Call for Presentations

(PDF version)

The 6th International CARO Workshop will be held on the 14th and 15th of May 2012 at the München Airport Sheraton in Schwaig-Oberding, Germany.
The main theme of the conference will be

"WWWTF - The Web: It’s broken, but can it be fixed?".

Please remember this is a technical malware workshop, and there will be no 'corporate' or marketing papers. The sessions are closed to the media and there is a strict no recording policy enforced. The organizers reserve the right to reject participants and speakers if their affiliation cannot be verified as trustworthy.

Topics

CARO was founded on the principle of exchanging information with trusted partners, so as usual, we are soliciting any papers concerning this topic.

This year, the focus of the workshop will be the Web. Topics can include:

  • Vulnerabilities
    • XSS, CSRF
    • TLS and Certificate Authorities
    • SSO security issues (SAML, OAuth, …)
    • WebSockets
    • WebServices security (SOAP, REST, …)
    • Active Web content security (JavaScript, ActiveX, Flash, …)
    • Mashup security
    • Content markup/DOM vulnerabilities (HTML5, Microformats, RFDa, …)
  • Attacks
  • Webinject attacks
  • Code Insertion
  • Man in the Browser attacks
  • Mitigation to all of the above

There will be ~14 full presentations, each 45 minutes long, as well as ~7 lightning talks each 5 minutes long. The lightning talks cover the same subjects and are expected to provide a poster to be manned during the following break so that questions can be asked.

Submission Details

Extended abstracts are due on Monday the 23rd of January, 2012. Abstracts should be between 200 and 500 words in length and should be detailed enough to judge the content of the final presentation.
If accepted, at least one author must be registered to speak as we will not accept proxies.
There is no obligation to submit a final paper or the presentation slides, but if the authors wish to, the papers and presentation will be posted on the CARO 2012 Workshop site.
There will be the opportunity to submit lightning talk abstracts at a later date, but keep in mind that these do not qualify for reduced registration fees.

The submissions page was announced in Jan 2012 December 2011.

Dates

Ordinary Talk submissions due

2012-01-15 2012-01-23

Notification to speakers2012-02-09 (estimated)
Lighting talk submissions due2012-04-15
Workshop2012-05-14 to 2012-05-15

Note that the CARO workshop is co-located with the AMTSO meeting which follows the workshop on 2012-05-16 to 2012-05-17.