CSF 2025 : 38th IEEE Computer Security Foundations Symposium - deadline 2
Call For Paper (CFP) Description
The Computer Security Foundations Symposium (CSF) is an annual conference for researchers in computer security. CSF seeks papers on foundational aspects of computer security, such as formal security models, relationships between security properties and defenses, principled techniques and tools for design and rigorous analysis of security mechanisms, as well as their application to practice. While CSF welcomes submissions beyond the topics listed below, the main focus of CSF is foundational security and privacy. Papers lacking foundational aspects risk desk rejection without further evaluation of their merits; contact the PC chairs when in doubt.
CSF was created in 1988 as a workshop of the IEEE Computer Society’s Technical Committee on Security and Privacy, in response to a 1986 essay by Don Good entitled “The Foundations of Computer Security—We Need Some.” The meeting became a “symposium” in 2007, along with a policy for open, increased attendance. Over the past two decades, many seminal papers and techniques have been presented first at CSF. For more details on the history of the symposium, visit CSF’s home.
Proceedings will be published by the IEEE Computer Society Press and will be available at the symposium. Some small number of papers will be selected by the Program Committee as "Distinguished Papers".
Topics
New results in security and privacy are welcome. We also encourage challenge/vision papers, which may describe open questions and raise fundamental concerns about security and privacy. Possible topics for all papers include, but are not limited to:
access control
accountability
anonymity
attack models
authentication
blockchains and smart contracts
cloud security
cryptography
data provenance
data and system integrity
database security
decidability and complexity
decision theory
distributed systems security
electronic voting
embedded systems security
forensics
formal methods and verification
hardware-based security
information flow control
intrusion detection
language-based security
mobile security
network security
privacy
security and privacy aspects of machine learning
security and privacy for the Internet of Things
security architecture
security metrics
security policies
security protocols
software security
socio-technical security
trust management
usable security
web security
SoK papers: Systematization of Knowledge Papers
CSF 2025 solicits systematization of knowledge (SoK) papers in foundational security and privacy research. These papers systematize, re-formulate, or evaluate existing work in one established and significant research topic. Such papers must provide new insights. Survey papers without new insights are not appropriate. Papers trying to identify robust foundations of research areas still lacking them are particularly welcome. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form.
Ethics
We expect authors to carefully consider and address the potential harms associated with carrying out the research, as well as the potential negative consequences that could stem from publishing their work. Failure to do so will result in summary rejection of a submission regardless of its quality and scientific value.
Although causing controlled harm is sometimes a consequence of legitimate scientific research in computer security and privacy, authors are expected to document how they have addressed and mitigated the risks. This includes, but is not limited to, considering the impact of their research on deployed systems, understanding the costs and risks their research imposes on others, safely and appropriately collecting data, and following responsible disclosure. If the submitted research has the potential to cause harm, the paper should include a clear statement about why the benefit of the research outweighs the harms, and how the authors have taken measures and followed best practices to ensure safety and minimize the harms caused by their research.
If the submitted research has potential to cause harm, and authors have access to an Institutional Review Board (IRB), we expect that this IRB is consulted and its approval and recommendations are documented in the paper. We note however that IRBs are not expected to understand computer security research well or to know about best practices and community norms in our field, so IRB approval does not absolve researchers from considering ethical aspects of their work. In particular, IRB approval is not sufficient to guarantee that the PC will not have additional concerns with respect to harms associated with the research.
We encourage the authors to consult with existing documentation, e.g., Common Pitfalls in Writing about Security and Privacy Human Subjects Experiments, and How to Avoid Them or the Menlo Report and existing Safety consultation entities, e.g., the Tor Safety Research Board. These can help in thinking about potential harms, and in designing the safest experiments and disclosure processes.
CSF was created in 1988 as a workshop of the IEEE Computer Society’s Technical Committee on Security and Privacy, in response to a 1986 essay by Don Good entitled “The Foundations of Computer Security—We Need Some.” The meeting became a “symposium” in 2007, along with a policy for open, increased attendance. Over the past two decades, many seminal papers and techniques have been presented first at CSF. For more details on the history of the symposium, visit CSF’s home.
Proceedings will be published by the IEEE Computer Society Press and will be available at the symposium. Some small number of papers will be selected by the Program Committee as "Distinguished Papers".
Topics
New results in security and privacy are welcome. We also encourage challenge/vision papers, which may describe open questions and raise fundamental concerns about security and privacy. Possible topics for all papers include, but are not limited to:
access control
accountability
anonymity
attack models
authentication
blockchains and smart contracts
cloud security
cryptography
data provenance
data and system integrity
database security
decidability and complexity
decision theory
distributed systems security
electronic voting
embedded systems security
forensics
formal methods and verification
hardware-based security
information flow control
intrusion detection
language-based security
mobile security
network security
privacy
security and privacy aspects of machine learning
security and privacy for the Internet of Things
security architecture
security metrics
security policies
security protocols
software security
socio-technical security
trust management
usable security
web security
SoK papers: Systematization of Knowledge Papers
CSF 2025 solicits systematization of knowledge (SoK) papers in foundational security and privacy research. These papers systematize, re-formulate, or evaluate existing work in one established and significant research topic. Such papers must provide new insights. Survey papers without new insights are not appropriate. Papers trying to identify robust foundations of research areas still lacking them are particularly welcome. Submissions will be distinguished by the prefix “SoK:” in the title and a checkbox on the submission form.
Ethics
We expect authors to carefully consider and address the potential harms associated with carrying out the research, as well as the potential negative consequences that could stem from publishing their work. Failure to do so will result in summary rejection of a submission regardless of its quality and scientific value.
Although causing controlled harm is sometimes a consequence of legitimate scientific research in computer security and privacy, authors are expected to document how they have addressed and mitigated the risks. This includes, but is not limited to, considering the impact of their research on deployed systems, understanding the costs and risks their research imposes on others, safely and appropriately collecting data, and following responsible disclosure. If the submitted research has the potential to cause harm, the paper should include a clear statement about why the benefit of the research outweighs the harms, and how the authors have taken measures and followed best practices to ensure safety and minimize the harms caused by their research.
If the submitted research has potential to cause harm, and authors have access to an Institutional Review Board (IRB), we expect that this IRB is consulted and its approval and recommendations are documented in the paper. We note however that IRBs are not expected to understand computer security research well or to know about best practices and community norms in our field, so IRB approval does not absolve researchers from considering ethical aspects of their work. In particular, IRB approval is not sufficient to guarantee that the PC will not have additional concerns with respect to harms associated with the research.
We encourage the authors to consult with existing documentation, e.g., Common Pitfalls in Writing about Security and Privacy Human Subjects Experiments, and How to Avoid Them or the Menlo Report and existing Safety consultation entities, e.g., the Tor Safety Research Board. These can help in thinking about potential harms, and in designing the safest experiments and disclosure processes.
Conference Topics
Frequently Asked Questions
What is CSF 2025 : 38th IEEE Computer Security Foundations Symposium - deadline 2?
CSF 2025 : 38th IEEE Computer Security Foundations Symposium - deadline 2 is The 38th IEEE Computer Security Foundations Symposium (CSF 2025) is an annual conference for researchers in computer security, focusing on foundational aspects of computer security, security models, and their application to practice.
What topics are accepted at CSF 2025 : 38th IEEE Computer Security Foundations Symposium - deadline 2?
The topics accepted at CSF 2025 : 38th IEEE Computer Security Foundations Symposium - deadline 2 include Foundations of Computer Security. Papers that explore innovative ideas or solutions in these areas are highly encouraged.
What are the important dates for CSF 2025 : 38th IEEE Computer Security Foundations Symposium - deadline 2?
- Start Date: 01 Jun, 2025
- End Date: 30 Jul, 2025
- End Date: 30 Jul, 2025
Can I submit more than one paper to CSF 2025 : 38th IEEE Computer Security Foundations Symposium - deadline 2?
Yes, multiple submissions are allowed, provided they align with the conference’s themes and topics. Each submission will be reviewed independently.
What is the review process for submissions?
Papers will be reviewed by a panel of experts in the field, ensuring that only high-quality, relevant work is selected for presentation. Each paper will be evaluated on originality, significance, and clarity.
What presentation formats are available at CSF 2025 : 38th IEEE Computer Security Foundations Symposium - deadline 2?
Presentations can be made in various formats including oral presentations, poster sessions, or virtual presentations. Specific details will be provided upon acceptance of your paper.
Can I make changes to my submission after I’ve submitted it?
Modifications to your submission are allowed until the submission deadline. After that, no changes can be made. Please make sure all details are correct before submitting.
What are the benefits of attending CSF 2025 : 38th IEEE Computer Security Foundations Symposium - deadline 2?
Attending CSF 2025 : 38th IEEE Computer Security Foundations Symposium - deadline 2 provides an opportunity to present your research, network with peers and experts in your field, and gain feedback on your work. Additionally, it is an excellent platform for career advancement and collaboration opportunities.
What should I include in my abstract or proposal submission?
Your abstract or proposal should include a concise summary of your paper, including its purpose, methodology, and key findings. Ensure that it aligns with the conference themes.