Theme: Automating Risk Management for Active Defence

Call for papers is closed!

Download a copy of the Event Programme

Download a copy of the Event Timetable


Call for Papers

IEEE is the Technical Co-Sponsor (TCS) of the International Conference on Cyber Incident Response, Coordination, Containment & Control (Cyber Incident 2019) is an international refereed conference dedicated to the advancement of Cyber Incident Response, Coordination, Containment and Control.

The aim of the Cyber Incident 2019 is to encourage participation and promotion of collaborative scientific, industrial and academic inter-workings among individual researchers, practitioners, members of existing associations, academia, standardisation bodies, and including government departments and agencies. The purpose is to build bridges between academia and industry, and to encourage interplay of different cultures.

Cyber Incident 2019 invites researchers and industry practitioners to submit papers that encompass principles, analysis, design, methods and applications. All submitted papers are independently peer-reviewed.

The conference proceedings will be submitted for consideration for publishing and listing on the following bibliographic indexes: IEEE Computer Society Digital Library, IEEE Xplore Digital Library, DBLP Computer Science, Scopus, CiteSeerX, Computer Science Index, EI Compendex, Academic Search Complete, CiteULike, Google Scholar & Microsoft Academic Search.

The organisers will accept registration of up to 5 IEEE UK&I Student and YP Members at 75% discounted rate, and will offer up to 20% registration discounts for all IEEE, BCS, IET & IISP members.


Cyber Incident 2019 is co-located with other conferences as part of Cyber Science 2019.

  • Posters will be presented during the conference.
  • Industry track is available for discussing and publishing pilot and proof of concepts.
  • Work in Progress track is available for preliminary work.
  • Research Ideas track is available for ideas in early stages assessment.
  • PhD Seminar track is available for discussing and publishing early PhD thesis research.


Paper Submission

The deadline for all paper submissions, that is, both full papers and extended abstracts for Poster, WIP, PoC, Research Idea and PhD Seminar presentations was 26th January 2019, but now extended to 28th February 2019.

All Industry track, Work in Progress track, Research Ideas track and PhD Seminar track will be published in the conference proceedings. Interested participants, please submit your proposal using the online submission system hosted by Easychair Conference Portal.

Full paper submission should be via Easychair Conference Portal.


Online Submission

The online submission process is now open!

Please prepare your paper according to the formatting guidelines (Word document/PDF template/LaTeX). Use the IEEE A4 paper type. Please note that it’ll be IEEE e-copyright, which must be completed for all accepted papers. We’ll send authors’ of accepted papers instruction on how to complete an IEEE e-copyright form.

Authors must use the online submission systems hosted by EasyChair Conference System to submit their papers. Please use/download the IEEE A4 paper template, and specify which conference your submission is to. If you don’t have an EasyChair account you will need to create one and then login in order to submit your papers. Please read the Submission Instructions before submitting your work in the system.

Submission Instructions

Both long (8 pages max., roughly 8,000 words) and short (4 pages max., roughly 4,000 words) paper submissions should be written in English and be submitted electronically via the EasyChair conference portal. Submission file formats are PDF and Microsoft Word using the IEEE A4 Paper template that can be found at the corresponding C-MRiC website. Authors wishing to present a Poster, Industry Proof of Concept (PoC), Work in Progress (WIP), Research Ideas, or PhD Seminar may submit a 2page extended abstract using the online submission systems hosted by EasyChair Conference System, which, if accepted, will appear in the conference proceedings.

Topics of Interest

    • Cyber Incident Analysis
    • Cyber Incident Triage
    • Cyber Incident Correlation and Assessment
    • Coordination
    • Containment
    • Root Cause Analysis (RCA)
    • Timeliness
    • Handling and Handling Process
    • Reporting
    • Escalation
    • Cyber Incident Management
    • Decision Control
    • Emergence Services
    • Preparedness
    • Readiness
    • Analysis
    • Risk Management
    • Conditionality
    • Proportionality
    • Prioritisation
    • Decision Making
    • Risk-Based Decision
    • Human in the Loop
    • Training
    • Processes and Procedures
    • Policy and Standards
    • Emergency  Services
    • Chain of Custody
    • Forensic Readiness and Investigations
    • Cyber Incident Notification and Announcements
    • Cyber Incident Management Tool
    • Standardisation
    • Framework and Methodology
    • Expertise, Skills, Knowledge and Resource
    • Maturity Model and Goal Setting
    • Certification and Accreditation
    • Memberships to Cyber Incident Responders, Incident Response Organisation
    • Rule-Based Systems
    • Expert Systems
    • Adaptive Learning Systems
    • Predictive Systems
    • The use of Biometrics to aid Forensic Investigations
    • Speak, audio and voice Recognition for forensics
    • Correlation and cross-correlation for Incident Analysis
    • Cross-Domain Analysis
    • Cross-Channel Incident Analysis
    • Multi-domain Analysis
    • Digital Forensics Principles, Rules and Standards
    • Digital Forensic Investigations
    • Speak, audio and voice Recognition for forensics
    • Chain of Custody
    • Mobile Forensics
    • Live data and live stream forensics
    • Live Imagery Forensics
    • Memory Forensics
    • Browser and Cache Memory Forensics
    • Cyber Incident Playbook
    • Cyber Incident Management
    • War-room exercises
    • Attack Scenarios and Exercise
    • Cyber Incident Response
    • Command Controls – Bronze, Silver & Gold Command
    • Cause of Action (CoA)
    • Root Cause Analysis
    • Data-Centric System Threat Modelling
    • Attack Tree
    • Exploits and Attack Modelling
    • Attack Vector and Attack Surface
    • Risk, Control and Control Objectives
    • Analysing Threat Modelling
    • Cyber Incident Management
    • Business Continuity Plan and Measures
    • Root Cause Analysis
    • Security Metrics
    • Threat Intelligence


Important Dates

    • Industry (Proof of Concept / Pilot) Submission –   January 26, 2019, extended February 28, 2019
    • Extended Abstract (Work in Progress) –  January 26, 2019, extended February 28, 2019
    • PhD Seminar Submissions – January 26, 2019, extended February 28, 2019
    • Research Ideas – January 26, 2019, extended February 28, 2019
    • Poster/Demo Submissions – January 26, 2019, extended February 28, 2019
    • Special Track Submissions – January 26, 2019, extended February 28, 2019
    • Workshops and Tutorials Submission – January 26, 2019, extended February 28, 2019
    • Full Paper Submissions – January 26, 2019, extended February 28, 2019
    • Notification of Full Paper/Abstract / Special Track Acceptance/Rejection –  March 26, 2019 
    • Camera Ready Paper Due – April 14, 2019
    • Participants Registration – March 26 – May 6, 2019
    • Conference Date –  June 3 – 4, 2019


University of Oxford
Department of Computer Science
University of Oxford
Wolfson Building
Parks Road, Oxford OX1 3QD
United Kingdom


(Is now open …)


Programme Committee

    • Cyril Onwubiko – Centre for Multidisciplinary Research, Innovation and Collaboration, UK
    • Frank Wang – Computer Society, IEEE UK & Ireland
    • Janne Merete Hagen – Norwegian Defence Research Establishment, Norway
    • Nick Savage – University of Portsmouth, UK
    • Eckhard Pfluegel  –  Faculty of Science, Engineering and Computing, Kingston University, UK
    • Arnau Erola – Department of Computer Science, University of Oxford, UK
    • Virginia Franqueira – Cyber Security, University of Derby, UK
    • Fatih Kurugollu – Cyber Security, University of Derby, UK
    • Xavier Bellekens – University of Abertay, Dundee, Scotland, UK
    • Zeyad Yousif Al-Shibaany – IEEE UK and Ireland, EAO Chair
    • Thaddeus Eze – IEEE UK and Ireland YP & Department of Computer Science, University of Chester, UK
    • Nazila Fough – IEEE UK and Ireland Young Professionals (IEEE YP) & Robert Gordon University of Aberdeen, Scotland, UK
    • Uwe Glässer – School of Computing Science, Simon Fraser University, Canada
    • Andrew Lenaghan – University of Oxford CERT (OxCERT), Oxford, UK
    • Tim D Williams – Cyber Security, London, UK
    • Virginia Franqueira – Cyber Security, University of Derby, UK
    • Fatih Kurugollu – Cyber Security, University of Derby, UK
    • Xavier Bellekens – University of Abertay, Scotland, UK
    • Cyril Onwubiko – Centre for Multidisciplinary Research, Innovation and Collaboration, UK
    • Michal Chorasm – Telecommunications and Computer Science, University of Science and Technology (UTP), Bydgoszcz, Poland
    • Christopher D. McDermott – School of Computing Science and Digital Media, Robert Gordon University, Scotland, UK
    • Edwin K. Kairu – Carnegie Mellon University, CMU Africa
    • Hayretdin Bahsi – Center for Digital Forensics and Cyber Security, Tallin University of Technology, Estonia
    • Uri Blumenthal – MIT Lincoln Laboratory, MIT, USA
    • Dimitrios Papamartzivanos –  University of the Aegean, Greece
    • Jens Myrup Pedersen – University of Aalborg, Denmark
    • Uwe Glässer – School of Computing Science, Simon Fraser University, Canada
    • Marios Anagnostopoulos – University of the Aegean, Greece
    • Ciza Thomas – College of Engineering, India
    • Stefanos Gritzalis – University of the Aegean, Greece
    • Janne Merete Hagen – Norwegian Defence Research Establishment, Norway
    • Varun Dutt – Indian Institute of Technology Mandi, India
    • Georgios Kambourakis – University of the Aegean, Greece
    • Pierre Parrend –  ECAM Strasbourg-Europe, France
    • Eliana Stavrou – Computing Department, UCLan Cyprus, Larnaca, Cyprus
    • Tim D Williams – Cyber Security, London, UK
    • Fatih Kurugollu – Cyber Security, University of Derby, Derby, UK

    More to be added …

Conference Programme

(Programme and conference timetable will be displayed here)

Download a copy of the conference programme

    • Jonah Burgess, Domhnall Carlin, Philip O’Kane and Sakir Sezer. MANiC: Multi-step Assessment for Crypto-miners
    • Alan Mills, Theodoros Spyridopoulos and Phil Legg. Efficient and Interpretable Real-Time Malware Detection Using Random-Forest
    • Peyman Kabiri and Mahdieh Chavoshi. Destructive Attacks Detection and Response System for Physical Devices in Cyber-Physical Systems
    • Bernhardt Engerer and Alexiei Dingli. Big Social Data – Predicting Users’ Interests from their Social Networking Activities
    • Chunlei Li, Chunming Rong and Martin Gilje Jaatun. A cost-efficient scheme for Bitcoin-like blockchain
    • Kimberly Tam and Kevin Jones. Forensic Readiness within the Maritime Sector
    • Kimberly Tam and Kevin Jones. Factors Affecting Cyber Risk in Maritime
    • Yogesh Patel, Karim Ouazzane, Vassil Vassilev, Ibrahim Faruqi and George Walker. Keystroke Dynamics using Auto Encoders
    • Theo Lynn, Patricia Takako Endo, Pierangelo Rosati, Ivanovitch Silva, Guto Leoni and Debbie Ging. Detecting Hate Speech Online: A
    • Comparison of Machine Learning Approaches for Automatic Misogyny Detection in Urban Dictionary
    • Aunshul Rege and Scott Vanzant. Examining the Roles of Muhajirahs in the Islamic State via Twitter
    • Olivier Jacq, David Brosset, Yvon Kermarrec and Jacques Simonin. Cyber attacks real time detection: towards a Cyber Situational Awareness for naval systems
    • Cyril Onwubiko and Karim Ouazzane. Cyber Onboarding is ‘Broken’
    • Meha Shukla, Shane Johnson and Peter Jones. Does the NIS implementation strategy effectively address cyber security risks in the UK?
    • Erik Moore, Steven Fulton, Roberta Mancuso, Tristen Amador and Dan Likarish. Collaborative Training and Response Communities – An Alternative to Traditional Cyber Defense Escalation
    • Andrew Mason, Yifan Zhao, Hongmei He, Raymon Gompelman, Srikanth Mandava and Guy Adams. Online Anomaly Detection of Time Series at Scale
    • Yuanyuan Zhu, Mee Chi So and Paul Harrigan. Domain Identification for Commercial Intention-holding Posts on Twitter
    • Leonard Renners, Felix Heine, Carsten Kleiner and Gabi Dreo. Adaptive and Intelligible Prioritization for Network Security Incidents
    • Thomas Daniel Wagner. Cyber Threat Intelligence for “Things”
    • Eszter Oroszi. Security awareness escape room – a possible new method in improving security awareness of users
    • Wenjun Xiong and Robert Lagerström. Threat Modeling of Connected Vehicles: A privacy analysis and extension of vehicleLang
    • Subhi Alrubei, Jonathan Rigelsford, Callum Willis and Edward Ball. Ethereum Blockchain for Securing the Internet of Things: Practical Implementation and Performance Evaluation
    • Muntaha Saleem. Brexit Impact on Cyber Security of United Kingdom
    • Nima Asadi, Aunshul Rege and Zoran Obradovic. Pattern discovery in intrusion chains and adversarial movement
    • Yuxiang Hong and Steven Furnell. Organizational formalization and employee information security behavioral intentions based on an extended TPB model
    • Christopher McDermott and John Isaacs. Towards a Conversational Agent for Threat Detection in the Internet of Things
    • Kamalakanta Sethi, Ankit Pradhan, Punith. R and Padmalochan Bera. A Scalable Attribute Based Encryption for Secure Data Storage and Access in Cloud
    • Aunshul Rege, Katorah Williams and Alyssa Mendlein. A Social Engineering Course Project for Undergraduate Students Across Multiple Disciplines
    • Yunjia Wang and Ishbel Duncan. A Novel Method to Prevent Phishing by using OCR Technology
    • Chern Nam Yap, Rui Tao Kee, Jovan Sie and Rhys Wong. Arithmetic Circuit Homomorphic Encryption and Multiprocessing Enhancements
    • Mahin Talukder, Syed Islam and Paolo Falcarin. Analysis of Obfuscated Code with Program Slicing
    • Pranshu Bajpai, Tyler Olsen, Seth Edgar, Rob McCurdy and Richard Enbody. BATSense: Anomalous Security Event Detection using TBATS Machine Learning
    • Mary C. (Kay) Michel and Michael C. King. The Future of Cyber Analytics: Identity Classification for Systematic and Predictive Insight
    • Zirak Allaf, Mo Adda and Alexandar Gegov. TrapMP: Malicious Process Detection By Utilising Program Phase Detection
    • Marios Ioannou, Eliana Stavrou and Maria Bada. Cybersecurity Culture in Computer Security Incident Response Teams: Investigating difficulties in communication and coordination
    • Florian Skopik and Stefan Filip. Design principles for national cyber security sensor networks: Lessons learned from small-scale demonstrators
    • Phil Legg and Tim Blackman. Tools and Techniques for Improving Cyber Situational Awareness of Targeted Phishing Attacks
    • Martin Lundgren and Erik Bergström. Security-Related Stress: A Perspective on Information Security Risk Management
    • Sikha Bagui, Debarghya Nandi, Subhash Bagui and Robert Jamie White. Classifying Phishing Email Using Machine Learning and Deep Learning
    • Fiona Carroll, Phil Legg and Adam Chakof. What makes for effective visualisation in Cyber Situational Awareness for Non-Expert Users?
    • Jd Work. In wolf’s clothing: Complications of threat emulation in contemporary cyber intelligence practice
    • Belqassim Bouteghrine, Mohammed Rabiai, Camel Tanougast and Said Sadoudi. Hardware Implementation of Secured Socket Communication based on Chaotic Cryptosystem
    • Renate Schubert and Ioana Marinica. Facebook Data: Sharing, Caring, and Selling
    • Wenting Li, Haibo Cheng and Ping Wang. Secure Chaotic Maps-based Authentication Scheme for Real-Time Data Access In Internet of Things
    • Suleiman Yerima and Sarmadullah Khan. Longitudinal performance analysis of machine learning based Android malware detectors
    • Cyril Onwubiko and Austine Onwubiko. Cyber KPI for Return on Security Investment
    • Aguinaldo Bezerra, Gisliany Alves, Ivanovitch Silva, Pierangelo Rosati, Patricia Takako Endo and Theo Lynn. A Preliminary Exploration of Uber Data as an Indicator of Urban Liveability
    • Kamalakanta Sethi, Rahul Kumar, Lingaraj Sethi, Padmalochan Bera and Prashanta Kumar Patra. A Novel Machine Learning Based Malware Detection and Classification Framework
    • Lakshmi Prayaga. Empowering Citizen data Scientists
    • Adam Zibak and Andrew Simpson. Towards Better Understanding of Cyber Security Information Sharing
    • Abraham Althonayan and Alina Andronache. Resiliency under Strategic Foresight: The effects of Cybersecurity Management and Enterprise Risk Management alignment
    • Remy Zgraggen. Cyber Security Supervision in the Insurance Sector: Smart Contracts and Chosen Issues
    • William Claycomb and Daniel Costa. Poster: Leveraging Existing IT Resources for Insider Threat Risk Mitigation
    • William Claycomb and Daniel Costa. Poster: Indicator Development for Insider Threat Risk
    • Adrian Duncan, Sadie Creese and Michael Goldsmith. A Combined Attack-Tree and Kill-Chain Approach to Designing Attack-Detection Strategies for Malicious Insiders in Cloud Computing
    • Ferenc Leitold. Practical approach for maesuring the level of user behavior
    • Bertrand Venard. The determinants of individual cyber security behaviours

Related Conferences:

Cyber SA 2019

IEEE is the Technical Co-Sponsor (TCS) of the International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber SA 2019).

View More

Social Media 2019

IEEE is the Technical Co-Sponsor (TCS) of the International Conference on Social Media, Wearable and Web Analytics (Social Media 2019).

View More

Cyber Security 2019

IEEE is the Technical Co-Sponsor (TCS) of the International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2019).

View More

Previous Conferences

Cyber Incident 2022

Cyber Incident 2021

Cyber Incident 2020