DeepSec 2016 Call for Papers

We are looking for interesting content, challenging ideas, information uncovering the truth about the state of security (or insecurity), and trainings. Submit your proposal for the DeepSec programme committee.

The talk slots are 45 minutes + 5 minutes of Q&A. That's plenty of time to break software and hardware alike. Use it to your advantage.
The DeepSec conference will include two days of talks and two days of trainings. You have ample time for the workshops. Two days is a lot. We help you prepare infrastructure in case you need local network, isolated Internet access, or additional hardware.

We're inviting you to submit proposals for trainings and conference talks. All proposals received before July 31th 2016, 23:59 CEST will be considered by the programme committee. Any material submitted at a later date will be considered to fill slots left.

So submit your talks and trainings now and don't miss the best conference of the year! :-)

About DeepSec

Bringing together the world's most renowned security professionals from academics, government, industry, and the underground hacking community.

The DeepSec IDSC is an annual European two-day in-depth conference on computer, network, and application security. DeepSec IDSC 2016 will be held from November 8th to 11th 2016 at the Imperial Riding School Vienna, and aims to bring together the leading security experts from all over the world in Europe.

DeepSec IDSC is a non-product, non-vendor-biased conference event. Our aim is to present the best research and experience from the fields' leading experts.

Intended target audience: Security Officers, Security Professionals and Product Vendors, IT Decision Makers, Policy Makers, Security-/Network-/Firewall-Admins, Hackers and Software Developers.

In the past this conference has been attended by: Ericsson, Commerzbank, Philips, RBT, GRZ IT, IERN Sierra Leone, SAP AG, Improware, Telekom Austria, Microsoft, BAWAG P.S.K., T-Systems, Iphos, Sektion Eins, T-Mobile, Red Hat, SWITCH, Austrian National Bank, Daimler AG, Sentrigo, University of Vienna, SEC Consult, Tech Data, S21Sec, DHL, Bearing Point, Cygnos, wecon, YCO, Rolex SA, IronPort Systems, Microsoft, Cisco Systems, Oracle Corporation, Northrop Grumman, Sourcefire, and many others.


Until July 31th 2016, 23:59 CEST, we'll be accepting papers and lightning talk submissions.
Please note we are non-product, non-vendor biased security conference, and do not accept vendor pitches.

Speaker privileges include
  • Travel reimbursement up to a limit of EUR 800.
  • 3 nights of accomodation in the Conference Hotel (single ex-or double room).
  • Breakfast, Lunch, and two coffee breaks
  • Speaker activities during, before, and after the conference.
  • Speaker's Dinner
  • Speaker After-Party in the Metalab Hackerspace on 30th November.
Trainer privileges include
  • 50% of the net profit of the class.
  • Breakfast, Lunch, and two coffee breaks.
  • Free Speaker Ticket for the Conference.
  • Speaker activities during, before, and after the conference.
  • Speaker's Dinner
  • Speaker After-Party in the Metalab Hackerspace on the 20th November

Talks & Workshops

We are interested in bleeding edge security research directly from leading researchers, professionals, academics, industry, government and the underground security community.

The DeepSec 2016 focuses heavily on mobile security. Any gadget that you carry with you or that is used by roadwarriors comes under scrutiny. This includes networked resources intended for the mobile audience and modern nomads as well. On top of that we like to hear about the security of our infrastructure, next generation or otherwise, - IPv6, cloud computing and services, virtualiation technologies, in short everything that should keep us online and connected for the next decades. We want to get a glimpse into the future based on the problems of today.
We're also interested in the Big Picture, namely security management, IT governance and security intelligence. If you have ideas how to steer your IT, face unknown threats, deal with damage control, to get and evaluate threat information, then whip up a paper and some slides. We'd like to hear about it.

Please do not submit specific single exploits (which might be fixed by the time of the conference) and "yet-another-XYZ-hack", script kiddy content or similar "breakthroughs". If it's already written in RFC, stone or best practice manuals, we're not interested. Save your effort for the Nobel prize. Exploit frameworks, general approaches, "defective by design" or "defective by implementation" and high impact exploits have a much higher chance to get accepted. ;-)

Topics of special interest include
  • Operating System Security (7, 8, XP, Vista, GNU/Linux, OS X, iOS, Android, Plan 9, *BSD, ...)
  • E/I-Voting Case-Studies, Attacks, Weaknesses
  • Mobile and PAN Security
  • Mobile Apps
  • Network Protocol Analysis
  • AJAX/Web2.0/JavaScript Security
  • Secure Software Development
  • Internet of Things (IoT)
  • Industry 4.0
  • VoIP
  • Perimeter Defense / Firewall Technology
  • Digital Forensics
  • WLAN/WiFi, GPRS, IPv6 and 3G Security
  • IPv6
  • Wireless Technologies
  • Virtualisation
  • Mobile Operating System Security
  • Social Engineering
  • Smart Card Security
  • Cryptography
  • Intrusion Detection
  • Incident Response
  • Rootkit Detection, Techniques, and Defense
  • Security Properties of Web-Frameworks
  • Malicious Code Analysis
  • Secure Framework Design
  • .NET and Java Security
  • Security Management
  • Upgrade Management
  • Cyber® Cyber™ Cyber© Warfare


DeepSec will sponsor young security researchers by providing an opportunity to attend the conference for free. In order to take advantage of this offer your have to submit a description of your own security research project. Your work will be an exhibit during the breaks. You have to present your project in the loung area. Optionally you can do a lightning talk about your work (roughly 5 minutes).

The offer is intended for everyone with a maximum age of 21 (or slightly more, depending on your social engineering skills).


Proposals for talks and trainings at the second annual DeepSec In-Depth Security Conference will be accepted until July 31th 2016, 23:59 CEST.

All proposals should be submitted over the web at (active after May 1st).
If you have questions, want to send us additional material, or have problems with the web form,
feel free to contact us at