Pages

2025/04/27

HITCON 2025 Call for Paper

HITCON 2025 Call For Paper 延長至 6/22🔜

本次大會主題「Perimeter Security is Dead, Long Live Resilience」除了受到海內外大家的熱烈投稿外,也有不少朋友詢問是否可延長投稿的時間。經大會討論後,決定將徵稿日期延長至 6 月 22 日,還沒投稿的朋友們要把握最後的投稿機會喔🔥🔥


徵稿詳情請見官方部落格 ➡️ 

https://blog.hitcon.org/2025/04/hitcon-2025-call-for-paper.html


HITCON 投稿系統傳送門 ➡️ https://cfp2025.hitcon.org/zh/call-for-proposal


如有任何疑問,歡迎來信至 reviewboard@hitcon.org 詢問。


HITCON 2025 Call For Papers Extended to June 22 🔜

Our theme this year, “Perimeter Security is Dead, Long Live Resilience”, has sparked enthusiastic submissions from all over the world! We’ve also heard from quite a few friends asking if the submission deadline could be extended. After discussion, the organizing committee has decided to extend the CFP deadline to June 22. If you haven’t submitted yet, now’s your last chance—don’t miss it 🔥🔥

CFP Details ➡️ https://blog.hitcon.org/2025/04/hitcon-2025-call-for-paper.html

Submission Portal ➡️ https://cfp2025.hitcon.org/zh/call-for-proposal

Feel free to contact reviewboard@hitcon.org for questions.




 HITCON 2025 Call for Paper

HITCON 2025: August 15-16 2025 Onsite in 中央研究院人文社會科學館

0. 關於 HITCON 

在純技術的領域裡面沒有黑與白,我們認為駭客代表著高超的技術、挑戰的精神。 有別於一般商業性質濃厚之研討會,台灣駭客年會提供一個舞台,讓駭客們有機會與大家分享最新與最深入的資安技術,面對面交換經驗、自由的對談。 大會對於會議議程的內容相當謹慎,我們希望確保在駭客年會上發表的內容,是不帶商業色彩的安全研究、最新的趨勢探討或者是夠水準的駭客技術,也希望每一場演講都是參與者最想關注的議題。 HITCON 是一個每年在台灣舉辦的技術導向資安研討會,致力為資安社群帶來最新與最深入技術與實踐。歷年來,我們邀請來自全球各地的講者、會眾以及台灣主要資安社群共襄盛舉。我們會涵蓋深入的駭客技術,提供一個與駭客專家們交流、學習並分享技術研究的舞台。除了技術的分享,也可體驗到駭客文化,在駭客與駭客社群的交流下,常常有最新、最有趣和最頂尖的議題。我們歡迎所有對資訊安全有興趣的朋友一同參與這每年一度的盛會。
1. 今年 HITCON 主題

Perimeter Security is Dead, Long Live Resilience

隨著資訊與網路系統遍及全球,攻擊面日益複雜,傳統的邊界防禦機制已無法有效抵禦現代威脅。我們看到,各種系統漏洞與 APT 攻擊層出不窮,難以完全杜絕;勒索軟體組織的快速崛起,更直接威脅企業與機構的持續運作,對醫療、運輸、通訊等關鍵基礎設施造成嚴重影響。

在無法 100% 阻擋所有攻擊的情況下,如何讓系統適應新的網路威脅、維持穩定運行,並在遭受攻擊後快速恢復,成為當今資安領域的重要課題——這正是 Cyber Resilience 網路韌性 的核心精神。

HITCON 2018「Transforming: Cybersecurity and Resilience」 以來,Resilience 再次成為焦點。近年來,俄烏戰爭、海底電纜破壞等事件不斷發生,顯示除了資訊安全,通訊安全 亦至關重要,特別是海底電纜、低軌衛星等基礎設施,這些議題為 Resilience 帶來了新的挑戰與討論方向。

此外,這一主題也與歐盟推動的 《Cyber Resilience Act》 相呼應。對於大量生產消費電子產品的台灣而言,如何在產品開發流程中導入 Secure-by-Default 的概念,將資安內建於設計之中,而非事後補救,將是值得深入探討的關鍵課題。

2. 徵稿內容

我們歡迎任何資訊安全相關題材的稿件。本次投稿分為演講議程及教學議程(Hacking 101),除了過往以頂尖技術研究為主的演講議程外,今年也維持了 Hacking 101 教學議程,這是一系列針對資安入門到初階課程,希望能透過多元方式(e.g:現場實作、影片教學、簡報演講、CTF)來帶領聽眾踏入資安研究領域之中,使其更了解往後自身發展的興趣方向。

 

您可自行決定您的稿件較適合的方向,惟審稿委員可能會視您的稿件內容調整為演講議程或教學議程


演講議程: 

  • 40 分鐘含問答時間

  • 創新深入技術研究為主要標準

  • 著重研究新穎性、技術深度與實用性三個方向評量


教學議程(Hacking 101)

  • 80 分鐘含 10 - 20 分鐘休息時間

  • 目標在於提供具教育性質的議程

  • 著重教育性、實作性與仔細的教學細節,以提供初學者易於學習的材料


特別投稿

  • HITCON OpenSource: COSCUP X HITCON 特別合作

    • 為鼓勵白帽駭客貢獻開源專案,以開放、分享的態度持續在資安領域努力,今年 HITCON 特別與 COSCUP 合作,進行 HITCON OpenSource 計畫。COSCUP(開源人年會)是台灣由開放原始碼社群聯合推動的年度研討會,始於 2006 年,為台灣自由軟體運動 (FOSSM) 的重要推動力量。這次合作計畫針對開源軟體安全、資安開源工具、數位人權等議題,可選擇投稿至 HITCON OpenSource 軌。而投稿 HITCON OpenSource 的投稿者,若是願意,也有機會可以在 COSCUP 上發表。

    • COSCUP 官網:https://coscup.org/2025/event/

  • 明日之星由於 HITCON 研討會的稿件來源漸趨專業與收到的投稿量漸增,為鼓勵學生踴躍投稿,特別設立明日之星,希望能讓更多學生有更多發表研究的舞台。講者可以在投稿時勾選明日之星選項,報名此特別投稿方案。



此外,由於每年 HITCON 均會收到大量品質優異的投稿,若您的投稿資訊量過少,例如說明內容過短或不具體、未附上投影片或佐證資料,審稿委員將很難把您的稿件與其他資訊完整的稿件放在一起比較,容易造成遺珠之憾。
因此,建議您盡量在投稿系統中提供詳細、具體的稿件說明,以利委員們進行審核作業。尤其教學議程(Hacking 101)的性質,更是強烈建議提早提供完整教材進行審查。

本年度的審稿會在投稿期間開始、採先到先審,亦即您的稿件有可能在投稿結束前就被錄取,若是多數稿件品質優異,投稿亦有可能在預定的截止時間前提早結束,提醒有意提交議程稿件者儘早完成投稿。

本年度配合主題,我們徵稿範圍包含但不限於以下主題:

  • Artificial Intelligence (AI) Hacking: Data Science for Security, Machine Learning (ML) & AI for Security, Hacking ML & AI, ML&AI Reasoning and Interpretation, Adversarial Machine Learning
  • Exploit & Vulnerability: Red Team, Exploit Development, Exploiting Memory-safe Language, Fuzzer, Wormable Vulnerability, Web AppSec
  • Malware: Malware Analysis, Malware Development, Ransomware, APT/Cybercrime, Reverse Engineering
  • Blue Team: Digital Forensics, Incident Response, Security Operation Process and Automation, Detection Engineering, SOAR, Detection as Code
  • Cloud Security: IAM in the cloud infra, Penetration & Vulnerability Discovery in Cloud Environment
  • Privacy and Data Protection: Encryption, Key Management, Post Quantum Cryptography, Side Channel Attack
  • Blockchain Security: Web3, Cryptocurrency, DeFi
  • IoT Hacking & Security: IoT security, IoT Protection, IoT Hacking & Exploit, IIoT security, Hardware Reversing Engineering, Radio Hacking, Cyber Physical Security (CPS)
  • Communication Hacking: Telecommunications Hacking, Communications Satellite, 5G/6G Security & Radio Hacking
  • Talent Education and Security Community: CTF, Cyber Range, Experience of Security Community, Legal and Social Aspect of Information Security
  • Enterprise Security: Cyber Security Framework, Cyber Defense Verifications, Breach Attack Simulation, Patch Management, Cloud Security, Infrastructure Governance, PSIRT
  • Cyber Security Maturity Measurement: Security Risk Measurement, Defense Performance Analysis, PSIRT Maturity, CSIRT/SOC Maturity
  • Supply Chain Security: Supply Chain Risk Management, DevOpsSec, SLSA, SBOM
  • Vulnerability Management: Vulnerable Disclosure Procedure, Vulnerability Discovery, Vulnerability Prioritization
  • Security Compliance: Automatic and Continuous Compliance

3. 投稿方式

請至 HITCON 投稿系統(TBA) 註冊,並且在截止時間前透過該系統完成投稿。

今年,HITCON 將首次引入 AI 審稿助理,以提升審稿流程的效率,協助審稿委員更深入分析稿件。AI 審稿助理將整理作者過往相關研究、提供相關領域的補充資料,幫助審稿委員獲取更全面的背景資訊。然而,AI 審稿助理僅作為輔助工具,不會用於篩選或決策。

投稿系統已新增 AI 審稿助理選項,若同意使用 AI 審稿助理,可在系統中勾選相關選項;若對投稿內容有隱私考量,可選擇不啟用 AI 審稿助理。



如有任何疑問,歡迎來信至 reviewboard@hitcon.org 詢問。

4. 重要時程

徵稿開始:即日起

徵稿截止:2025 年 6 月 8 日 任意時區

審稿完成:2025 年 6 月 22 日(AI 審稿助理流程將優先進行審稿),
                  2025 年 6 月 29 日

活動日期:HITCON 2025:2025 年 08 月 15 日 - 2025 年 08 月 16 日
             

5. 講者福利 

一般議程講者:HITCON 將會提供美金 400 元講師費,並受邀參加講者晚宴及 City Tour。大會期間將提供三日住宿(8/14~8/16)和每日午餐、點心、茶水,以及精美伴手禮作為紀念。

Hacking 101 講者:HITCON 將會提供美金 100 元講師費,並受邀參加講者晚宴及 City Tour。大會期間將提供每日午餐、點心及茶水,以及精美伴手禮作為紀念。

---

0. About HITCON 2025 Hacks in Taiwan Conference (HITCON), a cybersecurity conference annually held in Taiwan, is dedicated to bringing the latest and the most in-depth technologies and practices to the security community.Over the years, researchers from all over the world participate and network, this is where technical research, bleeding-edge hacking technology, and ideas/experiences on a wide range of corporate security issues flow freely.

1. HITCON 2025 theme

Perimeter Security is Dead, Long Live Resilience

As information and network systems become ubiquitous worldwide, the attack surface is growing increasingly complex, rendering traditional perimeter defense mechanisms ineffective against modern threats. We continue to see an influx of system vulnerabilities and APT attacks, which are nearly impossible to completely eliminate. Meanwhile, the continued proliferation of ransomware groups poses a direct threat to the continuous operations of businesses and organizations, severely impacting critical infrastructure such as healthcare, transportation, energy, and telecommunications. Since it is impossible to achieve 100% protection against all attacks, the key challenge in cybersecurity today is ensuring that systems can adapt to emerging cyber threats, maintain operations and withstand cyber threats, and recover quickly after an incident. This is the core principle of Cyber Resilience.

Since HITCON 2018: "Transforming: Cybersecurity and Resilience", resilience has once again taken center stage. In recent years, events such as the Russia-Ukraine war and the sabotage of undersea cables have underscored the importance of communication security, in addition to traditional cybersecurity. Critical infrastructure, such as undersea cables and low-earth orbit (LEO) satellites, introduces new challenges and discussions in the realm of resilience.

Furthermore, this theme aligns with the Cyber Resilience Act introduced by the European Union. For Taiwan, a major producer of consumer electronics, integrating the Secure-by-Default concept into product development—embedding security into design rather than relying on post-facto mitigation—will be a critical issue worthy of further exploration.

2. The Call for Papers


We welcome submissions on any information security-related topics. This year's submissions are divided into three categories: HITCON presentation sessions, and HITCON Hacking 101 (tutorial sessions), and you can decide which direction your submission is best suited for. However, the review committee may adjust the session type based on the content of your submission. We suggest a presentation session length of 40 minutes, including Q&A, while a tutorial session is 80 minutes, including Q&A.

Additionally, since HITCON receives a large number of high-quality submissions every year, if your submission has too little information, such as a short or vague description, or if you do not include presentation slides or supporting materials, it may be difficult for the review committee to compare your submission with others, which may result in missing out on a great opportunity. Therefore, we suggest that you provide detailed and specific submission information in the submission system to facilitate the review process.

Reviewing Procedure and Logistics

Since this year's HITCON conference is expected to be held in-person, live presentations are the preferred option for both domestic and foreign speakers. If you have any concerns or difficulties, please feel free to let us know.

The review process for this year's conference will begin during the submission period and will be conducted on a first-come, first-served basis. This means that your submission may be accepted before the submission deadline if the majority of the submissions are of high quality. Chance of ending the Call for Papers early if the quality of submissions is extraordinary. We remind those who are interested in submitting session proposals to complete their submissions as soon as possible.

  • Scope and Topics
  • Test-of-Time Security Technology
  • Artificial Intelligence (AI) Hacking: Data Science for Security, Machine Learning (ML) & AI for Security, Hacking ML & AI, ML&AI Reasoning and Interpretation, Adversarial Machine Learning
  • Exploit & Vulnerability: Red Team, Exploit Development, Exploiting Memory-safe Language, Fuzzer, Wormable Vulnerability, Web AppSec
  • Security in the Cyberwar: Security issues related to Cyberwar
  • Malware: Malware Analysis, Malware Development, Ransomware, APT/Cybercrime, Reverse Engineering
  • Blue Team: Digital Forensics, Incident Response, Security Operation Process and Automation, Detection Engineering, SOAR, Detection as Code
  • Cloud Security: IAM in the cloud infra, Penetration & Vulnerability Discovery in Cloud Environment
  • Privacy and Data Protection: Encryption, Key Management, Post Quantum Cryptography, Side Channel Attack
  • Blockchain Security: Web3, Cryptocurrency, DeFi
  • IoT Hacking & Security: IoT security, IoT Protection, IoT Hacking & Exploit, IIoT security, Hardware Reversing Engineering, Radio Hacking, Cyber Physical Security (CPS)
  • Communication Hacking: Telecommunications Hacking, Communications Satellite, 5G/6G Security & Radio Hacking
  • Talent Education and Security Community: CTF, Cyber Range, Experience of Security Community, Legal and Social Aspect of Information Security
  • Enterprise Security: Cyber Security Framework, Cyber Defense Verifications, Breach Attack Simulation, Patch Management, Cloud Security, Infrastructure Governance, PSIRT
  • Cyber Security Maturity Measurement: Security Risk Measurement, Defense Performance Analysis, PSIRT Maturity, CSIRT/SOC Maturity
  • Supply Chain Security: Supply Chain Risk Management, DevOpsSec, SLSA, SBOM
  • Vulnerability Management: Vulnerable Disclosure Procedure, Vulnerability Discovery, Vulnerability Prioritization
  • Security Compliance: Automatic and Continuous Compliance

Submission Option

  • HITCON OpenSource: Special Collaboration between COSCUP and HITCON

    • To encourage hackers to contribute to open-source projects and to promote an open and sharing mindset for cybersecurity, HITCON is launching the HITCON OpenSource initiative in collaboration with COSCUP this year.

    • COSCUP (Conference for Open Source Coders, Users, and Promoters) is an annual conference in Taiwan, jointly organized by open-source communities. Established in 2006, it has been a key driving force of Taiwan’s Free and Open Source Software Movement (FOSSM). COSCUP 2025 will be held on August 9–10.

    • COSCUP Official Site: https://coscup.org/2025/event/

    • This initiative welcomes submissions related to open-source software security, cybersecurity open-source tools, and digital rights. Submissions can be made to the HITCON OpenSource track. Additionally, speakers who submit to HITCON OpenSource may also have the opportunity to present their work at COSCUP if they are willing.

  • Future Star
    • Due to the increasing quality of the papers submitted to the HITCON conference and the growing number of submissions received thus the possible alienation of emerging researchers, this year we have set up the "Future Star" program to encourage students to submit their work and provide them with a platform to present their research.

3. Delivery Preference

  • Please create an account and submit the proposal through CFP Website(TBA) before the deadline
  • Speakers should come onsite and present the research,
  • All correspondence and queries should be sent to reviewboard@hitcon.org with the headline "HITCON 2025"
  • This year, HITCON will introduce the AI Review Assistant to enhance the efficiency of the review process. The AI Review Assistant will compile the author's past research, provide supplementary materials, and submission’s background. However, the AI Review Assistant will serve solely as a supporting tool and will not be used for filtering or decision-making.
  • The submission system now includes an AI Review Assistant option. Authors who agree to use the AI Review Assistant can select this option in the system. Those with privacy concerns regarding their submission may choose not to enable the AI Review Assistant.

4. Important Dates

  • Call for Papers Opened: From now on
  • Call for Papers Closed: June 8, 2025 (Any Time Zone) 
  • Notification to Submitters: June 22, 2025 (for those who agreed to AI Review Assistant)                                             June 29, 2025 (all other submissions)

  • Event Dates:   HITCON August 15 - August 16, 2025

5. Speaker Benefits

HITCON will provide a speaker fee of $400 USD and an invitation to attend the VIP party and City Tour. During the conference, daily lunch, snacks,and drinks will be provided, as well as exquisite souvenirs.

For Hacking 101 speakers, HITCON will provide a speaker fee of $100 USD and invited to attend the VIP party and City Tour. During the conference, daily lunch, snacks, and drinks will be provided, as well as exquisite souvenirs.


at

No comments:

Post a Comment