IWCC 2020

9th International Workshop on Cyber Crime (IWCC 2020)

to be held in conjunction with the 15th International Conference on Availability, Reliability and Security
(ARES 2020 –

August 25 – August 28, 2020

Today’s world’s societies are becoming more and more dependent on open networks such as the Internet – where commercial activities, business transactions and government services are realized. This has led to the fast development of new cyber threats and numerous information security issues which are exploited by cyber criminals. The inability to provide trusted secure services in contemporary computer network technologies has a tremendous socio-economic impact on global enterprises as well as individuals.

Moreover, the frequently occurring international frauds impose the necessity to conduct the investigation of facts spanning across multiple international borders. Such examination is often subject to different jurisdictions and legal systems. A good illustration of the above being the Internet, which has made it easier to perpetrate traditional crimes. It has acted as an alternate avenue for the criminals to conduct their activities, and launch attacks with relative anonymity. The increased complexity of the communications and the networking infrastructure is making investigation of the crimes difficult. Traces of illegal digital activities are often buried in large volumes of data, which are hard to inspect with the aim of detecting offences and collecting evidence. Nowadays, the digital crime scene functions like any other network, with dedicated administrators functioning as the first responders.

This poses new challenges for law enforcement policies and forces the computer societies to utilize digital forensics to combat the increasing number of cybercrimes. Forensic professionals must be fully prepared in order to be able to provide court admissible evidence. To make these goals achievable, forensic techniques should keep pace with new technologies.

The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of digital forensics and to present the development of tools and techniques, which assist the investigation process of potentially illegal cyber activity. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews.

Topics of interest include, but are not limited to

Ransomware: evolution, functioning, types, etc.
Criminal use of IoT, e.g., IoT-based botnets
Mobile malware
Novel techniques in exploit kits
Criminal to criminal (C2C) communications
Criminal to victim (C2V) communications
Darknets and hidden services
Criminal abuse of clouds and social networks
Cybercrimes: evolution, new trends and detection
Protecting Big Data against cybercrimes
Cybercrime related investigations
Privacy issues in digital forensics

Big Data analytics helping to track cybercrimes
Network traffic analysis, traceback and attribution
Incident response, investigation and evidence handling
Integrity of digital evidence and live investigations
Identification, authentication and collection of digital evidence
Anti-forensic techniques and methods
Watermarking and intellectual property theft
Steganography/steganalysis and covert/subliminal channels
Network anomalies detection
Novel applications of information hiding in networks
Political and business issues related to digital forensics and anti-forensic techniques

Important Dates
Submission Deadline May 25, 2020 extended to June 05, 2020
Author Notification June 22, 2020
Proceedings Version July 05, 2020
ARES EU Symposium August 25, 2020
All-Digital Conference August 25 – August 28, 2020
Workshop Chairs

Artur Janicki, Warsaw University of Technology, Poland
Wojciech Mazurczyk, Warsaw University of Technology, Poland
Krzysztof Szczypiorski, Warsaw University of Technology, Poland


Samia Bouzefrane, CEDRIC Lab Conservatoire National des Arts et Métiers, France
Luca Caviglione, IMATI, CNR, Italy
Eric Chan-Tin, Loyola University Chicago, USA
Michal Choras, ITTI Ltd., Poland
Jana Dittmann, Otto-von-Guericke University Magdeburg, Germany
Bela Genge Petru, Maior University of Tg Mures, Romania
Stefan Katzenbeisser, TU Darmstadt, Germany
Igor Kotenko, St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences (SPIIRAS), Russia
Christian Kraetzer, Otto-von-Guericke University Magdeburg, Germany
Jean-Francois Lalande, CentraleSupélec, France
Simone Raponi  Hamad Bin Khalifa University
Ewa Syta, Trinity College, USA
Joanna Śliwa, Military Communication Institute, Poland
Hui Tian, College of Computer Science and Technology, National Huaqiao University, China
Steffen Wendzel, Worms University of Applied Sciences and Fraunhofer FKIE, Germany
Jozef Wozniak, Gdansk University of Technology, Poland


Submission Guidelines

The submission guidelines valid for the workshop are the same as for the ARES conference. They can be found at

Papers accepted by the workshop will be published in the Conference Proceedings of ARES 2020 that will be published by the International Conference Proceedings Series published by ACM (ACM ICPS). Moreover, the extended versions of all accepted papers will be considered for publication in a special issue of the Journal of Cyber Security and Mobility (Indexed in Scopus,

Keynote speaker

Davide Ariu
CEO at Pluribus.

“Track me if you can: Abusing the DNS infrastructure to prevent (botnet) takedowns”



The Domain Name System (DNS) represents one of the main pillars of the Internet infrastructure. It provides not only a facility of translation from domain names to IP addresses (and vice-versa). Instead, it represents the cornerstone on which many services are built, including services supporting cyber-security applications.
Unfortunately, such a robust infrastructure represents a key asset also for cyber-criminals, since the most significant fraction of the cyber-attacks nowadays involves a form of abuse of a domain name or the DNS service. Thus, monitoring and analyzing the DNS traffic represents a fundamental step toward prompt detection and reaction to cyber-attacks.
During this talk, a quick overview of widespread threats affecting the DNS service will be offered. The talk will briefly recap the fundamentals of the DNS system, and will then show examples of real attacks where the DNS is either abused or opportunistically used. Then it will cover three main families of attacks, namely domain fluxing, IP fluxing, and cybersquatting. For each family, details of the attack techniques will be provided, together with some possible detection approaches recently proposed in the literature.

Davide Ariu is the CEO of Pluribus One (, a producer of cyber-security solutions empowered by secure and explainable AI.
He has a background as a computer security researcher, given that he has been working since 2005 on applications of machine learning to computer security. He is affiliated, since then, with the Pattern Recognition and Applications Laboratory of the University of Cagliari (
In 2010 he got a PhD in Computer and Information Security after also a visiting period at the Georgia Tech Information Security Center.
On such topics, he has published about 30 papers in peer-reviewed conferences, journals, and workshops.
He regularly serves as a reviewer for international conferences and journals, including, among the others, the IEEE Transactions on Information Forensics and Security, Elsevier Computer Networks, and Elsevier Computers and Security. He is ACM and IEEE member.
From 2012 to 2016, he has been among the organizers of the Summer School on Computer Security and Privacy “Building Trust in The Information Age” (
In recent years, he participated in more than 10 EU funded research project, with coordinating duties in the context of the projects CyberROAD ( and ILLBuster ( He currently covers the role of Innovation Manager for the SIMARGL project (
In 2015 he co-founded Pluribus One, which currently represents the primary focus of his activity.