DeepSec 2009 "Triple Sec" Call for Papers

We are happy to invite you to the third DeepSec In-Depth Security Conference from November 17th to 20th at the Imperial Riding School Renaissance Hotel in Vienna.

Pre-registration for conference guests and the call for papers website will be open from April 1st 2009 on

The In-Depth security conference will include two days of security talks during the conference and two days of trainings, covering the latest topics in network and IT security. There will be also a comprehensive social program around the event.

We're inviting you to submit proposals for trainings and conference talks. All proposals received before July 15th 2009, 23:59 CEST will be considered by the program committee.

So submit your talks and trainings now and don't miss the best conference of the year! :)

All proposals received before July 15th 2009, 23:59 CEST will be considered by the Program Committee.

About DeepSec

Thanks for attending DeepSec 2009! We hope you enjoyed your stay and ask you to give us feedback by emailing your comments and suggestions to: deepsec @

Bringing together the world's most renowned security professionals from academics, government, industry, and the underground hacking community.

The DeepSec IDSC is an annual European two-day in-depth conference on computer, network, and application security. DeepSec IDSC 2009 will be held from November 17nd to 20th 2009 at the Imperial Riding School Vienna, and aims to bring together the leading security experts from all over the world in Europe.

DeepSec IDSC is a non-product, non-vendor-biased conference event. Our aim is to present the best research and experience from the fields' leading experts.

Intended target audience: Security Officers, Security Professionals and Product Vendors, IT Decision Makers, Policy Makers, Security-/Network-/Firewall-Admins, Hackers and Software Developers.

In the past this conference has been attended by: Ericsson, Commerzbank, Philips, RBT, GRZ IT, IERN Sierra Leone, SAP AG, Improware, Telekom Austria, Microsoft, BAWAG P.S.K., T-Systems, Iphos, Sektion Eins, T-Mobile, Red Hat, SWITCH, Austrian National Bank, Daimler AG, Sentrigo, University of Vienna, SEC Consult, Tech Data, S21Sec, DHL, Bearing Point, Cygnos, wecon, YCO, Rolex SA, IronPort Systems, Microsoft, Cisco Systems, Oracle Corporation, and many others.


Until July 15th 2009, 23:59 CEST, we'll be accepting papers and lightning talk submissions.
Please note we are non-product, non-vendor biased security conference, and do not accept vendor pitches.

Speaker privileges include
  • One economy class return-ticket to Vienna.
  • 3 nights of accomodation in the Conference Hotel.
  • Breakfast, Lunch, and two coffee breaks
  • Speaker activities during, before, and after the conference.
  • Speaker After-Party in the Metalab Hackerspace on November, 20th.
Trainer privileges include
  • 50% of the net profit of the class.
  • 2 nights of accomodation in the Conference Hotel during the trainings.
  • Breakfast, Lunch, and two coffee breaks.
  • Free Speaker Ticket for the Conference.
  • Speaker activities during, before, and after the conference.
  • Speaker After-Party in the Metalab Hackerspace on the 20th November


We are interested in bleeding edge security research directly from leading researchers, professionals, academics, industry, government and the underground security community.

The focus of DeepSec will be on subtle dangers, stealthy exploits and things you don't see. If you got something to talk about that doesn't look like a security problem at the first glance, tell us about it. We'd like to hear about underestimated security issues that may be turned into major headaches for computer systems, networks and users alike. Send us stories about single bits that can change our destiny. Failing that we welcome less sneaky approaches, too.

Please do not submit specific single exploits (which might be fixed by the time of the conference) and "yet-another-XYZ-hack", script kiddy content or similar "breakthroughs". Exploit frameworks, general approaches, "defective by design" resp. "defective by implementation" and high impact exploits have a much higher chance to get accepted. ;)

Topics of special interest include
  • Operating System Security (7, XP, Vista, GNU/Linux, OS X, Plan 9, *BSD, ...)
  • E/I-Voting Case-Studies, Attacks, Weaknesses
  • Mobile and PAN Security
  • Network Protocol Analysis
  • AJAX/Web2.0/JavaScript Security
  • Secure Software Development
  • VoIP
  • Perimeter Defense / Firewall Technology
  • Digital Forensics
  • WLAN/WiFi, GPRS, IPv6 and 3G Security
  • IPv6
  • Wireless Technologies
  • Virtualisation
  • Social Engineering
  • Smart Card Security
  • Cryptography
  • Intrusion Detection
  • Incident Response
  • Rootkit Detection, Techniques, and Defense
  • Security Properties of Web-Frameworks
  • Malicious Code Analysis
  • Secure Framework Design
  • .NET and Java Security
  • Security Management


Proposals for talks and trainings at the second annual DeepSec In-Depth Security Conference will be accepted until July 15th 2009, 23:59 CEST.

All proposals should be submitted over the web at (active after April 15th).
If you have questions, want to send us additional material, or have problems with the web form,
feel free to contact us at