Home
  Organization
  Call for Papers
  Speakers
  Training
  Accepted Papers
  Workshop Program
  Sponsors
  Past Workshops
 






Condado Plaza Hilton, San Juan, Puerto Rico, USA
December 9–10, 2019
Collocated with ACSAC 2019

Call for Papers

Downloadable CFP

The 9th Software Security, Protection, and Reverse Engineering Workshop continues as a consolidated workshop that merged into one venue the Program Protection and Reverse Engineering Workshop (PPREW) and the Software Security and Protection Workshop (SSP), which both started in 2011

Software security is a discipline that lies at the crossroads of security, cryptography, networks, software engineering, computer architecture, operating systems, and compiler design. Program protection and reverse engineering techniques both find their practical use in malware research and analysis as well as legitimate protection schemes for intellectual property and commercial software. The joint workshop will focus on how to protect software from tampering, reverse engineering, and piracy. Strongly encouraged are proposals of new, speculative ideas; evaluations of new or known techniques in practical settings; and discussions of emerging threats and problems in metrics, tools, and procedures for evaluating tamperproofing, watermarking, obfuscation, birthmarking, and protection algorithms in general. Likewise, reverse engineering of low-level constructs such as machine code or gate-level circuit definitions through static and dynamic analysis is geared to recover higher levels of abstract information to determine a program's function as well as to classify it with existing similar code (which is typically malicious). Both program protection and reverse engineering techniques are utilized for legitimate and illegal purposes. Theoretically, protection is seen as impossible in the general case but the promise of mathematically based transformations with rigorous cryptographic properties is an area of active interest. Given enough time and resources, reverse engineering and de-obfuscation is assumed to be achievable.

SSPREW will provide a discussion forum for researchers that are exploring theoretical definitions and frameworks, implementing and using practical methods and empirical studies, and those developing new tools or techniques in this unique area of security. We expect the workshop to provide exchange of ideas and support for cooperative relationships among researchers in industry, academia, and government.

We invite papers, posters, and talks on program protection, reverse engineering, and software security used in legitimate contexts. Particular interest will be given on studies and experiments that explore the boundary of both practical methods and their theoretical limits. Topics for the workshop can cover a wide variety of tools, techniques, and methodologies related to security aspects of software and hardware systems, with particular focus on subversion/exploitation or protection of program integrity, confidentiality, authorization, and intellectual property. Ongoing work with preliminary results, theoretical approaches, tool-based methods, and empirical studies on various methods are all appropriate for submission. Modeling of software security, man-at-the-end (MATE) attacks, metrics and evaluation frameworks, and new cutting-edge techniques are in view as well. Papers can address studies on hardware/circuit based methods or software/assembly based mechanisms. We expect the workshop to provide exchange of ideas and support for cooperative relationships among researchers in industry, academia, and government.

Topics can include but are not limited to:

  • Security modelling
  • Protection metrics and measurements
  • Obfuscation / deobfuscation
  • Tamper-proofing
  • Hardware-based protections
  • Protection profiling, verification, and evaluation
  • Theoretic analysis frameworks:
    • Abstract Interpretation
    • Homomorphic Encryption
    • Term Rewriting Systems
    • Machine Learning
    • Large Scale Boolean Matching
  • Static/dynamic analysis techniques
  • New cutting-edge protection technologies
  • Circuit and digital logic protection
  • Diversity metrics and measurements
  • Man-at-the-end (MATE) attack technologies
  • MATE characterization and measurement
  • Software watermarking
  • Digital fingerprinting
  • Reverse engineering tools / techniques
  • Program / circuit slicing
  • Component / functional Identification
  • Source code (static/dynamic) analysis
  • Information hiding and discovery
  • User interface design for controlling protection
  • Virtualization for protection and/or analysis
  • Forensic and anti-forensic protection
  • Moving target and active cyber defense

Submission Guidelines

The workshop will feature peer-reviewed technical presentations on original work, a poster session, and talk sessions on potentially non-original research.

Technical Papers

Papers must describe original work, be written and presented in English, and must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference with refereed proceedings.

Original, unpublished manuscripts of up to 12-pages including figures and references must follow the ACM SIG proceedings format. All submissions must be in PDF and paper templates are available for LaTeX and Word at: https://www.acm.org/publications/proceedings-template.

Authors should apply ACM Computing Classification categories and terms. The templates provide space for this indexing and authors should refer to the Computing Classification Scheme at: https://www.acm.org/publications/class-2012

Submitted papers must adhere to the ACM Copyright Policy and the ACM Policy on Plagiarism. Concurrent submissions to other conferences, workshops, journals, or similar forums of publication are not allowed. Submissions that do not meet these guidelines may not be considered.

The URL for submission of papers is through Easy Chair.

For accepted papers, at least one author must register for, attend, and make a presentation at SSPREW in order for the paper to appear in the workshop proceedings.

To expedite publication of accepted papers in the workshop proceedings, camera ready papers should have the following properties:

  • PDFs should be optimized for fast web viewing.
  • PDFs should Include the rights management statement and bibliographic strip on the bottom of the first page left column. The specific wording of this statement is emailed directly to the authors of accepted papers through the ACM Rights Management System.
  • All fonts in the PDF must be Type 1 fonts (scalable), not Type 3 (bit-mapped).
  • All fonts MUST be embedded within the PDF file.

Documentation on how to embed fonts is provided by ACM. Authors should download and use the ACM Digital Library optimal distiller settings file, ACM.joboptions.

Posters

SSPREW poster session will offer a chance to present your work in an interactive manner in front of experts from industry, government, and academia attending the workshop. Posters can cover preliminary or exploratory work, smaller research projects, projects that are showing promising results but aren't quite ready for a full publication, or any other work that would benefit from discussion in this sort of an open forum. Poster proposals should be in the form of a (maximum) one page abstract describing the work. Format guidelines for the poster abstract are 1 inch margins using 10 pt font, and should include the title of the poster, authors, and author affiliation/contact email.

Authors will be expected to register for and attend the workshop, bring their finished poster to the workshop, and present it during the program. You will be required to setup your poster beforehand and stand with your poster during that time (about 60 minutes). Details on poster formats will be emailed to authors before the workshop (probably to be attached to a 40x30 inch backing). A poster does not need to considered a prior publication of the work and may be reused for later publications if appropriate. Posters can be included in the workshop proceedings at the request of the authors.

PDF versions of accepted posters should be uploaded into EasyChair NLT than the Camera Ready submission date.

Talk Proposals

Talk sessions, much like poster presentations, provide a presentation-only format that will allow interactive presentation of non-original work, new ideas, preliminary or exploratory work, or current topics of interest related to the workshop themes. Talk sessions are ideal for industry participants or practitioners that would like to promote discussion of ideas in the workshop forum among the attendees.

Talk proposals should be in the form of a two page abstract describing the work, with an additional two pages allowed for appendices, benchmarks, or supporting details. Format guidelines for the talk proposals are 1 inch margins using 10 pt font, a title for the talk, authors, and author affiliation/contact email. Talk-related abstracts may be included in the workshop proceedings at the request of the presenter. Formatting guidelines for the abstract will follow those for the technical papers and PDF versions of abstracts should be uploaded into EasyChair NLT than the Camera Ready submission date.