Five tips for submitting to Calls for Papers

Posted by   Martijn Grooten on   Aug 9, 2017

Two weeks ago, we opened the call for last-minute papers for VB2017. Like most CPFs, the number of submissions will far exceed the number of available slots. There is no golden rule for getting your submission accepted at our or any other conference, but here are five things that could help improve your chances.

speakers.jpg

All research is treated equally, but some research is more equal than others

Let's face it: if your research into a botnet that uses Windows XP machines to mine Bitcoin is up against a submission about an APT group that uses three zero-days to bridge air-gaps, you'll have a harder time convincing a selection committee of the value of your work.

Now, we can (and probably should) have a discussion about whether our focus as a community is the right one, but if your research lacks a 'coolness' factor you will have to try a little bit harder. So do explain why your research may be relevant for the bigger picture, or what makes it unique. We actually value good research into less 'cool' subjects, but be aware that you may have to work a bit harder to convince us.

If it sounds too good to be true, we will assume it is too good be true

Your presentation time will be limited (30 minutes, in the case of the VB conference), and this naturally limits how much you'll be able to put into your presentation. Keep this in mind when writing the abstract: if you want to cover a lot, make it clear you'll only be touching the surface, or that you'll go into in more detail on just one or two things.

Obfuscation is a useful tool, but not in your abstract!

Every year, there are a number of abstracts that solicit a simple comment from selection committee members: 'Huh?!?'.

The members of the selection committee will have to wade through dozens of abstracts. They don't have the time to do background research or to read your submission three times to understand what you really mean. Make sure your abstract is clearly written and can be understood by anyone with some years of security experience.

Don't have your marketing department write your abstract

We get it: your employer pays for the time you spend doing research, they pay for your travel expenses, and they miss you from the office for several days when you attend a conference. Of course they will want to see the exposure you get reflect well on them. That's fine: we, like most conferences, are happy for employers to do some marketing around your talk; we also are more than happy for you to use your logo on your slides.

But like most security conferences, the Virus Bulletin conference is not a marketing event. Unless it is particularly relevant to the talk (for example, Apple research into OS X malware), mentioning your company name in the abstract is likely to reduce your chances of being selected, so in case of doubt, don't do it.

It is okay not to be chosen

Finally, most CFPs are several times oversubscribed. Based on past experience, there is about a 20% chance of your VB2017 last-minute submission being accepted. Please don't hesitate to ask for feedback on why your abstract wasn't selected, but do keep in mind that there isn't always a clear reason, other than the fact that the number of available slots was limited.

Luckily there are many security conferences. Keep working on your research, keep writing about it on blogs and social media, and keep submitting to CFPs. Your time will come!

 

VB2017-325w.jpg

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VB2021 localhost videos available on YouTube

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

VB2021 localhost is over, but the content is still available to view!

VB2021 localhost - VB's second virtual conference - took place last week, but you can still watch all the presentations.

VB2021 localhost call for last-minute papers

The call for last-minute papers for VB2021 localhost is now open. Submit before 20 August to have your paper considered for one of the slots reserved for 'hot' research!

New article: Run your malicious VBA macros anywhere!

Kurt Natvig explains how he recompiled malicious VBA macro code to valid harmless Python 3.x code.

New article: Dissecting the design and vulnerabilities in AZORult C&C panels

In a new article, Aditya K Sood looks at the command-and-control (C&C) design of the AZORult malware, discussing his team's findings related to the C&C design and some security issues they identified.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.