability Repair Availability, Confidentiality, Integrity Botnets and Botnet Monitoring Cloud Security Compliance, Certification and Legal aspects related to Security and Privacy Dependability, and Resilience Digital Forensics Human Factors in Security and Privacy Identity Management Incident Response and Prevention Intrusion Detection and Fraud Detection Machine Learning for Security and Privacy Security and Privacy for Machine Learning Mobile Security Network Security Privacy-Enhancing Technologies (PETs) Process based Security Models and Methods Risk analysis Side Channel Attacks Software Security Static and Dynamic Code Analysis for Security and Privacy Security and Privacy for IoT, Cyber-Physical Systems, and Critical Infrastructures Security and Privacy Awareness Security Requirements and Secure Design of Applications Usable Security and Privacy Threats and Attack Modelling Trusted Computing Trust Models and Trust Management Web Application Security and Privacy

USENIX Association

The 2023 USENIX Conference on Privacy Engineering Practice and Respect (PEPR '23) will take place at the Hyatt Regency Santa Clara, in Santa Clara, CA, USA, on September 11–12, 2023. PEPR is focused on designing and building products and systems with privacy and respect for their users and the societies in which they operate. Our goal is to improve the state of the art and practice of building for privacy and respect and to foster a deeply knowledgeable community of both privacy practitioners and researchers who collaborate towards that goal.

Association for Computing Machinery (ACM)

The annual ACM Computer and Communications Security Conference is a leading international forum for information security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange techniques, tools, and experiences. We invite submissions from academia, government, and industry presenting novel research on all theoretical and practical aspects of computer security, as well as case studies and implementation experiences.

2023 13th International Conference on Communication and Network Security, will be held in Fuzhou, China during December 1-3, 2023, sponsored by Fujian Normal University, China. It's the 13th year of ICCNS conference, it will witness the development of the field in communication and network security.

Email: saraxc17@163.com

Communication and Information Engineering; Network management; Information and Network Security; Network Intrusion Detection and Prevention, Firewalls, Packet Filters; Mobile device security; Security information and event management; Wireless security;

USENIX Association

USENIX Association

The 33rd USENIX Security Symposium will take place on August 14–16, 2024, at the Philadelphia Marriott Downtown in Philadelphia, PA, USA. The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security and privacy of computer systems and networks.