CUING 2018

The Second International Workshop on Criminal Use of Information Hiding (CUING 2018)

to be held in conjunction with the 13th International Conference on Availability, Reliability and Security
(ARES 2018 –

August 27 – August 30, 2018, Hamburg, Germany

With the constant rise of the number of Internet users, available bandwidth and an increasing number of services shifting into the connected world, criminals are increasingly active in the virtual world. With improving defensive methods cybercriminals have to utilize more and more sophisticated ways to perform their malicious activities. While protecting the privacy of users, many technologies used in current malware and network attacks have been abused in order to allow criminals to carry out their activities undetected.

The aim of the Second International Workshop on Criminal Use of Information Hiding (CUIng) is to bring together researchers, practitioners, law enforcement representatives, and security professionals in the area of analysis of information hiding (e.g. steganography, covert channels), obfuscation techniques and underground networks (darknets) in order to present novel research regarding the use of data and communication hiding methods in criminal environments and discuss ideas for fighting misuse of privacy enhancing technologies.


  • Information hiding techniques
  • Studies regarding the use of information hiding in cybercrime
  • Analysis of cybercrime cases related to CUIng
  • Large scale coordinated actions by LEAs from CUIng perspective
  • New steganographic & steganalysis methods
  • Local, air-gapped, and network covert channels
  • Novel countermeasures against information hiding techniques: detection, prevention, limitation
  • Evasion, obfuscation and anti-forensics techniques used by cybercriminals
  • Traffic type obfuscation techniques e.g. traffic morphing
  • Masking network attacks with another types of threats
  • Hiding covert communication within network attacks e.g. DDoS, SPAM, etc.
  • Impersonation of one cybercriminals groups by the other
  • Underground marketplaces and their business models
  • Botnet analysis from CUIng perspective
  • Methods for botnet detection and mitigation from CUIng perspective
  • Banking Trojans from CUIng perspective
  • IoT-botnets from CUIng perspective
  • Privacy enhancing techniques
  • Analysis of underground environments
  • Legal and technical aspects of Darknet research
  • Cybercrime and CPS from CUIng perspective
  • Future scenarios in cybercrime from CUIng perspective
  • Aspects and methods for sharing strategic intelligence
  • Abusing legitimate cloud-based services for masking criminal activities
  • Abusing legitimate social media services for masking criminal activities
Submission Deadline  May 27, 2018
Author Notification  June 10, 2018
Proceedings Version  June 29, 2018
Conference  August 27 – August 30, 2018

Phlipp Amann (Chair)
Europol, European Cybercrime Centre, The Netherlands

Jart Armin (Chair)
Cyber Defcon, The Netherlands

Wojciech Mazurczyk (Chair)
Warsaw University of Technology, Poland

Angelo Consoli (Chair)
Scuola universitaria professionale della Svizzera italiana (SUPSI), Switzerland

Peter Kieseberg (Chair)
SBA Research, Austria

Joerg Keller (Chair)
FernUniversitaet in Hagen, Germany


To be announced


The submission guidelines valid for the CUING workshop are the same as for the ARES conference. It is necessary that all papers submitted to EasyChair are anonymized (no names or affiliations of authors should be visible in the paper). They can be found >>here<<.


In case of questions, please feel free to contact us via