DeepSec 2014 Call for Papers

We are happy to invite you to the seventh DeepSec In-Depth Security Conference taking place from November 18th to 21th at the Imperial Riding School Renaissance Hotel in Vienna. DeepSec 2014 is all about secrets, failures and visions!

Pre-registration for conference guests and the call for papers website will be open from May 1st 2014 on

The In-Depth security conference will include two days of security talks during the conference and two days of trainings, covering the latest topics in network and IT security. There will be also a comprehensive social program around the event.

We're inviting you to submit proposals for trainings and conference talks. All proposals received before July 31th 2014, 23:59 CEST will be considered by the program committee.

So submit your talks and trainings now and don't miss the best conference of the year! :-)

All proposals received before July 31th 2014, 23:59 CEST will be considered by the Program Committee.

About DeepSec

DeepSec 2014 is coming up! This year we have a strong focus on mobile users/gadgets, mobile communication networks, securing infrastructure (clouds, virtualisation, IPv6, ...), security management and IT governance, security intelligence and all things that go boom under pressure. Make sure you follow the news on our blog.

Bringing together the world's most renowned security professionals from academics, government, industry, and the underground hacking community.

The DeepSec IDSC is an annual European two-day in-depth conference on computer, network, and application security. DeepSec IDSC 2014 will be held from November 18th to 21th 2014 at the Imperial Riding School Vienna, and aims to bring together the leading security experts from all over the world in Europe.

Press conference on 20 November 2014 at 10 a.m. (1000): There will be a press conference right after the keynote. See the schedule for details.

DeepSec IDSC is a non-product, non-vendor-biased conference event. Our aim is to present the best research and experience from the fields' leading experts.

Intended target audience: Security Officers, Security Professionals and Product Vendors, IT Decision Makers, Policy Makers, Security-/Network-/Firewall-Admins, Hackers and Software Developers.

In the past this conference has been attended by: Ericsson, Commerzbank, Philips, RBT, GRZ IT, IERN Sierra Leone, SAP AG, Improware, Telekom Austria, Microsoft, BAWAG P.S.K., T-Systems, Iphos, Sektion Eins, T-Mobile, Red Hat, SWITCH, Austrian National Bank, Daimler AG, Sentrigo, University of Vienna, SEC Consult, Tech Data, S21Sec, DHL, Bearing Point, Cygnos, wecon, YCO, Rolex SA, IronPort Systems, Microsoft, Cisco Systems, Oracle Corporation, Northrop Grumman, Sourcefire, and many others.


Until July 31th 2014, 23:59 CEST, we'll be accepting papers and lightning talk submissions.
Please note we are non-product, non-vendor biased security conference, and do not accept vendor pitches.

Speaker privileges include
  • Travel reimbursement up to a limit of EUR 800.
  • 3 nights of accomodation in the Conference Hotel (single ex-or double room).
  • Breakfast, Lunch, and two coffee breaks
  • Speaker activities during, before, and after the conference.
  • Speaker's Dinner
  • Speaker After-Party in the Metalab Hackerspace on 30th November.
Trainer privileges include
  • 50% of the net profit of the class.
  • Breakfast, Lunch, and two coffee breaks.
  • Free Speaker Ticket for the Conference.
  • Speaker activities during, before, and after the conference.
  • Speaker's Dinner
  • Speaker After-Party in the Metalab Hackerspace on the 30th November

Talks & Workshops

We are interested in bleeding edge security research directly from leading researchers, professionals, academics, industry, government and the underground security community. DeepSec 2014 is all about secrets, failures and visions.

The DeepSec 2014 focuses heavily on mobile security. Any gadget that you carry with you or that is used by roadwarriors comes under scrutiny. This includes networked resources intended for the mobile audience and modern nomads as well. On top of that we like to hear about the security of our infrastructure, next generation or otherwise, - IPv6, cloud computing and services, virtualiation technologies, in short everything that should keep us online and connected for the next decades. We want to get a glimpse into the future based on the problems of today.
We're also interested in the Big Picture, namely security management, IT governance and security intelligence. If you have ideas how to steer your IT, face unknown threats, deal with damage control, to get and evaluate threat information, then whip up a paper and some slides. We'd like to hear about it.

Please do not submit specific single exploits (which might be fixed by the time of the conference) and "yet-another-XYZ-hack", script kiddy content or similar "breakthroughs". If it's already written in RFC, stone or best practice manuals, we're not interested. Save your effort for the Nobel prize. Exploit frameworks, general approaches, "defective by design" or "defective by implementation" and high impact exploits have a much higher chance to get accepted. ;-)

Topics of special interest include
  • Operating System Security (7, 8, XP, Vista, GNU/Linux, OS X, iOS, Android, Plan 9, *BSD, ...)
  • E/I-Voting Case-Studies, Attacks, Weaknesses
  • Mobile and PAN Security
  • Mobile Apps
  • Network Protocol Analysis
  • AJAX/Web2.0/JavaScript Security
  • Secure Software Development
  • VoIP
  • Perimeter Defense / Firewall Technology
  • Digital Forensics
  • WLAN/WiFi, GPRS, IPv6 and 3G Security
  • IPv6
  • Wireless Technologies
  • Virtualisation
  • Mobile Operating System Security
  • Social Engineering
  • Smart Card Security
  • Cryptography
  • Intrusion Detection
  • Incident Response
  • Rootkit Detection, Techniques, and Defense
  • Security Properties of Web-Frameworks
  • Malicious Code Analysis
  • Secure Framework Design
  • .NET and Java Security
  • Security Management
  • Upgrade Management
  • Cyber® Cyber™ Cyber© Warfare


DeepSec will sponsor young security researchers by providing an opportunity to attend the conference for free. In order to take advantage of this offer your have to submit a description of your own security research project. Your work will be an exhibit during the breaks. You have to present your project in the loung area. Optionally you can do a lightning talk about your work (roughly 5 minutes).

The offer is intended for everyone with a maximum age of 21 (or slightly more, depending on your social engineering skills).


Proposals for talks and trainings at the second annual DeepSec In-Depth Security Conference will be accepted until July 31th 2014, 23:59 CEST.

All proposals should be submitted over the web at (active after May 1st).
If you have questions, want to send us additional material, or have problems with the web form,
feel free to contact us at