Cyber Incident 2018

June 11-12, 2018, Scotland, UK


 Theme: Exploring principles, processes and techniques for harnessing the art of Cyber Incident Response, Coordination, Containment and Control  (CIRC3).

  Click here to download the conference programme

Call for Papers

EEE is the Technical Co-Sponsor (TCS) of the International Conference on Cyber Incident Response, Coordination, Containment & Control (Cyber Incident 2018) is an international refereed conference dedicated to the advancement of Cyber Incident Response, Coordination, Containment and Control.

The aim of the Cyber Incident 2018 is to encourage participation and promotion of collaborative scientific, industrial and academic inter-workings among individual researchers, practitioners, members of existing associations, academia, standardisation bodies, and including government departments and agencies. The purpose is to build bridges between academia and industry, and to encourage interplay of different cultures.

Cyber Incident 2018 invites researchers and industry practitioners to submit papers that encompass principles, analysis, design, methods and applications. All submitted papers are independently peer-reviewed.

The conference proceedings will be submitted for consideration for publishing and listing on the following bibliographic indexes: IEEE Computer Society Digital Library, IEEE Xplore Digital Library, DBLP Computer Science, Scopus, CiteSeerX, Computer Science Index, EI Compendex, Academic Search Complete, CiteULike, Google Scholar & Microsoft Academic Search.

The organisers will accept registration of up to 5 IEEE UK&I Student and YP Members at 75% discounted rate, and will offer up to 20% registration discounts for all IEEE, BCS, IET & IISP members.


Cyber Incident 2018 is co-located with other conferences as part of Cyber Science 2018.

  • Posters will be presented during the conference.
  • Industry track is available for discussing and publishing pilot and proof of concepts.
  • Work in Progress track is available for preliminary work.
  • Research Ideas track is available for ideas in early stages assessment.
  • PhD Seminar track is available for discussing and publishing early PhD thesis research.

 Paper Submission

The deadline for all paper submissions, that is, both full papers and extended abstracts for Poster, WIP, PoC, Research Idea and PhD Seminar presentations is 26th January 2018.

All Industry track, Work in Progress track, Research Ideas track and PhD Seminar track will be published in the conference proceedings. Interested participants, please submit your proposal using the online submission system hosted by Easychair Conference Portal.

Full paper submission should be via Easychair Conference Portal.


Online Submission

The online submission process is now open!

Please prepare your paper according to the formatting guidelines (Word document/PDF template/LaTeX). Please also find here the copyright-form, which must be completed for all accepted papers.

Authors must use the online submission systems hosted by EasyChair Conference System to submit their papers. If you don’t have an EasyChair account you will need to create one and then login in order to submit your papers. Please read the Submission Instructions before submitting your work in the system.

Submission Instructions

Both long (8 pages max., roughly 8,000 words) and short (4 pages max., roughly 4,000 words) paper submissions should be written in English and be submitted electronically via the EasyChair conference portal. Submission file formats are PDF and Microsoft Word using the IEEE templates that can be found at the corresponding C-MRiC website. Authors wishing to present a Poster, Industry Proof of Concept (PoC), Work in Progress (WIP), Research Ideas, or PhD Seminar may submit a 2page extended abstract using the online submission systems hosted by EasyChair Conference System, which, if accepted, will appear in the conference proceedings.


Topics of Interest

    • Cyber Incident Analysis
    • Cyber Incident Triage
    • Cyber Incident Correlation and Assessment
    • Coordination
    • Containment
    • Root Cause Analysis (RCA)
    • Timeliness
    • Handling and Handling Process
    • Reporting
    • Escalation
    • Cyber Incident Management
    • Decision Control
    • Emergence Services
    • Preparedness
    • Readiness
    • Analysis
    • Risk Management
    • Conditionality
    • Proportionality
    • Prioritisation
    • Decision Making
    • Risk-Based Decision
    • Human in the Loop
    • Training
    • Processes and Procedures
    • Policy and Standards
    • Emergency  Services
    • Chain of Custody
    • Forensic Readiness and Investigations
    • Cyber Incident Notification and Announcements
    • Cyber Incident Management Tool
    • Standardisation
    • Framework and Methodology
    • Expertise, Skills, Knowledge and Resource
    • Maturity Model and Goal Setting
    • Certification and Accreditation
    • Memberships to Cyber Incident Responders, Incident Response Organisation
    • Rule-Based Systems
    • Expert Systems
    • Adaptive Learning Systems
    • Predictive Systems
    • The use of Biometrics to aid Forensic Investigations
    • Speak, audio and voice Recognition for forensics
    • Correlation and cross-correlation for Incident Analysis
    • Cross-Domain Analysis
    • Cross-Channel Incident Analysis
    • Multi-domain Analysis


Mr Matheson

Mr Matheson

MSP Cabinet Secretary for Justice
DI Eamonn Keane

DI Eamonn Keane

Police Scotland’s Cyber Crime Team, Scotland, UK
Professor Sadie Creese

Professor Sadie Creese

Professor of Cybersecurity, Department of Computer Science, University of Oxford, UK
Dr. Cyril Onwubiko

Dr. Cyril Onwubiko

Cyber Security Intelligence, Research Series Limited, London, UK
Stu Hirst

Stu Hirst

Head Of Security Engineering - Photobox Group
Professor Frank Wang

Professor Frank Wang

School of Computing, University of Kent, UK
Professor Karen Renaud

Professor Karen Renaud

Professor of Cybersecurity, University of Abertay, Dundee, Scotland, UK
Professor Jens Myrup Pedersen

Professor Jens Myrup Pedersen

Aalborg University, Denmark

Important Dates

    • Industry (Proof of Concept / Pilot) Submission –   January 26, 2018 extended to February 26, 2018
    • Extended Abstract (Work in Progress) –  January 26, 2018 extended to February 26, 2018
    • PhD Seminar Submissions – January 26, 2018 extended to February 26, 2018
    • Research Ideas – January 26, 2018 extended to February 26, 2018
    • Poster/Demo Submissions – January 26, 2018 extended to February 26, 2018
    • Special Track Submissions – January 26, 2018 extended to February 26, 2018
    • Workshops and Tutorials Submission – January 26, 2018 extended to February 26, 2018
    • Full Paper Submissions – January 26, 2018 extended to February 26, 2018
    • Notification of Full Paper/Abstract / Special Track Acceptance/Rejection –  March 26, 2018 April 3, 2018
    • Camera Ready Paper Due – April 14, 2018 April 17, 2018
    • Participants Registration – March 26 – May 6, 2018
    • Conference Date –  June 11-12, 2018


The Grand Central Hotel, Glasgow

99 Gordon Street
G1 3SF

United Kingdom



Programme Committee

    • Cyril Onwubiko – Centre for Multidisciplinary Research, Innovation and Collaboration, UK
    • Frank Wang – Computer Society, IEEE UK & Ireland
    • Janne Merete Hagen – Norwegian Defence Research Establishment, Norway
    • Nick Savage – University of Portsmouth, UK
    • Stacy J. Prowell  – U.S. Department for Energy (DOE-OE) Cybersecurity for Energy, USA
    • Eckhard Pfluegel  –  Faculty of Science, Engineering and Computing, Kingston University, UK
    • Uwe Glässer – School of Computing Science, Simon Fraser University, Canada
    • Andrew Lenaghan – University of Oxford CERT (OxCERT), Oxford, UK
    • Tim D Williams – Cyber Security, London, UK
    • Xuan Zhao – Cylance, California, USA
    • Daniel Zeng – University of Arizona, USA
    • Xavier Bellekens – University of Abertay, Scotland, UK
    • Cyril Onwubiko – Centre for Multidisciplinary Research, Innovation and Collaboration, UK
    • Arman Khouzani – School of Electronic Eng. & Comp. Sc. (EECS), Queen Mary University of London, London, UK
    • Deepak Subramanian – Supérieure d’Electricité | SUPELEC, France
    • Hayretdin Bahsi – Center for Digital Forensics and Cyber Security, Tallin University of Technology, Estonia
    • Uri Blumenthal – MIT Lincoln Laboratory, MIT, USA
    • Mischa Dohler – Department of Informatics, Centre for Telecom Research, King’s College London, UK
    • Dimitrios Papamartzivanos –  University of the Aegean, Greece
    • Jens Myrup Pedersen – University of Aalborg, Denmark
    • Uwe Glässer – School of Computing Science, Simon Fraser University, Canada
    • Marios Anagnostopoulos – University of the Aegean, Greece
    • Ciza Thomas – College of Engineering, India
    • Stefanos Gritzalis – University of the Aegean, Greece
    • Janne Merete Hagen – Norwegian Defence Research Establishment, Norway
    • Varun Dutt – Indian Institute of Technology Mandi, India
    • Georgios Kambourakis – University of the Aegean, Greece
    • Pierre Parrend –  ECAM Strasbourg-Europe, France
    • Eliana Stavrou – Computing Department, UCLan Cyprus, Larnaca, Cyprus
    • Reza Montasari – Computing and Mathematics, University of Derby, Derby, UK
    • Tim D Williams – Cyber Security, London, UK
    • Fatih Kurugollu – Cyber Security, University of Derby, Derby, UK
    • Kees Leune –  Cybersecurity and privacy, and Internet Of Things (IoT), Adelphi University, USA

    Here’s a list of CyberSA2018 Accepted papers pending camera-ready version and conference registration:

    • Anthony Arrott, Arun Lakhotia, Ferenc Leitold and Ledoux Charles – Cluster analysis for deobfuscation of malware variants during ransomware attacks
    • Patrik Lif, Teodor Sommestad and Dennis GranåsenDevelopment and evaluation of information elements for simplified cyber-incident reports
    • Christopher McDermott, Andrei Petrovski and Farzan MajdaniTowards Situational Awareness of Botnet Activity in the Internet of Things
    • Zahid Maqbool, V.S. Chandrasekhar Pammi and Varun DuttCybersecurity: Influence of patching vulnerabilities on the decision-making of hackers and analysts
    • Adam Zibak and Andrew Simpson –  Can We Evaluate the Impact of Cyber Security Information Sharing?
    • Wei Xu, Yaodong Tao and Xin GuanThe Landscape of ICS Devices on the Internet
    • Sungyoung Cho, Insung Han, Hyunsook Jeong, Jinsoo Kim, Sungmo Koo, Haengrok Oh and Moosung ParkCyber Kill Chain based Threat Taxonomy and its Application on Cyber Common Operational Picture
    • Yara Bayoumy, Per Håkon Meland and Guttorm Sindre – A Netnographic Study on the Dark Net Ecosystem for Ransomware
    • Yogachandran Rahulamathavan, Xuewen Yao, Rahulamathavan Sutharsini, Muttukrishnan Rajarajan and Kanapathippillai CumananRedesign of Gaussian Mixture Model for Efficient and Privacy-preserving Speaker Recognition
    • Shane Miller, Kevin Curran and Tom LunneyMultilayer Perceptron Neural Network for Detection of Encrypted VPN Network Traffic
    • Karen Renaud and Lynsay ShepherdHow to Make Privacy Policies both GDPR-Compliant and Usable
    • Eliana StavrouEnhancing Cyber Situational Awareness Tools: A New Perspective of Password Auditing
    • Nima Asadi, Aunshul Rege and Zoran Obradovic – Analysis of Adversarial Movement Through Characteristics of Graph Topological Ordering
    • Kay Michel and Michael King – Towards An Adaptable System-based Classification Design for Cyber Identity
    • Arun LakhotiaMalware Economics and its Implication to Anti-Malware Situational Awareness
    • Hanan Hindi, Elike Hodo, Ethan Bayne, Amar Seeam, Robert Atkinson and Xavier BellekensA Taxonomy of Malicious Traffic for Intrusion Detection Systems
    • Zachary Hills, David Arppe, Amin Ibrahim and Khalil El-KhatibCompound Password System for Mobile
    • Andrea Cullen and Lorna Armitage – A Human Vulnerability Assessment Methodology
    • Cyril Onwubiko –  CoCoa: An Ontology for Cybersecurity Operations Centre Analysis Process
    Here’s a list of accepted papers for Cyber Security 2018, pending receipt of camera-ready version and conference registration:

    • Domhnall Carlin, Phillip O’Kane and Sakir Sezer – Dynamic Opcode Analysis of Ransomware
    • Ensar Seker and Hasan Huseyin OzbenliThe Concept of Cyber Defence Exercises: Planning, Execution, Evaluation
    • Sean Mckeown, Gordon Russell and Petra LeimichSub-file Hashing Strategies for Fast Contraband Detection
    • André Sørensen, Maxime Jerome Remy, Nicolaj Kjettrup, Rasmi Vlad Mahmoud and Jens Myrup PedersenAn Approach to Detect and Prevent Cybercrime in Large Complex Networks
    • Shuai Fu and Nizar BouguilaAn Intrusion Detection Model based on Asymmetric Gaussian mixtures with Reversible Jump MCMC
    • Andres Robles-Durazno, Naghmeh Moradpoor, James McWhinnie and Gordon RussellA supervised energy monitoring-based machine learning approach for anomaly detection in a clean water supply system
    • Mahdi Madani and Camel TanougastCombined and Robust SNOW-ZUC Algorithm Based on Chaotic System
    • Egon Kidmose, Matija Stevanovic and Jens Myrup PedersenDetection of malicious domains through lexical analysis
    • Dimitrios Kavallieros, Christina Chalanouli, Georgios Kokkinis, Anastasios Papathanasiou, Efthimios Lissaris, Georgios Leventakis, Georgios Giataganas and Georgios GermanosSearching for crime on the web: Legal and Ethical perspectives
    • Halldis Søhoel, Martin Gilje Jaatun and Colin BoydOWASP Top 10 – Do Startups Care?
    • Anastasios Balaskas and Virginia N. L. FranqueiraAnalytical Tools for Blockchain: Review, Taxonomy and Open Challenges
    • Baskoro Adi Pratomo, Pete Burnap and George TheodorakopoulosUnsupervised Approach for Detecting Low Rate Attacks on Network Traffic with Autoencoder
    • Paul Wortman, Fatemeh Tehranipoor and John ChandyAn Adversarial Risk-based Approach for Network Architecture Security Modeling and Design
    • Martin Gilje Jaatun, Marie Moe and Per Erik NordbøCyber Security Considerations for Self-healing Smart Grid Networks
    • Vladimir Eliseev and Olga EliseevaLightweight Distributed Attack Detection and Prevention for the Safe Internet of Things
    • Bob DuncanAttackers Constantly Threaten the Survival of Organisations, but there is a New Shark in the Water: Carcharodon Carcharias Moderator Europa Universalis
    • Kimberly Tam and Kevin JonesCyber-Risk Assessment for Autonomous Ships
    • Yassine Lemmou and El Mamoun SouidiInfection, Self-reproduction and Overinfection in Ransomware: The Case of TeslaCrypt
    • Mirko Bottarelli, Gregory Epiphaniou, Dhouha Kbaier Ben Ismail, Petros Karadimas and Haider Al-Khateeb Quantisation feasibility and performance of RSS-based secret key extraction in VANETs
    • Daniel Fraunholz, Daniel Krohmer, Carolina Nogueira and Hans Dieter SchottenIntroducing Falcom: A Multifunctional High-Interaction Honeypot Framework for Industrial and Embedded Applications
    • Martin Span, Logan Mailloux and Michael Grimaila A Systems Security Approach for Requirements Analysis of Complex Cyber-Physical Systems
    • Santhosh Parampottupadam and Arghir-Nicolae MoldovanCloud-based Real-time Network Intrusion Detection Using Deep Learning
    • Farhad Foroughi and Peter LukschObservation Measures To Profile User Security Behaviour
    • Obinna Omego, Eckhard Pfluegel, Martin Tunnicliffe and Charles ClarkeEnsuring Message Freshness in A Multi-Channel SMS Steganographic Banking Protocol
    • Sean Mckeown, Gordon Russell and Petra LeimichFast Contraband Detection on Networked File Servers Using Sub-file Hashing Strategies
    Here’s a list of accepted papers for Social Media 2018 pending receipt of camera-ready version and conference registration:

    • Jason Koepke and Siddarth KazaInformation flow on Twitter surrounding regional events
    Here’s list of accepted papers for Cyber Incident 2018 and 2018 Cyber Incident and Risk Controls (CIRC) Workshop pending receipt of camera-ready version and conference registration:

    • Terézia Mézešová and Hayretdin Bahsi –  Expert Knowledge Elicitation for Skill Level Categorization of Attack Paths
    • Basil AlothmanNetwork Traffic Data Preparation for Automatic Botnet Detection by Incident Response Teams
    • Ganbayar Uuganbayar, Artsiom Yautsiukhin and Fabio MartinelliCyber Insurance and Security Interdependence: Friends or Foes?
    • Per Håkon Meland and Fredrik SeehusenWhen to Treat Security Risks with Cyber Insurance
    • Daniel W. Woods and Andrew C. Simpson –  Towards Integrating Insurance Data into Information Security Investment Decision Making
    • Erin Kenneally, Lucien Randazzese and David BalensonCyber Risk Economics Capability Gaps Research Strategy

Related Conferences:

Cyber SA 2018

IEEE is the Technical Co-Sponsor (TCS) of the International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber SA 2018).

View More

Social Media 2018

IEEE is the Technical Co-Sponsor (TCS) of the International Conference on Social Media, Wearable and Web Analytics (Social Media 2018).

View More

Cyber Security 2018

IEEE is the Technical Co-Sponsor (TCS) of the International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2018).

View More

Previous Conferences

Cyber Incident 2022

Cyber Incident 2021

Cyber Incident 2020