HITCON Community 2023 - Call For Paper！（延長至 6/19）

HITCON Community 2023 - Call For Paper 延長至 6/19

本次大會主軸「Adversary and Harmony, the Evolution of AI in Security」受到海內外許多朋友熱烈詢問是否可增加投稿時間，大解封之後，感謝海內外許多朋友回歸並熱情投稿！經大會討論，決定將徵稿日期延長至 6 月 19 日，敬請把握最後投稿機會！
徵稿詳情請見官方部落格 👉https://blog.hitcon.org/2023/04/CallForPaper.html
通往 HITCON Community 2023 Call For Paper 👉https://cfp2023.hitcon.org/zh/

HITCON Community 2023 - Call For Paper the deadline will be postponed to 6/19

There are too many friends around the world interested in the slogan of HITCON Community 2023 ‘Adversary and Harmony, the Evolution of AI in Security’. People keep asking could we postpone the deadline of call for paper. After discussing with the committees, we decided to postpone the deadline of Call for Paper until 6/19.
　
Detail information 👉https://blog.hitcon.org/2023/04/CallForPaper.html
Call for paper system 👉https://cfp2023.hitcon.org/en/

0. 關於 HITCON CMT Conference

在純技術的領域裡面沒有黑與白，我們認為駭客是代表著高超的技術、挑戰的精神，有別於一般商業性質濃厚之研討會，台灣駭客年會提供一個舞台，讓駭客們有機會與大家分享最新與最深入的資安技術，面對面交換經驗、自由的對談。大會對於會議議程的內容相當謹慎，我們希望確保在駭客年會上發表的內容，是不帶商業色彩的安全研究、最新的趨勢探討或者是夠水準的駭客技術，也希望每一場演講都是參與者最想關注的議題。

HITCON 是一個每年在台灣舉辦的技術導向資安研討會，致力為資安社群帶來最新與最深入技術與實踐。歷年來，我們邀請來自全球各地的講者、會眾以及台灣主要資安社群共襄盛舉。我們會涵蓋深入的駭客技術，提供一個與駭客專家們交流、學習並分享技術研究的舞台。 今年 HITCON 將會分成社群場與企業場，在社群場，我們將更將著重技術的本質、駭客攻防技術與思維，並聯繫國內外資安社群，培養駭客社群文化。

除了技術的分享，也可體驗到駭客文化，在駭客與駭客社群的交流下，常常有最新、最有趣和最敏感的議題。我們歡迎所有對資訊安全有興趣的朋友一同參與這每年一度的盛會。

1. 今年 HITCON 主題

Adversary and Harmony, the Evolution of AI in Security

隨著世界對人工智慧（AI）的依賴越來越深，資訊安全的世界也正在快速演變。AI 的應用在資訊安全領域為攻擊和防禦創造了新的機會並加速攻與防之間的競賽。AI 與資安的關係同時可為互相對抗亦可為和平共生。攻擊者可以利用 AI 進行惡意攻擊，例如挖掘漏洞、進行滲透測試或是社交工程，但 AI 也可以同時可以應用於防禦方的日常任務，從入侵檢測、威脅狩獵甚至到惡意程式的逆向分析。在這持續演進的資訊安全時代中，如何與 AI 同時互相對抗抑或是與其和平共生，其相關應用都至關重要。

為了更全面地掌握這個議題，我們認為可以分為「利用 AI 進行攻擊」以及「攻擊 AI 系統」兩個概念去深入探討。在利用 AI 進行攻擊這層面，為了提高攻擊效果，可能會涉及使用機器學習和 AI 將攻擊過程自動化。例如生成假內容、挖掘新漏洞，甚至是自動化的進行滲透攻擊。另在一層面我們想要探討，駭客如何對基於機器學習與 AI 的系統進行攻擊。例如說，駭客可以使用對抗性攻擊，以控制使用者輸入或是訓練資料到 AI 系統中，導致不正確的預測或資訊洩漏。隨著 AI 的不斷進步，我們相信這兩個技術方向將成為在持續演進的資訊安全時代生存的重要關鍵。

2. 徵稿內容

我們歡迎任何資訊安全相關題材的稿件。本次投稿分為演講議程及教學議程（Hacking 101），除了過往以頂尖技術研究為主的演講議程外，今天新增了 Hacking 101 教學議程，這是一系列針對資安入門到初階課程，希望能透過多元方式（e.g：現場實作、影片教學、簡報演講、CTF）來帶領聽眾踏入資安研究領域之中，使其更了解往後自身發展的興趣方向。

您可自行決定您的稿件較適合那個方向，惟審稿委員可能會視您的稿件內容調整演講議程或教學議程。

演講議程： 

• 40 分鐘含問答時間
• 創新深入技術研究為主要標準
• 著重研究新穎性、技術深度與實用性三個方向評量
• 
  

教學議程（Hacking 101）：

• 120 分鐘含 10 - 20 分鐘休息時間
• 目標在於提供具教育性質的議程
• 著重教育性、實作性與仔細的教學細節，以提供初學者易於學習的材料

此外，由於每年 HITCON 均會收到大量品質優異的投稿，若您的投稿資訊量過少，例如說明內容過短或不具體、未附上投影片或佐證資料，審稿委員將很難把您的稿件與其他資訊完整的稿件放在一起比較，容易造成遺珠之憾。

因此，建議您盡量在投稿系統中提供詳細、具體的稿件說明，以利委員們進行審核作業。尤其教學議程（Hacking 101）的性質，更是強烈建議提早提供完整教材進行審查。由於本年度 HITCON 會議預計以實體方式舉行，對於國內外的講者，皆以現場發表其研究為優先選項。若有任何疑慮或困難，皆歡迎向我們反映。

本年度的審稿會在投稿期間開始、採先到先審，亦即您的稿件有可能在投稿結束前就被錄取，若是多數稿件品質優異，投稿亦有可能在預定的截止時間前提早結束，提醒有意提交議程稿件者盡早完成投稿。

本年度配合我們主題，我們徵稿範圍包含但不限於以下主題：

• Artificial Intelligence (AI) Hacking: Data Science for Security, Machine Learning (ML) & AI for Security, Hacking ML & AI, ML&AI Reasoning and Interpretation, Adversarial Machine Learning
• Exploit & Vulnerability: Red Team, Bug Bounty, Exploit Development, Fuzzer, Wormable Vulnerability, Web AppSec
• Security in the Cyberwar: Security issues related to Cyberwar
• Malware: Malware Analysis, Malware Development, ransomware, APT/Cybercrime, Ransomware, Reverse Engineering
• Blue Team: Digital Forensic, Incident Response
• Cloud Security: IAM in the cloud infra, Penetration & Vulnerability Discovery in Cloud Environment
• Privacy and Data Protection: Encryption, Key Management, Post Quantum Cryptography, Side Channel Attack
• BlockChain Security: Web3, Cryptocurrency, DeFi
• IoT Hacking & Security: IoT security, IoT Protection, IoT Hacking & Exploit, IIoT security, Hardware Reversing Engineering, Radio Hacking
• Cyber Physical Security (CPS): Cyber Physical Security (CPS), Society 5.0(Smart Society) 
• Car Hacking
• Communication Hacking: Telecommunications Hacking, Communications Satellite, 5G Security & Radio Hacking 
• Talent Education and Security Community: CTF, Cyber Range, Experience of Security Community, Legal and Social Aspect of Information Security

特別投稿

• 明日之星
• 由於 HITCON 研討會的稿件來源漸趨專業與收到的投稿量漸增，為鼓勵學生踴躍投稿，特別設立明日之星，希望能讓更多學生有更多發表研究的舞台，如果你是學生的話，記得在 CFP 系統勾選這個選項唷！
• Bounty House
• Bounty House 是一場大約 20 - 40 分鐘的神秘分享，在不公開分享者姓名且現場絕對禁止錄音錄影的情況下，讓分享者能在現場大談自己發現漏洞的精彩過程、討論資安界的奇聞異事和資安職場甘苦談。

3. 投稿方式

請至 HITCON 投稿系統 註冊，並且在截止時間前透過該系統完成投稿。如有任何疑問，歡迎來信至 reviewboard@hitcon.org 詢問。

4. 重要日程

徵稿開始：2023 年 04 月 07 日

徵稿截止：2023 年 06 月 05 日 任意時區

審稿完成：2023 年 06 月 19 日

活動日期：HITCON CMT 2023：2023 年 08 月 18 日 - 2023 年 08 月 19 日

5. 講者福利

• 在台講者：HITCON 將會提供美金 400 元講師費，並受邀參加講者晚宴及 City Tour。大會期間將提供三日住宿（08/17, 18, 19）和每日午餐、點心、茶水，以及精美伴手禮作為紀念。
• 海外講者：HITCON 將會提供美金 600 元講師費，並受邀參加講者晚宴及 City Tour。大會期間將提供三日住宿（08/17, 18, 19）和每日午餐、點心、及茶水，以及精美伴手禮作為紀念。
• Hacking 101 分享者：HITCON 將會提供美金 100 元分享酬謝費，並受邀參加講者晚宴及 City Tour。大會期間將提供每日午餐、點心及茶水，以及精美伴手禮作為紀念。

---

0. About HITCON CMT 2023

Hacks in Taiwan Conference (HITCON), a technology-orientated cybersecurity conference annually held in Taiwan, is dedicated to bringing the latest and the most in-depth technologies and practices to the security community.

Over the years, we have invited worldwide speakers and congregations to participate in these grand events. Also, we provide this avenue for the community to exchange technical research, bleeding-edge hacking technology, and a relatively wide range of corporate security issues.

This year, HITCON will be divided into community and enterprise conferences. In the community conference (CMT), we will focus more on the essence of technology, hacking techniques and hacker mindset, and connect with domestic and foreign cybersecurity communities to cultivate the hacker community culture.

        

1. HITCON 2023 theme

Adversary and Harmony, the Evolution of AI in Security

As the world becomes more reliant on artificial intelligence (AI), the cybersecurity landscape is also rapidly evolving. The application of AI in security has created new opportunities for defense and attack, leading to an arms race between blue and red. The concepts of "adversary" and "harmony" describe the opposing forces at play in this evolution of AI in security. While adversaries use AI for malicious purposes, such as assistant vulnerability discovery, penetration testing and social engineering, AI could also be applied for the defenders’ daily missions from intrusion detection, threat hunting to malware reversing. In this new AI security age, it is crucial to understand the adversarial and harmonious elements of AI in security to stay ahead of the game. 

To provide a more comprehensive understanding of the topic, it is important to delve deeper into the two concepts of "using AI for hacking" and "hacking AI systems." Using AI for hacking involves the use of machine learning and other AI techniques to automate the attack process and improve the effectiveness of attacks. This can include generating fake contents, discovering & exploiting vulnerabilities, and automate penetration processes. On the other hand, hacking AI systems involves attacking the systems based on ML/AI. Hackers may use adversarial attacks, which involve manipulating data or input to AI systems in a way that leads to incorrect predictions or information leakage. As AI continues to advance, it is crucial to understand these two concepts in order to effectively protect against cyber threats in this new AI security age.

2. The Call for Papers

We welcome submissions on any information security-related topics. This year's submissions are divided into two categories: presentation sessions and tutorial sessions, and you can decide which direction your submission is best suited for. However, the review committee may adjust the session type based on the content of your submission. We suggest a presentation session length of 40 minutes, including Q&A, while a tutorial session(Hacking 101) is 120 minutes, including Q&A.

Additionally, since HITCON receives a large number of high-quality submissions every year, if your submission has too little information, such as a short or non-specific description, or if you do not include presentation slides or supporting materials, it may be difficult for the review committee to compare your submission with others, which may result in missing out on a great opportunity. Therefore, we suggest that you provide detailed and specific submission information in the submission system to facilitate the review process. 

Reviewing Rules Since this year's HITCON conference is expected to be held in-person, live presentations are the preferred option for both domestic and foreign speakers. If you have any concerns or difficulties, please feel free to let us know. 

The review process for this year's conference will begin during the submission period and will be conducted on a first-come, first-served basis. This means that your submission may be accepted before the submission deadline if the majority of the submissions are of high quality. Chance of ending the Call for Papers early if the quality of submissions is extraordinary. We remind those who are interested in submitting session proposals to complete their submissions as soon as possible.

Scope and Topics

• Artificial Intelligence (AI) Hacking: Data Science for Security, Machine Learning (ML) & AI for Security, Hacking ML & AI, ML&AI Reasoning and Interpretation, Adversarial Machine Learning
• Exploit & Vulnerability: Red Team, Bug Bounty, Exploit Development, Fuzzer, Wormable Vulnerability, Web AppSec
• Security in the Cyberwar: Security issues related to Cyberwar
• Malware: Malware Analysis, Malware Development, ransomware, APT/Cybercrime, Ransomware, Reverse Engineering
• Blue Team: Digital Forensic, Incident Response
• Cloud Security: IAM in the cloud infra, Penetration & Vulnerability Discovery in Cloud Environment
• Privacy and Data Protection: Encryption, Key Management, Post Quantum Cryptography, Side Channel Attack
• BlockChain Security: Web3, Cryptocurrency, DeFi
• IoT Hacking & Security: IoT security, IoT Protection, IoT Hacking & Exploit, IIoT security, Hardware Reversing Engineering, Radio Hacking
• Cyber Physical Security (CPS): Cyber Physical Security (CPS), Society 5.0(Smart Society) 
• Car Hacking
• Communication Hacking: Telecommunications Hacking, Communications Satellite, 5G Security & Radio Hacking 
• Talent Education and Security Community: CTF, Cyber Range, Experience of Security Community, Legal and Social Aspect of Information Security

Submission Option

• Future Star
• Due to the increasing professionalism of the papers submitted to the HITCON conference and the growing number of submissions received, this year we have set up the "Future Star" program to encourage students to submit their work and provide them with a platform to present their research.
• Bounty House
• Bounty House is a mysterious program that lasts for about 20-40 minutes. The speaker's name is not disclosed, and recording is strictly prohibited on-site. This program allows the speaker to talk about the exciting process of discovering vulnerabilities and discuss interesting incidents in the cybersecurity field.

3. Delivery Preference

Please create an account and submit the proposal through CFP Website before the deadline.

Selected speakers are required to attend the event in person and present their research.

If you have any questions or concerns, please don't hesitate to contact our review board at reviewboard@hitcon.org with the subject line 'HITCON CMT 2023'."

4. Important Dates

Call for Papers Opened: April 7, 2023

Call for Papers Closed: June 5, 2023 (Any Time Zone)

Notification to Submitters: June 19, 2023

Event Dates: August 18 - August 19, 2023

5. Speaker Benefits

• For speakers in Taiwan, HITCON will provide a speaker fee of $400 USD and invite to attend the VIP party and City Tour. During the conference, daily lunch, snacks, and drinks will be provided, as well as exquisite souvenirs as a memento. 
• For overseas speakers, HITCON will provide a speaker fee of USD 400 and a transportation subsidy of USD 200, and invite to attend the VIP Party and City Tour. Lunch, snacks, and beverages will be provided daily during the conference, as well as exquisite souvenirs as a memento.
• For Hacking 101 presenters, HITCON will provide a presenter fee of USD 100 and invite to attend the VIP Party and City Tour. Lunch, snacks, and beverages will be provided daily during the conference, as well as exquisite souvenirs as a memento.