ICICS 2023

The 25th International Conference on Information and Communications Security
18-20 November, 2023, Nankai University, Tianjin, China

Call for Papers

Authors are invited to submit original papers not previously published nor submitted in parallel for publication to any other conference, workshop or journal. All submitted papers must be anonymous, with no author names, affiliations, acknowledgements, or obvious references, for double blind reviews.

* Submission deadline: March 30 (23:59 AOE) April 6 (23:59 AOE)

* Early rejection: May 9

* Notification: June 10June 17

* Camera-ready due: June 30

Each submission must ensure that, once accepted, least one author will present the paper at ICICS 2023. Accepted papers will be included in the conference's proceeding published by Springer in its Lecture Notes in Computer Science (LNCS) series. Please note that at least one author of each accepted paper should register with full rate to the conference and give a presentation at the conference. Failure to register or absence from the presentation will eventually make your paper NOT being included in the conference proceedings.

Submissions should be in English, as a PDF file with all fonts embedded, in the Springer LNCS format (details can be found at: http://www.springer.com/computer/lncs?SGWID=0-164-6-793341-0), typeset with 10pt font, and using reasonable spacing and margins. Papers should not exceed 16 pages in LNCS style including the bibliography, but excluding well-marked appendices (no more than 18 pages in total). Note that papers should be intelligible without all appendices, since committee members are not required to read them. Submitted papers may risk being rejected directly without consideration of their merits if they do not follow all the above submission instructions.

The page limits for the camera-ready papers are as follows: 18 pages for Full papers, including references and appendices; 12 pages for Short papers, including references and appendices.


The TPC and Streering Committee will select one paper to receive a Best Paper Award, and another paper whose first co-author is a student to receive a Best Student Paper Award. Recepients of both awards will receive a certificate from the Conference. Springer will sponsor the best paper and best student paper awards with cash prize.

Conflicts of Interest

Authors when submitting the paper are required to declare the conflict of interest (COI) with the Program Committee members including the chairs. Those who are considered COI include (1) anyone who shares an institutional affiliation with an author of the paper at the time of submission, (2) anyone who was the advisor or advisee of an author at any time in the past, or (3) anyone the author has collaborated or published within the prior two years. PC members, including chairs that have a conflict of interest with a paper, will be entirely excluded from the evaluation of that paper. Failure of declaring COI, or declaring fake COI can lead to the paper being rejected. If a paper is reviewed by a PC member with COI, it will be rejected.

How to Submit

Submissions and reviews will be organized on the EasyChair platform and the link for submission is https://easychair.org/my/conference?conf=icics2023.

Topics of Interest

Topics of particular interest include, but are not limited to:

  • Access control and authorization
  • AI-based security and privacy
  • Anonymity
  • Applied cryptography
  • Threat scenarios, attack models and security analysis
  • Attestation
  • Authentication
  • Biometrics security and privacy
  • Blockchain and cryptocurrencies
  • Cloud computing and virtualization security
  • Cybercrime and online harms
  • Cyber deception and fraud
  • Cyber incident response and recovery
  • Critical infrastructure protection
  • Cyber physical systems security
  • Cyber resilience
  • Cyber security education, games and awareness
  • Cyber threat intelligence
  • Data security and privacy
  • Digital forensics
  • Digital rights management
  • Digital watermarking
  • Distributed systems security
  • Economics of security and privacy
  • Edge and fog computing security
  • Embedded systems security
  • Emergency response and recovery
  • Hardware security
  • Identity management
  • Information security management
  • Internet censorship and defence
  • Intrusion detection and prevention
  • Malware and unwanted software
  • Misinformation, disinformation and fake news
  • Mobile security and privacy
  • Online safety and child protection
  • Online social media security, privacy and trust
  • Operating systems security
  • Network security
  • Privacy enhancing technologies and mechanisms
  • Security of communication protocols
  • Secure information flow
  • Security and privacy for (Industrial) Internet of Things
  • Security and privacy of AI (e.g., adversarial machine learning and federated learning)
  • Security and privacy metrics and policies
  • Security operations and incident management
  • Security visualization
  • Secure systems design and architectures
  • Side channel attacks
  • Software and application security
  • Steganography and steganalysis
  • Trusted computing
  • Trust management and reputation
  • Usable security and privacy
  • Web security and privacy

Ethical Considerations

When research identifies a vulnerability (for example, a software vulnerability in a given program, a design weakness in a hardware system, or any other type of vulnerability in a deployed system), we expect researchers to take action to avoid unnecessary harm to affected users and, where possible, to actively protect those users. In almost all cases, disclosing the vulnerability to vendors and other stakeholders of the affected system will help protect users. It is the committee’s sense that a disclosure window of 45 days (https://vuls.cert.org/confluence/display/Wiki/Vulnerability+Disclosure+Policy) to 90 days (https://googleprojectzero.blogspot.com/p/vulnerability-disclosure-faq.html) ahead of publication is consistent with authors’ ethical obligations.

A longer disclosure window (which could keep the vulnerability from being disclosed to the public for an extended period of time) should only be considered in exceptional circumstances, such as if the affected party has provided convincing evidence that the vulnerability was previously unknown and additional time is needed to fully roll out mitigation measures. The authors are encouraged to consult with the PC chairs in case of questions or concerns.

The version of the paper submitted for review must discuss in detail the steps the author has taken or plans to take to address these vulnerabilities; However, consistent with the schedule above, authors do not have to disclose the vulnerability prior to submission. If a paper raises significant ethical and/or legal concerns, it will be checked by the REC and it might be rejected based on these concerns. The PC chairs will be happy to consult with authors about how this policy applies to their submissions.

Submissions describing experiments that may be considered to involve human subjects, analyzing data (even anonymous data) from human subjects, or otherwise potentially putting humans at risk should:

1. Disclose whether the research received an approval or waiver from each of the authors' institutional ethics review boards (IRB) if applicable.

2. Discuss steps taken to ensure that participants and others who might have been affected by an experiment were treated ethically and with respect.

If the paper submitted involves any type of personally identifiable information (PII) or other type of sensitive data, the version of the paper submitted for review must discuss in detail the steps taken by the author to mitigate harm to the person identified. If a paper raises significant ethical and/or legal issues, it will be reviewed by the REC and may be rejected based on those issues. The PC chairs will be happy to consult with authors about how this policy applies to their submissions. Authors may wish to consider the 2023 USENIX Security Ethics Policy for examples.