omputer security exposes the differences between the actual mechanisms of everyday trusted technologies and their models used by developers, architects, academic researchers, owners, operators, and end users. While being inherently focused on practice, security also poses questions such as "what kind of computations are and aren't trusted systems capable of?" which harken back to fundamentals of computability. State-of-the-art offense explores these questions pragmatically, gathering material for generalizations that lead to better models and more trustworthy systems.
WOOT provides a forum for high-quality, peer-reviewed work discussing tools and techniques for attack. Submissions should reflect the state of the art in offensive computer security technology, exposing poorly understood mechanisms, presenting novel attacks, or surveying the state of offensive operations at scale. WOOT '18 accepts papers in both an academic security context and more applied work that informs the field about the state of security practice in offensive techniques. The goal for these submissions is to produce published works that will guide future work in the field. Submissions will be peer reviewed and shepherded as appropriate.
Submission topics include but are not limited to:
Application security and vulnerability research
Attacks against privacy
Attacks on virtualization and the cloud
Browser and general client-side security (runtimes, JITs, sandboxing)
Internet of Things
Malware design, implementation and analysis
Network and distributed systems attacks
Offensive applications of formal methods (solvers, symbolic execution)
Offensive aspects of mobile security
Offensive technologies using (or against) machine learning
Operating systems security
Practical attacks on deployed cryptographic systems (cryptanalysis, side channels)