25th International Symposium on Research in Attacks, Intrusions, and Defenses

Since its inception in 1997, the International Symposium on Research in Attacks, Intrusions and Defenses (RAID) has established itself as a venue where leading researchers and practitioners from academia, industry, and the government are given the opportunity to present novel research in a unique venue to an engaged and lively community.

The conference is known for the quality and thoroughness of the reviews of the papers submitted, the desire to build a bridge between research carried out in different communities, and the emphasis given on the need for sound experimental methods and measurement to improve the state of the art in cybersecurity.

This year we are soliciting research papers on topics covering all well-motivated computer security problems. We care about techniques that identify new real-world threats, techniques to prevent them, to detect them, to mitigate them or to assess their prevalence and their consequences. Measurement papers are encouraged, as well as papers offering public access to new tools or datasets, or experience papers that clearly articulate important lessons learned.

Specific topics of interest to RAID include, but are not limited to:

• Computer, network, and cloud computing security
• Malware and unwanted software
• Program analysis and reverse engineering
• Mobile Security
• Web security and privacy
• Vulnerability analysis techniques
• Usable security and privacy
• Intrusion detection and prevention
• Hardware security
• Cyber physical systems security and threats against critical infrastructures
• IoT security
• Statistical and adversarial learning for computer security
• Cyber crime and underground economies
• Denial-of-Service attacks and defenses
• Security measurement studies
• Digital forensics

Papers will be judged on novelty, significance, correctness, and clarity. We expect all papers to provide enough detail to enable the reproducibility of their experimental results. We encourage authors to make both the tools and data publicly available.

More information is available at http://raid2022.org/.

Papers

Submissions must be a PDF file in double-column ACM format (see http://www.acm.org/publications/article-templates/proceedings-template.html ) no more than 12 pages long, excluding the bibliography, well-marked appendices, and supplementary material. Note that reviewers are not required to read the appendices or any supplementary material. Authors should not change the font or the margins of the ACM format. Submissions not following the required format may be rejected without review.

The submission site is available here: https://raid2022.hotcrp.com/

Submission

Reviewing will be double-blind, meaning the authors’ identities will be hidden from the reviewers. All papers must be appropriately anonymized: author names or affiliations must not appear in the submission, you must refer to your own prior work in the third person, you should not give the paper a title that corresponds to a publicly available technical report, and should anonymize the bibliographic section in an appropriate manner, etc. Papers that are not properly anonymized may be rejected without review. While submitted papers must be anonymous, authors may choose to give talks about their work, post a preprint of the paper online, disclose security vulnerabilities to vendors or the public, etc. during the review process.

All submissions will be judged on originality, relevance, correctness, and clarity. Submissions must not substantially duplicate work that has already been published elsewhere or submitted in parallel to a journal or to any other conference or workshop with proceedings. Simultaneous submission of the same work to multiple venues, submission of previously published work, and plagiarism constitute dishonesty or fraud. RAID, like other scientific and technical conferences and journals, prohibits these practices and may, on the recommendation of the program chair, take action against authors who have committed them. RAID abides with policies for plagiarism, submission confidentiality, reviewer anonymity, and prior and concurrent paper submission that mirror those of the ACM (see http://www.acm.org/publications/policies/).

Human Subjects and Ethical Considerations

Submissions that describe experiments on human subjects, that analyze data derived from human subjects (even anonymized data), or that otherwise may put humans at risk should:

1. Disclose whether the research received approval or a waiver from each of the authors’ institutional ethics review boards (e.g., an IRB).
2. Discuss steps taken to ensure that participants and others who might have been affected by an experiment were treated ethically and with respect.

If the submission deals with vulnerabilities (e.g., software vulnerabilities in a given program or design weaknesses in a hardware system), the authors need to discuss in detail the steps they have already taken or plan to take to address these vulnerabilities (e.g., by disclosing vulnerabilities to the vendors). The same applies if the submission deals with personally identifiable information (PII) or other kinds of sensitive data. If a paper raises significant ethical and legal concerns, it might be rejected based on these concerns.

Authors who are unsure whether their submissions might meet these guidelines, or who have specific questions about the guidelines, are welcome to contact the program committee chair at raid2022@ucy.onmicrosoft.com .