17 th ACM Workshop on
Artificial Intelligence and Security
October 18th, 2024 — Salt Lake City
co-located with the 31st ACM Conference on Computer and Communications Security
Photo: Wikipedia (License: CC BY 2.0 )

Programme

The following times are on MDT (Mountain Daylight Time) UTC/GMT -6 hours.

09:00–9:15 Opening and Welcome
9:15–10:00 Keynote 1 (TBA)
10:00-10:30 Spotlights (TBA)
10:30–11:00 Coffee break
11:00–12:00 Poster session 1
12:00–13:30 Lunch
13:30–14:15 Keynote 2 (TBA)
14:15–15:00 Keynote 3 (TBA)
15:00–15:30 Coffee break
15:30–16:30 Poster session 2
16:30–16:45 Closing remarks

Call for Papers

Important Dates

  • Paper submission deadline: June 21st July 7th, 2024, 11:59 PM (all deadlines are AoE, UTC-12)
  • Reviews due: July 19th July 31st, 2024
  • Review Released and Acceptance notification: August 2nd August 6th, 2024
  • Camera ready due: August 22nd TBD, 2024
  • Workshop day: October 18th, 2024

Overview

Recent years have seen a dramatic increase in applications of Artificial Intelligence (AI), Machine Learning (ML), and data mining to security and privacy problems. The analytic tools and intelligent behavior provided by these techniques make AI and ML increasingly important for autonomous real-time analysis and decision making in domains with a wealth of data or that require quick reactions to constantly changing situations. The use of learning methods in security-sensitive domains, in which adversaries may attempt to mislead or evade intelligent machines, creates new frontiers for security research. The recent widespread adoption of “deep learning” techniques, whose security properties are difficult to reason about directly, has only added to the importance of this research. In addition, data mining and machine learning techniques create a wealth of privacy issues, due to the abundance and accessibility of data. The AISec workshop provides a venue for presenting and discussing new developments in the intersection of security and privacy with AI and ML.

Topics of Interest

Topics of interest include (but are not limited to):

Theoretical topics related to security

  • Adversarial learning
  • Security of deep learning systems
  • Robust statistics
  • Learning in games
  • Economics of security
  • Differential privacy

Security applications

  • Computer forensics
  • Spam detection
  • Phishing detection and prevention
  • Botnet detection
  • Intrusion detection and response
  • Malware identification and analysis
  • Data anonymization/de-anonymization
  • Security in social networks
  • Big data analytics for security
  • User authentication

Security-related AI problems

  • Distributed inference and decision making for security
  • Secure multiparty computation and cryptographic approaches
  • Model confidentiality
  • Privacy-preserving data mining
  • Adaptive side-channel attacks
  • Design and analysis of CAPTCHAs
  • AI approaches to trust and reputation
  • Vulnerability testing through intelligent probing (e.g. fuzzing)
  • Content-driven security policy management & access control
  • Techniques and methods for generating training and test sets
  • Anomalous behavior detection (e.g. for the purpose of fraud detection)
  • AI Misuse (e.g., Large Language Models for automated hacking, misinformation, deepfakes)
  • Safety and ethical issues of Generative AI

Submission Guidelines

We invite the following types of papers:

  • Original research papers on any topic in the intersection of AI or machine learning with security, privacy, or related areas.
  • Position and open-problem papers discussing the relationship of AI or machine learning to security or privacy. Submitted papers of this type may not substantially overlap with papers that have been published previously or that are simultaneously submitted to a journal or conference/workshop proceedings.
  • Systematization-of-knowledge papers , which should distill the AI or machine learning contributions of a previously-published series of security papers.

The authors can specify the paper type in the submission form. Paper submissions must be at most 10 pages in double-column ACM format, excluding the bibliography and well-marked appendices, and at most 12 pages overall. Papers should be in LaTeX and we recommend using the ACM format. This format is required for the camera-ready version. Please follow the main CCS formatting instructions (except with page limits as described above). In particular, we recommend using the sigconf template, which can be downloaded from https://www.acm.org/publications/proceedings-template . Accepted papers will be published by the ACM Digital Library and/or ACM Press. Committee members are not required to read the appendices, so the paper should be intelligible without them. Submissions must be in English and properly anonymized.

Submission Site

Submission link: https://aisec2024.hotcrp.com .

All accepted submissions will be presented at the workshop as posters. Accepted papers will be selected for presentation as spotlights based on their review score and novelty. Nonetheless, all accepted papers should be considered as having equal importance and will be included in the ACM workshop proceedings.

One author of each accepted paper is required to attend the workshop and present the paper for it to be included in the proceedings.

For any questions, please contact one the workshop organizers at [email protected]

Best Paper Award

As in the previous editions of this workshop, we would honor outstanding contributions. To this end, we will award the best paper, selected by the reviewers among all the submitted papers.

The 2023 AISec Best Paper Award was given to:
Sahar Abdelnabi (CISPA Helmholtz Center for Information Security), Kai Greshake (Saarland University, sequire technology GmbH), Shailesh Mishra (Saarland University), Christoph Endres (sequire technology GmbH), Thorsten Holz (CISPA Helmholtz Center for Information Security), Mario Fritz (CISPA Helmholtz Center for Information Security) for the paper Not what you've signed up for: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection .

Committee

Workshop Chairs

Steering Committee

Program Committee

  • Abbas Yazdinejad (University of Guelph, Canada)
  • Achin (Ace) Kulshrestha (Google Inc.)
  • Aideen Fay (Microsoft)
  • Alessandro Brighente (University of Padova)
  • Alessandro Erba (Karlsruhe Institute of Technology)
  • Alessandro Sanna (University Of Cagliari)
  • Ambrish Rawat (IBM Research)
  • Andrew Cullen (University of Melbourne)
  • Andy Applebaum (Apple)
  • Angelo Sotgiu (University of Cagliari)
  • Annalisa Appice (University of Bari Aldo Moro)
  • Anshuman Suri (University of Virginia)
  • Antonio Emanuele Cinà (University of Genoa)
  • Arjun Bhagoji (University of Chicago)
  • Arnav Garg (Microsoft)
  • Azqa Nadeem (University of Twente)
  • Bailey Kacsmar (University of Alberta)
  • Balachandra Shanabhag (Cohesity)
  • Benjamin M. Ampel (Georgia State University)
  • Bhavna Soman (Amazon Web Services)
  • Bobby Filar (Sublime Security)
  • Boyang Zhang (CISPA Helmholtz Center for Information Security)
  • Brad Miller (X Corp)
  • Chawin Sitawarin (Meta)
  • Christian Wressnegger (Karlsruhe Institute of Technology)
  • Clarence Chio (UC Berkeley)
  • Daniel Gibert (University College Dublin, CeADAR)
  • Daniele Canavese (IRIT)
  • Daniele Friolo (Sapienza University of Rome)
  • Daniele Angioni (University of Cagliari)
  • David Pape (CISPA Helmholtz Center for Information Security)
  • Diego Soi (University of Cagliary)
  • Dongdong She (Hong Kong University of Science and Technology)
  • Dorjan Hitaj (Sapienza University of Rome)
  • Edoardo Debenedetti (ETH Zurich)
  • Edward Raff (Booz Allen Hamiltion)
  • Erwin Quiring (Ruhr University Bochum and ICSI)
  • Eva Giboulot (Linkmedia - INRIA Rennes)
  • Fabio Brau (Scuola Superiore Sant'Anna)
  • Fabio De Gaspari (Sapienza University of Rome)
  • Francesco Flammini (IDSIA USI-SUPSI)
  • Giorgio Piras (University of Cagliari)
  • Giorgio Severi (Northeastern University)
  • Giovanni Cherubin (Microsoft)
  • Giovanni Apruzzese (University of Liechtenstein)
  • Giulio Rossolini (Scuola Superiore Sant'Anna)
  • Giulio Zizzo (IBM Research)
  • Giuseppina Andresini (University of Bari Aldo Moro)
  • Hamid Bostani (Radboud University, The Netherlands)
  • Hari Venugopalan (University of California, Davis)
  • Ilias Tsingenopoulos (DistriNet, KU Leuven)
  • James Hu (University of Arizona)
  • Javier Carnerero Cano (IBM Research Europe/Imperial College London)
  • Joel Frank (Meta)
  • John Holodnak (MIT Lincoln Laboratory)
  • Jonas Möller (TU Berlin)
  • Jonas Ricker (Ruhr University Bochum)
  • Jose Maria de Fuentes (Universidad Carlos III de Madrid)
  • Julien Piet (UC Berkeley)
  • Junhao Dong (Nanyang Technological University)
  • Kathrin Grosse (EPFL)
  • Kexin Pei (The University of Chicago)
  • Konrad Rieck (TU Berlin)
  • LE MERRER Erwan (Inria, France)
  • Lea Schönherr (CISPA Helmholtz Center for Information Security)
  • Lei Ma (The University of Tokyo / University of Alberta)
  • Leonardo Regano (University Of Cagliari)
  • Lorenzo Cazzaro (Università Ca' Foscari Venezia)
  • Lorenzo Pisu (University Of Cagliari)
  • Luca Demetrio (University of Genoa)
  • Luis Muñoz-González (Telefónica Research)
  • Luke Richards (University of Maryland, Baltimore County)
  • Maria Rigaki (Czech Technical University in Prague)
  • Markus Dürmuth (Leibniz University Hannover)
  • Marta Catillo (Università degli Studi del Sannio)
  • Matthew Jagielski (Google Research)
  • Maura Pintor (University of Cagliari)
  • Mauro Conti (University of Padua)
  • Maximilian Noppel (Karlsruhe Institute of Technology)
  • Melody Wolk (Apple)
  • Milenko Drinic (Microsoft Corporation)
  • Muhammad Zaid Hameed (IBM Research Europe, Ireland)
  • Ozan Özdenizci (Montanuniversität Leoben)
  • Pablo Moriano (Oak Ridge National Laboratory)
  • Patrick Dwyer (Apple, Inc)
  • Pavel Laskov (University of Liechtenstein)
  • Pooria Madani (Ontario Tech University)
  • Pratyusa K. Manadhata (Meta)
  • Quan Le (CeADAR, University College Dublin)
  • SHRIKANT TANGADE (University of Padova, Italy & CHRIST University, India)
  • Sahar Abdelnabi (Microsoft)
  • Sam Bretheim (Craigslist)
  • Sanghyun Hong (Oregon State University)
  • Savino Dambra (Norton Research Group)
  • Scott Coull (Google)
  • Shae McFadden (King's College London & The Alan Turing Institute)
  • Shujiang Wu (F5. Inc)
  • Silvia Lucia Sanna (University of Cagliari)
  • Simon Oya (The University of British Columbia (UBC))
  • Simos Gerasimou (University of York. UK)
  • Sivanarayana Gaddam (Cohesity Inc)
  • Sizhe Chen (UC Berkeley)
  • Theo Chow (King's College London)
  • Thorsten Eisenhofer (TU Berlin)
  • Tianhao Wang (University of Virginia)
  • Tobias Lorenz (CISPA Helmholtz Center for Information Security)
  • Vera Rimmer (KU Leuven)
  • Vikash Sehwag (Sony AI)
  • Vinod P. (University of Padua, Italy)
  • Wenjun Zhu (Zhejiang University)
  • Wenxin Ding (University of Chicago)
  • Xiaofei Xie (Singapore Management University)
  • Xiaoyu Ji (Zhejiang University)
  • Xin Fan Guo (King's College London)
  • Xinyue Shen (CISPA Helmholtz Center for Information Security)
  • Xinyun Chen (Google DeepMind)
  • Yang Zhang (CISPA Helmholtz Center for Information Security)
  • Yash Vekaria (University of California, Davis)
  • Yue Zhao (Institute of Information Engineering, Chinese Academy of Sciences)
  • Yufei Han (INRIA)
  • Zeliang Kan (King's College London)
  • Zied Ben Houidi (Huawei Technologies Co. Ltd.)
  • Ziqi Yang (Zhejiang University)

Thanks for those who contacted us to help with the reviews!