Check out the new USENIX Web site.


WOOT '08 Home

Important Dates

Workshop Organizers


Instructions for Authors

Workshop Format

Submission Instructions

Web Submission Form

Call for Papers
in PDF

Interested in sponsoring WOOT '08? Contact

WOOT '08 Call for Papers

2nd USENIX Workshop on Offensive Technologies (WOOT '08)
July 28, 2008
San Jose, CA

Sponsored by USENIX, the Advanced Computing Systems Association

WOOT '08 will be co-located with the 17th USENIX Security Symposium (USENIX Security '08), which will take place July 28–August 1, 2008.

Important Dates
Submissions due: June 8, 2008, 11:59 p.m. PDT  Deadline Extended!
Notification of acceptance: June 28, 2008
Electronic files due: July 14, 2008

Workshop Organizers

Program Chairs
Dan Boneh, Stanford University
Tal Garfinkel, VMware
Dug Song, Zattoo

Program Committee
Pedram Amini, Tipping Point
Martin Casado, Stanford University
Chris Eagle, Naval Postgraduate School
Halvar Flake, Zynamics
Trent Jaeger, Pennsylvania State University
Nate Lawson, Root Labs
Charlie Miller, Independent Security Evaluators
Matt Miller, Leviathan Security Group
HD Moore, BreakingPoint Systems
Tim Newsham, Information Security Partners, LLC
Vern Paxson, International Computer Science Institute and Lawrence Berkeley National Laboratory
Niels Provos, Google
Hovav Shacham, University of California, San Diego
Adam Shostack, Microsoft
Alex Sotirov, VMware
Giovanni Vigna, University of California, Santa Barbara

Progress in the field of computer security is driven by a symbiotic relationship between our understandings of attack and of defense. The USENIX Workshop on Offensive Technologies aims to bring together researchers and practitioners in system security to present research advancing the understanding of attacks on operating systems, networks, and applications.

Instructions for Authors
Computer security is unique among systems disciplines in that practical details matter and concrete case studies keep the field grounded in practice. WOOT provides a forum for high-quality, peer-reviewed papers discussing tools and techniques for attack.

Submissions should reflect the state of the art in offensive computer security technology—either surveying previously poorly known areas or presenting entirely new attacks.

We are interested in work that could be presented at more traditional, academic security forums, as well as more applied work that informs the field about the state of security practice in offensive techniques.

A significant goal is producing published artifacts that will inform future work in the field. Submissions will be peer-reviewed and shepherded as appropriate.

Submission topics include:

  • Vulnerability research (software auditing, reverse engineering)
  • Penetration testing
  • Exploit techniques and automation
  • Network-based attacks (routing, DNS, IDS/IPS/firewall evasion)
  • Reconnaissance (scanning, software, and hardware fingerprinting)
  • Malware design and implementation (rootkits, viruses, bots, worms)
  • Denial-of-service attacks
  • Web and database security
  • Weaknesses in deployed systems (VoIP, telephony, wireless, games)
  • Practical cryptanalysis (hardware, DRM, etc.)

Workshop Format
The attendees will be authors of accepted position papers/presentations as well as invited guests. Each author will have 25 minutes to present his or her idea. A limited number of grants are available to assist presenters who might otherwise be unable to attend the workshop. Paper files will be available on the USENIX Web site to participants before the workshop and will be made generally accessible after the workshop.

Submission Instructions
Papers must be received by 11:59 p.m. Pacific time on Sunday, June 8, 2008. This is a hard deadline—no extensions will be given. Submissions should contain six or fewer two-column pages, excluding references, using 10 point fonts, standard spacing, and 1 inch margins. Please number the pages. All submissions will be electronic and must be in either PDF (preferred) or PostScript. Author names and affiliations should appear on the title page. Submit papers using the Web form.

Given the unique focus of this workshop, we expect that work that has been presented previously in an unpublished form (e.g., Black Hat presentations) but that is well suited to a more formal and complete treatment in a published, peer-reviewed setting will be submitted to WOOT, and we encourage such submissions (with adequate citation of previous presentations).

Simultaneous submission of the same work to multiple venues, submission of previously published work, and plagiarism constitute dishonesty or fraud. USENIX, like other scientific and technical conferences and journals, prohibits these practices and may, on the recommendation of a program chair, take action against authors who have committed them. In some cases, program committees may share information about submitted papers with other conference chairs and journal editors to ensure the integrity of papers under consideration. If a violation of these principles is found, sanctions may include, but are not limited to, barring the authors from submitting to or participating in USENIX conferences for a set period, contacting the authors' institutions, and publicizing the details of the case.

Authors uncertain whether their submission meets USENIX's guidelines should contact the workshop organizers at or the USENIX office,

Papers accompanied by nondisclosure agreement forms will not be considered. All submissions will be treated as confidential prior to publication in the Proceedings.

?Need help?

Last changed: 30 May 2008 ch

WOOT '08 Index