Theme: Tactics, Techniques and Procedures (TTPs) for Cyber Incident Response in a fast paced Digital World


Conference will be held online / virtual due to COVID19


Download Conference Programme

Download Conference Timetable

June 15 – 19, 2020

Call for Papers

IEEE is the Technical Co-Sponsor (TCS) of the International Conference on Cyber Incident Response, Coordination, Containment & Control (Cyber Incident 2020) is an international refereed conference dedicated to the advancement of Cyber Incident Response, Coordination, Containment and Control.

The aim of the Cyber Incident 2020 is to encourage participation and promotion of collaborative scientific, industrial and academic inter-workings among individual researchers, practitioners, members of existing associations, academia, standardisation bodies, and including government departments and agencies. The purpose is to build bridges between academia and industry, and to encourage interplay of different cultures.

Cyber Incident 2020 invites researchers and industry practitioners to submit papers that encompass principles, analysis, design, methods and applications. All submitted papers are independently peer-reviewed. The conference is open to the public, so you can attend the event without presenting a paper. Registration for both authors and attendees (without presenting a paper) opens in March 2020. You are welcome!

The conference proceedings will be submitted for consideration for publishing and listing on the following bibliographic indexes:

  • IEEE Computer Society Digital Library
  • IEEE Xplore Digital Library
  • DBLP Computer Science, and
  • Others – e.g. Scopus, CiteSeerX, Computer Science Index, EI Compendex, Academic Search Complete, CiteULike, Google Scholar & Microsoft Academic Search.

The organisers will accept registration of up to 5 IEEE UK&I Student and YP Members at 75% discounted rate, and will offer up to 20% registration discounts for all IEEE, BCS, IET & IISP members.


Cyber Incident 2020 is co-located with other conferences as part of Cyber Science 2020

  • Posters will be presented during the conference.
  • Industry track is available for discussing and publishing pilot and proof of concepts.
  • Work in Progress track is available for preliminary work.
  • Research Ideas track is available for ideas in early stages assessment.
  • PhD Seminar track is available for discussing and publishing early PhD thesis research.


Paper Submission

The deadline for all paper submissions, that is, both full papers and extended abstracts for Poster, WIP, PoC, Research Idea and PhD Seminar presentations was 26th January 2020, but now the deadline has been extended to 6th March 2020.

All Industry track, Work in Progress track, Research Ideas track and PhD Seminar track will be published in the conference proceedings. Interested participants, please submit your proposal using the online submission system hosted by Easychair Conference Portal.

Full paper submission should be via Easychair Conference Portal.


Online Submission

The online submission process is now open!

Please prepare your paper according to the formatting guidelines (Word document/PDF template/LaTeX). Use the IEEE A4 paper type. Please note that it’ll be IEEE e-copyright, which must be completed for all accepted papers. We’ll send authors’ of accepted papers instruction on how to complete an IEEE e-copyright form.

Authors must use the online submission systems hosted by EasyChair Conference System to submit their papers. Please use/download the IEEE A4 paper template, and specify which conference your submission is to. If you don’t have an EasyChair account you will need to create one and then login in order to submit your papers. Please read the Submission Instructions before submitting your work in the system.

Submission Instructions

Both long (8 pages max., roughly 8,000 words) and short (4 pages max., roughly 4,000 words) paper submissions should be written in English and be submitted electronically via the EasyChair conference portal. Submission file formats are PDF and Microsoft Word using the IEEE A4 Paper template that can be found at the corresponding C-MRiC website. Authors wishing to present a Poster, Industry Proof of Concept (PoC), Work in Progress (WIP), Research Ideas, or PhD Seminar may submit a 2page extended abstract using the online submission systems hosted by EasyChair Conference System, which, if accepted, will appear in the conference proceedings.


Topics of Interest

    • Cyber Incident Analysis
    • Cyber Incident Triage
    • Cyber Incident Correlation and Assessment
    • Coordination
    • Containment
    • Root Cause Analysis (RCA)
    • Timeliness
    • Handling and Handling Process
    • Reporting
    • Escalation
    • Cyber Incident Management
    • Decision Control
    • Emergence Services
    • Preparedness
    • Readiness
    • Analysis
    • Risk Management
    • Conditionality
    • Proportionality
    • Prioritisation
    • Decision Making
    • Risk-Based Decision
    • Human in the Loop
    • Training
    • Processes and Procedures
    • Policy and Standards
    • Emergency  Services
    • Chain of Custody
    • Forensic Readiness and Investigations
    • Cyber Incident Notification and Announcements
    • Cyber Incident Management Tool
    • Standardisation
    • Framework and Methodology
    • Expertise, Skills, Knowledge and Resource
    • Maturity Model and Goal Setting
    • Certification and Accreditation
    • Memberships to Cyber Incident Responders, Incident Response Organisation
    • Rule-Based Systems
    • Expert Systems
    • Adaptive Learning Systems
    • Predictive Systems
    • The use of Biometrics to aid Forensic Investigations
    • Speak, audio and voice Recognition for forensics
    • Correlation and cross-correlation for Incident Analysis
    • Cross-Domain Analysis
    • Cross-Channel Incident Analysis
    • Multi-domain Analysis
    • Digital Forensics Principles, Rules and Standards
    • Digital Forensic Investigations
    • Speak, audio and voice Recognition for forensics
    • Chain of Custody
    • Mobile Forensics
    • Live data and live stream forensics
    • Live Imagery Forensics
    • Memory Forensics
    • Browser and Cache Memory Forensics
    • Cyber Incident Playbook
    • Cyber Incident Management
    • War-room exercises
    • Attack Scenarios and Exercise
    • Cyber Incident Response
    • Command Controls – Bronze, Silver & Gold Command
    • Cause of Action (CoA)
    • Root Cause Analysis
    • Data-Centric System Threat Modelling
    • Attack Tree
    • Exploits and Attack Modelling
    • Attack Vector and Attack Surface
    • Risk, Control and Control Objectives
    • Analysing Threat Modelling
    • Cyber Incident Management
    • Business Continuity Plan and Measures
    • Root Cause Analysis
    • Security Metrics
    • Threat Intelligence


Important Dates

  • Industry (Proof of Concept / Pilot) Submission –   January 26, 2020 extended to March 6, 2020
  • Extended Abstract (Work in Progress) –  January 26, 2020 extended to March 6, 2020
  • PhD Seminar Submissions – January 26, 2020 extended to March 6, 2020
  • Research Ideas – January 26, 2020 extended to March 6, 2020
  • Poster/Demo Submissions – January 26, 2020 extended to March 6, 2020
  • Special Track Submissions – January 26, 2020 extended to March 6, 2020
  • Workshops and Tutorials Submission – January 26, 2020 extended to March 6, 2020
  • Full Paper Submissions – January 26, 2020 extended to March 6, 2020
  • Notification of Full Paper/Abstract / Special Track Acceptance/Rejection –  March 26, 2020 extended to April 17, 2020
  • Camera Ready Paper Due – April 14, 2020 extended to May 8, 2020
  • Participants Registration – March 26 – May 31, 2020
  • Conference Date –  June 15 – 19, 2020


Moved to Online / Virtual



Programme Committee

    • Cyril Onwubiko – Centre for Multidisciplinary Research, Innovation and Collaboration, UK
    • Frank Wang – Computer Society, IEEE UK & Ireland
    • Theo Lynn – Dublin City University, Dublin, Ireland
    • Janne Merete Hagen – Norwegian Defence Research Establishment, Norway
    • Nick Savage – University of Portsmouth, UK
    • Eckhard Pfluegel  –  Faculty of Science, Engineering and Computing, Kingston University, UK
    • Theo Lynn – Dublin City University, Dublin, Ireland
    • Pierangelo Rosati – Dublin City University, Dublin, Ireland
    • Grace Kenny – Dublin City University, Dublin, Ireland
    • Patricia Endo – Dublin City University, Dublin, Ireland
    • Uwe Glässer – School of Computing Science, Simon Fraser University, Canada
    • Arnau Erola – Department of Computer Science, University of Oxford, UK
    • Tim D Williams – Cyber Security, London, UK
    • Theo Lynn – Dublin City University, Dublin, Ireland
    • Pierangelo Rosati – Dublin City University, Dublin, Ireland
    • Xavier Bellekens – University of Strathclyde, Scotland, UK
    • Theo Lynn – Dublin City University, Dublin, Ireland
    • Arnau Erola – Department of Computer Science, University of Oxford, UK
    • Michal Chorasm – Telecommunications and Computer Science, University of Science and Technology (UTP), Bydgoszcz, Poland
    • Hayretdin Bahsi – Center for Digital Forensics and Cyber Security, Tallin University of Technology, Estonia
    • Uri Blumenthal – MIT Lincoln Laboratory, MIT, USA
    • Jens Myrup Pedersen – University of Aalborg, Denmark
    • Uwe Glässer – School of Computing Science, Simon Fraser University, Canada
    • Marios Anagnostopoulos – University of the Aegean, Greece
    • Ciza Thomas – College of Engineering, India
    • Stefanos Gritzalis – University of the Aegean, Greece
    • Janne Merete Hagen – Norwegian Defence Research Establishment, Norway
    • Varun Dutt – Indian Institute of Technology Mandi, India
    • Georgios Kambourakis – University of the Aegean, Greece
    • Eliana Stavrou – Computing Department, UCLan Cyprus, Larnaca, Cyprus
    • Tim D Williams – Cyber Security, London, UK
    • Palvi Aggarwal – Carnegie Mellon University (CMU), USA
    • Sean Mckeown – Edinburgh Napier University, Scotland, UK
    • Arghir-Nicolae Moldovan – National College of Ireland (NCIRL), Ireland
    • Domhnall Carlin – Queen’s University (QUB), Belfast, Northern Ireland, UK
    • Kim Tam – Plymouth University, UK
    • Felix Heine – Hannover University of Applied Sciences, Germany

    • Martin Gilje Jaatun, Lars Bodsberg, Tor Olav Grøtan and Marie MoeAn Empirical Study of CERT Capacity in the North Sea
    • Andrew Rae and Asma PatelDeveloping a security behavioural assessment approach for cyber rating UK MSBs
    • Uchenna Daniel Ani, Hongmei He and Ashutosh TiwariVulnerability-Based Impact Criticality Estimation for Industrial Control Systems
    • Inger Anne Tøndel, Ravishankar Borgaonkar, Martin Gilje Jaatun and Christian FrøystadWhat Could Possibly Go Wrong? Smart Grid Misuse Case Scenarios
    • Xiaoyu Du, Quan Le and Mark ScanlonAutomated Artefact Relevancy Determination from Artefact Metadata and Associated Timeline Events
    • Enoch Agyepong, Yulia Cherdantseva, Philipp Reinecke and Pete BurnapTowards a Framework for Measuring the Performance of a Security Operations Center Analyst
    • Waleed Alghamdi and Michael SchukatSlave Clock Responses to Precision Time Protocol Attacks: A Case Study
    • Daniel Reti, Daniel Fraunholz, Janis Zemitis, Daniel Schneider and Hans Dieter SchottenDeep Down the Rabbit Hole: On References in Networks of Decoy Elements
    • John Oraw and David LavertyRestricting Data Flows to Secure Against Remote Attack
    • Hanlin Chen, Hongmei He and Andrew StarrAn Overview of Web Robots Detection Techniques
    • Joel Chacon, Sean McKeown and Richard MacfarlaneTowards Identifying Human Actions, Intent, and Severity of APT Attacks Applying Deception Techniques – An Experiment
    • Gwyn Wilkinson and Phil Legg”What did you say?”: Extracting unintentional secrets from predictive text learning systems
    • Pascal Faurie, Arghir-Nicolae Moldovan and Irina TalPrivacy Policy – “I agree”?! – Do alternatives to text-based policies increase the awareness of the users?
    • Aikaterini Kanta, Iwen Coisel and Mark ScanlonSmarter Password Guessing Techniques Leveraging Contextual Information and OSINT
    • Joshua SipperCyber Threat Intelligence and the Cyber Meta-Reality and Cyber Microbiome
    • Andrew McCarthy, Benedict Gaster and Phil LeggShouting Through Letterboxes: A study on attack susceptibility of voice assistants
    • Sean McKeown and Gordon RussellForensic Considerations for the High Efficiency Image File Format (HEIF)
    • Clemens Krueger and Sean McKeownUsing Amazon Alexa APIs as a Source of Digital Evidence
    • Marco Cook, Ioannis Stavrou, Sarah Dimmock and Christopher JohnsonIntroducing a forensics data type taxonomy of acquirable artefacts from programmable logic controllers
    • Joshua Talbot, Przemek Pikula, Craig Sweetmore, Samuel Rowe, Hanan Hindy, Christos Tachtatzis, Robert Atkinson and Xavier BellekensA Security Perspective on Unikernels
    • Tolga Ünlü, Lynsay Shepherd, Natalie Coull and Colin McLeanA Taxonomy of Approaches for Integrating Attack Awareness in Applications
    • Martin Fejrskov, Emmanouil Vasilomanolakis and Jens Myrup PedersenCyber-security research by ISPs: A NetFlow and DNS Anonymization Policy
    • Andrei Queiroz, Brian Keegan and Susan MckeeverMoving Targets: Addressing Concept Drift in Supervised Models for Hacker Communication Detection
    • Pranshu Bajpai and Richard EnbodyMemory Forensics Against Ransomware
    • Pranshu Bajpai and Richard EnbodyAn Empirical Study of Key Generation in Cryptographic Ransomware
    • Felix Anda, Brett Becker, David Lillis, Nhien-An Le-Khac and Mark ScanlonAssessing the Influencing Factors on the Accuracy of Underage Facial Age Estimation
    • Jonathan Francis Roscoe and Max Smith-CreaseyAcoustic Emanation of Haptics as a Side-Channel for Gesture-Typing Attacks
    • Fadi SibaiAI Crimes: A Classification
    • Yunjia Wang, Yang Liu, Tiejun Wu and Ishbel DuncanCost-Effective OCR Implementation to Prevent Phishing on Mobile Platforms
    • Nebrase Elmrabit, Feixiang Zhou, Fengyin Li and Huiyu ZhouEvaluation of Machine Learning Algorithms for Anomaly Detection
    • Joseph Kaberuka and Christopher JohnsonAdapting STPA-sec for Socio-technical Cyber Security Challenges in Emerging Nations: A Case Study in Risk Management for Rwandan Health Care
    • Lukas Gressl, Michael Krisper, Christian Steger and Ulrich NeffeTowards Security Attack and Risk Assessment during Early System Design
    • Evangelos Moustakas, Nishtha Lamba, C Ranganathan and Dina MahmoudBlurring lines between fiction and reality: Perspectives of experts on marketing effectiveness of virtual influencers
    • Katia Raya, Nicole D’Almeida and Maroun ChamounSocial big data: A Twitter text mining approach to the communication of universities during the Lebanese protests
    • Matthew Spradling, Jeremy Straub and Jay StrongIntroducing & Evaluating `Nutrition Facts’ for Online Content
    • Tapadhir Das, Abdelrahman Eldosouky and Shamik SenguptaThink Smart, Play Dumb: Analyzing Deception in Hardware Trojan Detection Using Game Theory
    • Timothy D WilliamsEpistemological Questions for Cybersecurity
    • Théo Simon and Bertrand VenardTechnical codes’ potentialities in cybersecurity
      A contextual approach on the ethics of small digital organizations in France
    • Bertrand VenardPrivacy Protection Behaviours: a diversity of individual strategies
    • Jordan Schoenherr and Robert ThomsonInsider Threat Detection: A Solution in Search of a Problem
    • Sebastião Rogério da Silva Neto, Thomás Tabosa de Oliveira, Vanderson de Souza Sampaio, Theo Lynn and Patricia Takako EndoPlatform for monitoring and clinical diagnosis of arboviruses using computational models
    • Arman Zand, James Orwell and Eckhard PfluegelSecure Framework for Anti-Money-Laundering using Machine Learning and Secret Sharing
    • Drew Malzahn, Zachary Birnbaum and Cimone Wright-HamorAutomated Vulnerability Testing via Executable Attack Graphs
    • Christopher Kelly, Nikolaos Pitropakis, Sean Mckeown and Costas LambrinoudakisTesting And Hardening IoT Devices Against the Mirai Botnet
    • Johannes Mols and Emmanouil VasilomanolakisethVote: Towards secure voting with distributed ledgers
    • Tharindu Ranathunga, Ramona Marfievici, Alan McGibney and Susan ReaA DLT-based Trust Framework for IoT Ecosystems

Related Conferences:

Cyber SA 2020

IEEE is the Technical Co-Sponsor (TCS) of the International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber SA 2020).

View More

Social Media 2020

IEEE is the Technical Co-Sponsor (TCS) of the International Conference on Social Media, Wearable and Web Analytics (Social Media 2020).

View More

Cyber Security 2020

IEEE is the Technical Co-Sponsor (TCS) of the International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2020).

View More

Previous Conferences

Cyber Incident 2022

Cyber Incident 2021

Cyber Incident 2019

Cyber Incident 2018