WACCO 2020

2nd Workshop on Attackers and Cyber-Crime Operations

IEEE European Symposium on Security and Privacy 2020

September 7 - Genoa, Italy

Important News - Call for Paper Second cycle
A second cycle of submission is open for WACCO 2020. Check the Important Dates section for additional information.

Important News - Conference Rescheduled
IEEE European Symposium on Security and Privacy 2020 conference is being rescheduled to September 7-11, 2020 in Genoa, Italy.
More information can be found on the EuroS&P website

WACCO deadlines for authors notification will be respected. Additional information will be provided when available.

The emergence and commoditization of cyber-criminal activities calls for new empirical methods, measures, and technologies to quantify and understand offender operations across all forms of cyber-crime: from malware engineering and attack delivery, to running underground operations trading illegal goods such as drugs and illegal pornography, to spreading disinformation and planning (cyber-)terrorism operations. Without appropriate scientific measures of cyber-offender and attacker operations, capabilities, and resources, it remains impossible to derive sound policies, strategies and technologies that appropriately address realistic and evidence-based attacker and offender models.

The 2nd Workshop on Attackers and Cyber-Crime Operations (WACCO 2020) aims to provide a venue for research and discussion on cyber-criminal activities. WACCO 2020 is co-located with the 5th IEEE European Symposium on Security and Privacy (EuroS&P 2020) in Genoa, Italy.

Call for Papers

WACCO 2020 calls for all contributions aiming at providing methods, measures, metrics, and technologies or tools to quantitatively or qualitatively evaluate cyber-offenders and attackers from technical and non-technical angles. The workshop invites contributions from, but not limited to, the fields of computer science and computer security, criminology, psychology, law, and economics addressing this issue.
Topics of interest include, but are not limited to:

  • Empirical studies on attacker operations and communities
  • Novel methods to perform attacker measurements at scale across several communities
  • Cooperation and trust as a source of attackers’ effectiveness
  • Attackers’ skill set
  • Attackers’ operational security
  • Measuring the spread of false information campaigns on social media
  • Quantitative and qualitative methods to measure, track, and counter cybercrime
  • Cybercrime measurement and networks
  • Cybercrime policy
  • Economics of cybercrime
  • Profiling of cybercriminals
  • Security metric design and evaluation
  • Security patch measurement
  • Statistical exploration and prediction of security incidents
  • Open Source Intelligence and digital footprints

The workshop is co-located with the 5th IEEE European Symposium on Security and Privacy (EuroS&P 2020).

Important Dates

All deadlines are Anywhere on Earth (AoE = UTC-12h).

First cycle paper submissions due February 21, 2020 March 9, 2020 11:59 pm [EXTENDED]
First cycle acceptance notice to authors April 10, 2020
Second cycle paper submissions due NEW! May 18, 2020 11:59 pm
Second cycle acceptance notice to authors NEW! June 10, 2020
Camera ready for accepted papers June 24, 2020
Workshop September 7, 2020


Papers should be written in English and formatted following the IEEE guidelines for EuroS&P 2020 reported here. Papers must be typeset in LaTeX in A4 format (not "US Letter") using the IEEE conference proceeding template supplied by IEEE EuroS&P. We suggest you first compile the supplied LaTeX source as is, checking that you obtain the same PDF as the one supplied, and then write your paper into the LaTeX template, replacing the boilerplate text. Please do not use other IEEE templates. Failure to adhere to the page limit and formatting requirements can be grounds for rejection.
WACCO welcomes full as well as position papers for submission. Length limits are of 10 pages and 6 pages respectively. Position papers should present new open and interesting questions that the community should address or open questions that past research papers have not yet addressed. We expect position papers to be presented in panels or poster-platform sessions.

Anonymous submissions

Papers should be fully anonymized before review: author names or affiliations may not appear or be revealed in the text. Previous work of the authors should be referred to the third person. In the unusual case that an anonymous reference is not possible, the authors should blind the reference (e.g. “[x] Blinded citation to preserve submission anonymity”). Papers that are not properly anonymized may be desk rejected.


All papers will be published by IEEE CS and posted on the IEEE digital libraries. At least an author for each accepted paper is expected to present their paper at the workshop.

This year WACCO will adopt the REFSQ model for paper presentation, where authors and audience are structurally engaged in the discussion. As a highly multidisciplinary workshop, we expect this model to foster discussion and exchanges from a multitude of different perspectives. Presenting authors and members of the audience will be contacted by the chairs before the workshop for the (short) necessary preparations.

Submission site

Please submit your paper through EasyChair here.

Program Committee Co-chairs

Luca AllodiEindhoven University of Technology
Alice HutchingsUniversity of Cambridge
Fabio MassacciUniversity of Trento
Sergio PastranaUniversity Carlos III of Madrid
Marie VasekUniversity College London


Publicity-ChairGiorgio Di TizioUniversity of Trento
Publicity-ChairJack HughesUniversity of Cambridge

Program Committee

Venue and Registration

The workshop is co-located with the 5th IEEE European Symposium on Security and Privacy (EuroS&P 2020). To register please visit the registration page of the main event.