Italian Trulli

ACM CCS 2024

October 14-18, 2024 Salt Lake City, U.S.A.

Call for papers

(Please help nominate PC members)

The 31th ACM Conference on Computer and Communications Security (CCS) seeks submissions presenting novel contributions related to all real-world aspects of computer security and privacy. Theoretical papers must make a convincing case for the relevance of their results to practice. Authors are encouraged to write the abstract and introduction of their paper in a way that makes the results accessible and compelling to a general computer-security researcher. In particular, authors should bear in mind that anyone on the program committee may be asked to review any paper.

CCS has two review cycles in 2024. For each submission, one of the following decisions will be made:

  • Accept: Papers in this category will be accepted for publication in the proceedings and presentation at the conference, possibly after making minor changes with the oversight of a shepherd.
  • Minor revision: Papers in this category are considered to be promising but need some minor additional work (e.g., minor experiments, proofs to minor lemmas). Authors will be given the opportunity to resubmit such papers, with appropriate revisions, in which case they should clearly explain in a separate note how the revisions address the comments of the reviewers. The revised paper will then be re-evaluated, and either accepted or rejected.
  • Reject: Papers in this category are declined for inclusion in the conference. Papers rejected from the first review cycle may not be submitted again (even in revised form) to the second review cycle.

Authors of each accepted paper must ensure that at least one author registers for the conference, and that their paper is presented in-person at the conference if at all possible.

Paper Submission Information

All submissions must be received by 11:59 PM AoE (UTC-12) on the day of the corresponding deadline. Submitted papers must not substantially overlap with papers that have been published or accepted for publication, or that are simultaneously in submission to a journal, conference, or workshop with published proceedings. All submissions should be properly anonymized; papers not properly anonymized may be rejected without review.

All submitted papers will be evaluated based on their merits, particularly their importance to practical aspects of computer and communications security and privacy, novelty, quality of execution, and presentation. For papers that might raise ethical concerns, authors are expected to convince reviewers that proper procedures (such as IRB approval or responsible disclosure) have been followed, and due diligence has been made to minimize potential harm.

Submitted papers may be rejected for being out of scope, at the discretion of the PC chairs. Authors who have questions about whether their paper is in scope are encouraged to ask the PC chairs in advance. No modifications to the author list on a paper may be made after submission.

Paper Format

Submissions must be a PDF file in double-column ACM format, no more than 12 pages long, excluding the bibliography, well-marked appendices, and supplementary material. Note that reviewers are not required to read the appendices or any supplementary material. Authors should not change the font or the margins of the ACM format. Submissions not following the required format may be rejected without review.

Providing Artifacts at Submission Time

Submissions whose claimed contributions rely on artifacts (e.g., code, models, data sets) are expected to make these accessible to the reviewers, unless there are good reasons not to, in which case these reasons must be mentioned in the submission. Submissions whose claimed contributions do not rely on artifacts do not need to submit artifacts. An anonymous link to a resource on the web is acceptable, provided the contents in the resource are also anonymized.

Optional Artifact Evaluation

A published scientific paper consists of a constellation of artifacts that extend beyond the document itself: software, hardware, evaluation data and documentation, raw survey results, mechanized proofs, models, test suites, benchmarks, and so on. To emphasize the importance of such artifacts, the benefits to the authors and the community as a whole, and promote the reproducibility of experimental results, ACM CCS will, for the second time, introduce an optional artifact evaluation (AE) process, inspired by similar efforts at several other conferences. All authors of accepted papers (including shepherd approved and minor revisions) are encouraged to submit artifacts for AE. Each artifact submitted will be reviewed by the Artifact Evaluation Committee (AEC); a special call for artifacts will follow.

Conference Tracks

Like last year, the ACM CCS Conference features a multi-track format. Each track operates as a separate mini-conference, with its own Track Chairs and Track Program Committee. The overall process is managed by the Program Chairs (David Lie and Engin Kirda). At the time of submission, authors must select one track, which should be the most relevant to the topic of the paper. We understand that some papers might span multiple topics. In specific cases, PC members might be asked to provide reviews for papers outside their track, in an effort to provide the best possible reviews to the authors. The chairs may decide to move a paper to another track.

This is the list of tracks and their Track Chairs:

Program Co-Chairs (

  • David Lie (University of Toronto)
  • Engin Kirda (Northeastern University)

Track Chairs

  • Software Security (
    • Yuan Tian (UCLA)
  • Web Security (
    • Jason Polakis (University of Illinois, Chicago)
  • Network Security (
    • Aanjhan Ranganathan (Northeastern University)
  • Formal Methods and Programming Languages (
    • Catalin Hritcu (MPI-SP)
  • Hardware, Side Channels, and Cyber Physical Systems (
    • Yinqian Zhang (Southern University of Science and Technology)
  • Applied Cryptography (
    • Melek Onen (Institut Eurecom)
    • Katerina Mitrokotsa (University of St. Gallen)
  • Machine Learning and Security (
    • Reza Shokri (National University of Singapore)
    • Murat Kantarcioglu (UT Dallas)
  • Security Usability and Measurement (
    • Blase Ur (University of Chicago)
    • Gianluca Stringhini (Boston University)
  • Blockchain and Distributed Systems (
    • Stefanie Roos (University of Kaiserslautern-Landau)
  • Privacy and Anonymity (
    • Wouter Lueks (CISPA)

Conflicts of Interest

The conference requires cooperation from both authors and program-committee members to ensure a fair review process. For this purpose, authors must report all program-committee members who, in their opinion, have a conflict of interest and therefore may not be able to provide an unbiased review. Mandatory declared conflicts of interest include current or former doctoral advisor/advisee, members of the same institution, close family members, and recent co-authors (within the past 2 years). For any other declared conflict, authors are required to explain the nature of the conflict, which will be reviewed by the Program Chairs and the Track Chairs. The chairs reserve the right to request further explanation and can remove non-mandatory conflicts at their discretion.

Track Chairs are allowed to submit papers, and those papers will be handled by the Program Chairs. They are only allowed to submit two papers in their own track, and any number in other tracks.

Program-committee members who have a genuine conflict of interest with a paper, including the Program Chairs and the Track Chairs, will be excluded from evaluation and discussion of that paper. When a Track Program Chair has a conflict, the paper will be handled by the Program Chairs. When a Program Chair is conflicted, the other Co-Chair will be responsible for managing that paper. When both Program Chairs are in conflict, a committee member will be appointed to handle the paper. Program Chairs are not allowed to be authors or co-authors of any submissions.

Policy for Peer-Review Integrity

All SIGSAC sponsored conferences and workshops are required to follow ACM policies against harassment activities ( and ACM Code of Ethics and Professional Conduct ( Also all authors, PC members and non-PC reviewers are required to follow ACM Publications Policies ( Particularly, we require all reviewers to uphold the integrity of the peer review process and avoid conflict of interest of any form (e.g., reviewer collusion ring). Those who violate these policies will be penalized according to ACM policies ( If you would like to report a violation, please contact program chairs of your conferences/workshops or SIGSAC officers. We are committed to protecting the confidentiality of your communication.

Important Dates

First Review Cycle

  • Paper submission deadline:                  Jan 28, 2024
  • Notification of early-rejection papers:    Feb 27, 2024
  • Author rebuttal period:                         Mar 18-22, 2024
  • Rebuttal deadline:                                 Mar 22, 2024
  • Author notification:                               Apr 3, 2024

Second Review Cycle

  • Paper submission deadline:                       April 29th, 2024
  • Notification of early-rejection papers:       May 29, 2024
  • Author rebuttal period:                                 June 18-21, 2024
  • Rebuttal deadline:                                         June 21, 2024
  • Author notification:                                       July 4, 2024

Submission Site

Submissions for the first review cycle go to .

Submissions for the second review cycle go to .

Please Note: The official publication date is the first day of the conference. The official publication date affects the deadline for any patent filings related to published work.

Diversity and Inclusion

ACM CCS is committed to promoting diversity and inclusion in our community. If you have suggestions, concerns, or complaints related to biases or sexual harassment, we encourage you to reach out to the Program Chairs. We are committed to protecting the anonymity of such reports and helping to address your concerns. We value your feedback and ideas to help us all build a healthier and more welcoming community.

We encourage the authors to be mindful of not using language or examples that further the marginalization, stereotyping, or erasure of any group of people, especially historically marginalized and/or under-represented groups (URGs) in computing. Of course, exclusionary treatment can arise unintentionally. Be vigilant and actively guard against such issues in your writing. Reviewers will also be empowered to monitor and demand changes if such issues arise in your submissions. Please check the link for more information.


By submitting your article to an ACM Publication, you are hereby acknowledging that you and your co-authors are subject to all ACM Publications Policies, including ACM’s new Publications Policy on Research Involving Human Participants and Subjects. Alleged violations of this policy or any ACM Publications Policy will be investigated by ACM and may result in a full retraction of your paper, in addition to other potential penalties, as per ACM Publications Policy.

Please ensure that you and your co-authors obtain an ORCID ID, so you can complete the publishing process for your accepted paper. ACM has been involved in ORCID from the start and we have recently made a commitment to collect ORCID IDs from all of our published authors. The collection process has started and will roll out as a requirement throughout 2022. We are committed to improve author discoverability, ensure proper attribution and contribute to ongoing community efforts around name normalization; your ORCID ID will help in these efforts.