CRiSIS 2025

The 20^th International Conference on Risks and Security of Internet and Systems (CRiSIS) in 2025 continues its tradition of addressing critical security challenges in Internet-connected applications, networks, and systems. The indispensability of the Internet for information exchange among diverse user groups and organizations has led to heightened risks around security and privacy. This vulnerability is exacerbated by the sophistication of online attacks, the proliferation of cybercrime, and the readily available tools for attackers, who are increasingly motivated and skilled. The advent of complex technologies, including pervasive computing, mobile, and wireless devices and networks, introduces new security challenges, necessitating the deployment of advanced security mechanisms and techniques. These advancements are crucial for protecting critical sectors such as energy, transportation, health, defense, banking, critical infrastructures, embedded systems and networks, avionics systems, and more, ensuring an acceptable level of security assurance. CRiSIS 2025 serves as an essential platform for stakeholders in computer and network security from the industrial, academic, and governmental sectors to convene, share insights, and showcase the latest developments in combating Internet-related security threats, vulnerabilities, and the necessary countermeasures to address them.

CRiSIS 2025 targets contributions from both academia and industrials on the following topics, but not limited to:

• AI and machine learning-based security approaches
• Formal methods and logics-centered security approaches
• Analysis and management of risk
• Attacks and defenses
• Attack data acquisition and network monitoring
• Authorization, Authentication, and Identity Management
• Blockchain and Distributed Ledger Technologies
• Cryptography, biometrics, watermarking
• Dependability and fault tolerance of Internet applications
• Distributed systems security and safety
• Embedded system security and safety
• Empirical methods for security and risk evaluation
• Hardware-based security and physical security
• Intrusion detection and prevention systems
• Organizational, ethical, and legal issues
• Privacy protection and anonymization
• Risk-aware access and usage control
• Analysis and management of cyber crisis
• Security and risk assessment
• Security and risks metrics
• Security and dependability of operating systems
• Security and safety of critical infrastructures
• Security and privacy of peer-to-peer system
• Security and privacy of wireless networks
• Security in Cloud/Edge/Fog computing
• Security models and security policies
• Security of big data
• Security of industrial control systems
• Security of intelligent transportation systems
• Security of e-commerce, electronic voting, and database systems
• Security of new-generation networks
• Security of smart cities
• Security of smart grid
• Security of social networks
• Security of the IoT and IIoT
• Security of VoIP and multimedia
• Smartphone security and privacy
• Traceability, metrology and forensics
• Trust management
• Ubiquitous computing security
• Use of smart cards and personal devices for Internet applications
• Virtualization security
• Web and Web-service security