EuroUSEC 2024

The 2024 European Symposium on Usable Security

Dates and Location: September 30 & October 1, 2024, Karlstad, Sweden.

Join us in Karlstad for EuroUSEC 2024, where the future of usable privacy and security intersects with the unparalleled beauty and heritage of Sweden. Let's explore, learn, and innovate together in a city that bridges the past with the future, nature with technology, and people with ideas.

The European Symposium on Usable Security (EuroUSEC) is a forum for research and discussion on human factors in security and privacy. EuroUSEC solicits previously unpublished work offering novel research contributions in any aspect of human-centred security and privacy. EuroUSEC aims to bring together researchers, practitioners, and students from diverse backgrounds including computer science, engineering, psychology, the social sciences, and economics to discuss issues related to human-computer interaction, security, and privacy.

EuroUSEC is part of the USEC family of events. You can find more info about all USEC events at: https://www.usablesecurity.net/USEC/index.php

The 2024 EuroUSEC is an independent event in Karlstad without any affiliation to any conference. By doing this, we strive to keep registration costs to a minimum.

We want EuroUSEC to be a community-driven event and would love to hear any questions, comments, or concerns you might have regarding these changes from last year. Therefore, we want to encourage everyone to join the EuroUSEC Slack. Alternatively, you can email the program chairs with any questions or concerns.

Keynote Speakers

Dr. Rebecca Balebako

Talk Title: TBA

Biography: Dr. Rebecca Balebako has been working on privacy since 2010. She has helped start-ups, large tech companies, and specialized government agencies define strategies for machine learning and privacy. Rebecca has published numerous academic papers on usable privacy and security. Dr. Balebako is also an IAPP Fellow of Information Privacy (CIPP/E and CIPT) and is trained in AI Governance and Machine Learning. She holds a Ph.D. in Engineering and Public Policy, focusing on privacy, as well as degrees in Software Engineering and Math. As a former lead of the Google Privacy Red Team, she improved the privacy infrastructure and reduced risk for terabytes of data, thousands of machine learning models, and hundreds of third-party apps. Previous work on AI led to improvements in early speech recognition as well as a framework for responsible face recognition.

Prof. Awais Rashid

Talk Title: TBA

Biography: Awais Rashid is Professor of Cyber Security at the University of Bristol. His research spans cyber security and software engineering, with a particular focus on cyber-physical systems security, software security and usable security and privacy. He is Director of the UK’s National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online (REPHRAIN) and Director of the EPSRC Centre for Doctoral Training in Trust, Identity, Privacy and Security in Large-Scale Infrastructures. He is also the lead and editor-in-chief of CyBOK, the Cyber Security Body of Knowledge. He also leads research on readiness of software engineers and developers to work with new secure hardware as part of the Digital Security by Design programme. He also previously led projects as part of the UK Research Institute on Trustworthy Industrial Control Systems (RITICS), the UK Research Institute on Socio-technical Cyber Security (RISCS) and the National Centre of Excellence on Cyber Security of Internet of Things (PETRAS). He was also a Fellow of the Alan Turing Institute (2018-2021).

Call for Papers

We invite you to submit a paper and join us in Karlstad, Sweden, at EuroUSEC 2024.

We welcome submissions containing unpublished original work describing research, visions, or experiences in all areas of usable security and privacy. We also welcome the systematization of knowledge with a clear connection to usable security and privacy. We welcome a variety of research methods, including both qualitative and quantitative approaches. Note that All submissions must clearly relate to human aspects of security or privacy. We won't accept papers on security or privacy that don't address usability or human factors. The same applies to usability or human factors papers that do not address security or privacy.

Topics include, but are not limited to:

usable security and privacy implications or solutions for specific domains (such as IoT, ehealth, and vulnerable populations)
methodologies for usable security and privacy research
field studies of security or privacy technology
longitudinal studies of deployed security or privacy features
new applications of existing privacy/security models or technology
innovative security or privacy functionality and design
usability evaluations of new or existing security or privacy features
security testing of new or existing usability features
lessons learned from the deployment and use of usable privacy and security features
reports of failed usable privacy/security studies or experiments, with the focus on the lessons learned from such experience
papers with negative results
reports of replicating previously published important studies and experiments
psychological, sociological, cultural, or economic aspects of security and privacy
studies of administrators or developers and support for security and privacy
studies on the adoption or acceptance of security or privacy technologies
systematization of knowledge papers
impact of organizational policy or procurement decisions on security and privacy

We aim to provide a venue for researchers at all stages of their careers and at all stages of their projects.

The submissions can be either standard-length papers (at most 16 pages) or short papers (up to 8 pages), reporting mature work. All papers will use the one-column submission format (See Submission Instructions: Microsoft Word, Latex: use the “manuscript” call to create a single column format) and bibliography and appendices are excluded from the page count. Using supplementary appendices, authors can include study materials (e.g., surveys, interview guides, etc.) that would otherwise occupy valuable space within the body of the paper. Reviewers are not required to read appendices, so your paper should be self-contained without them. ACM also allows the publication of additional supplemental materials and we want to encourage authors to take advantage of this option to provide research artifacts (e.g., builds of their own software used in the study).

Similar to last year, EuroUSEC 2024 proceedings volume will be a part of the International Conference Proceedings Series (ICPS) published by ACM.

It is mandatory for at least one author of each accepted paper to attend and present the paper in person. In certain circumstances, people who cannot travel may present their papers virtually.

Important Dates

Paper registration deadline (mandatory):	Monday, 27^th May, 2024 (Anywhere on Earth (AoE))
Paper submission deadline:	Friday, 31^st May, 2024(AoE)
Notification:	Monday, 8^th July, 2024 (AoE)

Re-submission deadline:	Monday, 22^nd July, 2024 (AoE)
Revision notification:	Monday, 5^th August, 2024(AoE)

Camera ready:	TBA

Submission Instructions

Upload your submission via this link:

All submissions must report original work.
- Authors must clearly document any overlap with previously or simultaneously submitted papers from any of the authors (email the chairs a PDF document outlining this).
Papers must be written in English.
Papers must be anonymized for review: No author names or affiliations should be included in the title page or the body of the paper. As well, acknowledgments should be removed, and papers should not reveal authors' identities.
Refer to your own related work in the third person: do not use personal pronouns.
- This requirement also applies to data sets and artifacts. (For example, "We reused data from the authors of Smith et al. [31] in our experiment.")
Do not blind citations except in extraordinary circumstances. If in doubt, contact the chairs.
All submissions must use the ACM Word or LaTeX templates.
- These templates can be obtained from the ACM author submission information website. To submit your paper to be reviewed, use the one-column format (e.g. for latex use: \documentclass[manuscript]{acmart}).
Systematization of Knowledge paper titles must begin with SOK:

Simultaneous submission of the same paper to another venue with proceedings or a journal is prohibited. Serious infringements of these policies may cause the paper to be rejected from publication and the authors put on a warning list, even if the paper is initially accepted by the program committee. Contact the EuroUSEC chairs if there are questions about this policy.

You are free to publish a pre-print of your paper on arXiv, SSRN or similar, if you wish to.

Contact EuroUSEC chairs if there are any questions.

Program Committee Chairs

Farzaneh Karegar, Karlstad University (Sweden)
Ali Farooq, University of Strathclyde(UK)

The chairs can be contacted at pc.chairs.eurousec

Program Committee

Yasmeen Abdrabou, Lancaster University (UK)
Shimaa Ahmed, VISA research (USA)
Mamtaj Akter, Vanderbilt University (USA)
Elham Al Qahtani, University of Jeddah (Saudi Arabia)
Patricia Arias Cabarcos, University of Paderborn (Germany)
Hala Assal, Carleton University (Canada)
David Balash, University of Richmond (USA)
Louise Barkhuus, IT University of Copenhagen (Denmark)
Ingolf Becker, University College London (UK)
Zinaida Benenson, University of Erlangen-Nuremberg (Germany)
Sabid Bin Habib Pias, Indiana University (USA)
Dawn Branley-Bell, Northumbria University (UK)
Bernardo Breve, University of Salerno (Italy)
Annalina Buckmann, Ruhr University Bochum (Germany)
Jurlind Budurushi, Baden-Wuerttemberg Cooperative State University (Germany)
Jan-Willem Bullee, University of Twente (Netherlands)
Karoline Busse, University of Applied Administrative Sciences Lower Saxony (Germany)
Rahul Chatterjee, University of Wisconsin Madison (USA)
Giuseppe Desolda, University of Bari Aldo Moro (Italy)
Nicolas E. Díaz Ferreyra, Hamburg University of Technology (Germany)
Verena Distler, University of the Bundeswehr Munich (Germany)
N'guessan Yves-Roland Douha, Nara Institute of Science and Technology (Japan)
Lynette Drevin, North West University (South Africa)
Jide Edu, University of Strathclyde (UK)
Edwin Frauenstein, Walter Sisulu University (South Africa)
Diana Freed, Hardvard University (USA)
Sepideh Ghanavati, University of Maine (USA)
Ryan Gibson, University of Strathclyde (UK)
Thomas Gross, Newcastle University (UK)
Anne Henning, Karlsruhe Institute of Technology (Germany)
Yousra Javed, Illinois State University (USA)
Naurin Khan, Riphah International University (Pakistan)
Agnieszka Kitkowska, Jönköping university (Sweden)
Jingjie Li, University of Edinburgh (UK)
Maryam Mehrnezhad, Royal Holloway University of London (UK)
Ola Michalec, Bristol University (UK)
Mathias Mujinga, University of South Africa (South Africa)
Collins Munyendo, The George Washington University (USA)
Alaa Nehme, Mississippi State University (USA)
James Nicholson, Northumbria University (UK)
Emma Nicol, University of Strathclyde (UK)
Jan Nold, Ruhr University Bochum (Germany)
Anna-Marie Ortloff, University of Bonn (Germany)
Simon Parkin, Delft University of Technology (Netherlands)
Scott Ruoti, University of Tennessee (USA)
Kavous Salehzadeh Niksirat, EPFL (Switzerland)
Cigdem Sengul, Brunel University (UK)
Raphael Serafini, Ruhr University Bochum (Germany)
Madiha Tabassum, Northeastern University (USA)
Sotirios Terzis, University of Strathclyde (UK)
Daniel Thomas, University of Strathclyde (UK)
Christian Tiefenau, University of Bonn (Germany)
Jan Tolsdorf, The George Washington University (USA)
Christine Utz, CISPA Helmholtz Center for Information Security (Germany)
Stephan Wiefling, swiefling.de & Vodafone (Germany)
Shan Xiao, Gonzaga Uvniversity (USA)
Verena Zimmermann, ETH Zürich (Switzerland)

Publication Co-chair

Steven Furnell, University of Nottingham (UK)

Publicity Chairs

Anastasia Sergeeva, Luxembourg University (Luxembourg)
Scott Harper, Newcastle University (UK)

Steering Committee

Oksana Kulyk, IT University of Copenhagen (Denmark)
Karen Renaud, University of Strathclyde (UK)
Peter Mayer, University of Southern Denmark (Denmark)
Angela Sasse, Ruhr University Bochum / Ruhr-Universität Bochum (Germany)
Melanie Volkamer, Karlsruhe Institute of Technology (Germany)
Charles Weir, Lancaster University (UK)

Event Logistics

EuroUSEC 2024 will be held on September 30 and October 1 in Karlstad, Sweden. Discover the perfect synergy of technology, innovation, and tranquility as EuroUSEC 2024 makes its way to the charming city of Karlstad.

Karlstad, located in Värmland County at the meeting point of Scandinavia's longest river, Klarälven, and Europe's largest lake, Vänern, is a city with a rich history dating back to the Viking Age. It was officially recognized as a city in the 16th century by King Charles IX of Sweden, earning its name "Charles's city." Traditionally known for its forest-based industries, Karlstad and Värmland have recently made significant advancements in the IT and technology sectors, including cybersecurity, software development, and IT services. Karlstad University plays a pivotal role in this shift, offering specialized programs and fostering collaboration between academia, industry, and government. This combination of industrial heritage and IT innovation positions Karlstad as an ideal location for hosting conferences like EuroUSEC 2024.

The city's vibrant downtown area, particularly around Stora Torget (the “big square”), is a cultural and social hub featuring dining, entertainment, and historic sites like the Sandgrund Lars Lerin art gallery (which we will visit in the second day of the conference), the Värmland County Museum, and Karlstad Cathedral.

Event location: Eva Erikssonsalen (House 21: 21A 342) at Karlstad University (KAU) (Directions to KAU)

Travelling to Karlstad : Traveling to Karlstad from Oslo, Gothenburg, and Stockholm offers somewhat similar travel times, making it convenient regardless of your starting airport. From Oslo, the journey involves a train or bus with travel times around 3 to 4 hours. The travel time from Gothenburg and Stockholm to Karlstad is similarly manageable (between 3 and 4 hours). In spite of this, it is important to note that the only direct way to Karlstad is by taking a bus from Arlanda Airport (Stockholm). For the two other airports in Oslo and Gothenburg, you must first travel to the central station in Oslo or Gothenburg, then take the bus or train to Karlstad. As a result of this accessibility, we hope that our participants for EuroUSEC 2024 will be able to choose their preferred travel route based on their needs. Tips: Compared to trains, in Sweden, buses provide better reliability regarding travel times when you have a choice.

Traveling within Karlstad : The nearest bus stop to the university is ‘Universitet’ bus station (directly outside House 1 or the main entrance). Regularly, from Stora Torget different buses go to the university bus stop. The bus lines 1, 2 and 3 all go to the university, but no. 1 is the fastest (around 12 minutes) and these depart from Stop Point B in Stora Torget. The simplest way to buy tickets is via the Karlstadsbuss app for iPhone or Android, which is available in English.

Social Contract

To make EuroUSEC as effective as possible for everyone, we ask that all participants commit to our social contract:

Engage and actively participate (to the degree you feel comfortable) with each talk.
Be sure your feedback is constructive, forward-looking, and meaningful.
The usable security & privacy community has earned a reputation for being inclusive and welcoming to newcomers; please keep it that way.
We encourage attendees to aim to meet at least three new people from this year's EuroUSEC. The meal breaks and the participatory activity are the perfect opportunities for this.
We strongly encourage tweeting under the hashtag "#EuroUSEC2024" and otherwise spreading the word about work you find exciting at EuroUSEC. However, please do not record EuroUSEC itself or further distribute comments made on our Slack instance.
EuroUSEC 2024 follows the USABLE events Code of Conduct.