Five tips for submitting to Calls for Papers

Posted by   Martijn Grooten on   Aug 9, 2017

Two weeks ago, we opened the call for last-minute papers for VB2017. Like most CPFs, the number of submissions will far exceed the number of available slots. There is no golden rule for getting your submission accepted at our or any other conference, but here are five things that could help improve your chances.

speakers.jpg

All research is treated equally, but some research is more equal than others

Let's face it: if your research into a botnet that uses Windows XP machines to mine Bitcoin is up against a submission about an APT group that uses three zero-days to bridge air-gaps, you'll have a harder time convincing a selection committee of the value of your work.

Now, we can (and probably should) have a discussion about whether our focus as a community is the right one, but if your research lacks a 'coolness' factor you will have to try a little bit harder. So do explain why your research may be relevant for the bigger picture, or what makes it unique. We actually value good research into less 'cool' subjects, but be aware that you may have to work a bit harder to convince us.

If it sounds too good to be true, we will assume it is too good be true

Your presentation time will be limited (30 minutes, in the case of the VB conference), and this naturally limits how much you'll be able to put into your presentation. Keep this in mind when writing the abstract: if you want to cover a lot, make it clear you'll only be touching the surface, or that you'll go into in more detail on just one or two things.

Obfuscation is a useful tool, but not in your abstract!

Every year, there are a number of abstracts that solicit a simple comment from selection committee members: 'Huh?!?'.

The members of the selection committee will have to wade through dozens of abstracts. They don't have the time to do background research or to read your submission three times to understand what you really mean. Make sure your abstract is clearly written and can be understood by anyone with some years of security experience.

Don't have your marketing department write your abstract

We get it: your employer pays for the time you spend doing research, they pay for your travel expenses, and they miss you from the office for several days when you attend a conference. Of course they will want to see the exposure you get reflect well on them. That's fine: we, like most conferences, are happy for employers to do some marketing around your talk; we also are more than happy for you to use your logo on your slides.

But like most security conferences, the Virus Bulletin conference is not a marketing event. Unless it is particularly relevant to the talk (for example, Apple research into OS X malware), mentioning your company name in the abstract is likely to reduce your chances of being selected, so in case of doubt, don't do it.

It is okay not to be chosen

Finally, most CFPs are several times oversubscribed. Based on past experience, there is about a 20% chance of your VB2017 last-minute submission being accepted. Please don't hesitate to ask for feedback on why your abstract wasn't selected, but do keep in mind that there isn't always a clear reason, other than the fact that the number of available slots was limited.

Luckily there are many security conferences. Keep working on your research, keep writing about it on blogs and social media, and keep submitting to CFPs. Your time will come!

 

VB2017-325w.jpg

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VB2019 paper: APT cases exploiting vulnerabilities in region-specific software

At VB2019, JPCERT/CC's Shusei Tomonaga and Tomoaki Tani presented a paper on attacks that exploit vulnerabilities in software used only in Japan, using malware that is unique to Japan. Today we publish both their paper and the recording of their…

New paper: Detection of vulnerabilities in web applications by validating parameter integrity and data flow graphs

In a follow-up to a paper presented at VB2019, Prismo Systems researchers Abhishek Singh and Ramesh Mani detail algorithms that can be used to detect SQL injection in stored procedures, persistent cross-site scripting (XSS), and server‑side request…

VB2020 programme announced

VB is pleased to reveal the details of an interesting and diverse programme for VB2020, the 30th Virus Bulletin International Conference.

VB2019 paper: Cyber espionage in the Middle East: unravelling OSX.WindTail

At VB2019 in London, Jamf's Patrick Wardle analysed the WindTail macOS malware used by the WindShift APT group, active in the Middle East. Today we publish both Patrick's paper and the recording of his presentation.

VB2019 paper: 2,000 reactions to a malware attack – accidental study

At VB2019 cybercrime journalist and researcher Adam Haertlé presented an analysis of almost 2000 unsolicited responses sent by victims of a malicious email campaign. Today we publish both his paper and the recording of his presentation.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.