Call for papers

is closed

Please send your proposals to

Given the background Industry of Threats, we invite original, high quality talks. Here is an open list of related topics:

  • Security of computers, computing devices, networks, and cloud/edge/fog services
  • Research about malware and unwanted software
  • Reverse engineering and vulnerability analysis
  • Cybercrime and underground economies
  • Web security
  • Mobile & IoT security
  • Embedded security, hardware security
  • AI/ML both in security and as a threat
  • Usable security and privacy
  • Threat intelligence and information sharing
  • New attack vectors e.g. based on emerging technologies like AI, 3D printers, language and speech, etc.


Please send a proposal that outlines the content of your talk and your major claims with max. 4 pages (including references). Also indicate the preferred duration of your talk (20, 30, 45 mins) and its TLP status. If you apply, at least one author must present the work, if it is accepted. Make sure you apply for visa in time. Please also indicate if you need an invitation letter.

Send your proposal to

Important dates

Deadline for proposals is March, 1st 2020. 

Notification of acceptance will be done by March, 23rd 2020


We are also open for other related topics.  

CARO Webinar

As the situation about Corona COVID-19 is demanding severe restrictions in travel and summits, we don’t see us in the position to run a regular conference on the foreseen date. So we made – heavy-heartedly  -the decision to postpone the CARO 2020 Workshop to May 2021. We will do our best to make the CARO 2021 workshop the outstanding gathering that we had prepared for this year. 

The accepted talks will be presented on Sept 24th in a webinar, starting at 13.00h CEST. Participation is free of charge, but registration is mandatory. More details about registration and the program will be published shortly.


Industry of Threats

Throughout the last decades a vivid cybercrime ecosystem emerged which is constantly changing. Computing devices are no longer restricted to desktops. More and more connected devices are used in both emerging technologies and traditional industrial environments. New technologies bring up new and unforeseen threat vectors. The usage of computing devices has been increasing and so has the responsibility of the security industry to provide adequate countermeasures for cyber criminals and more dedicated attackers.

The CARO workshop is about combining forces to counter the Industry of Threats. This has at least three interpretations: 

  1. Malware and other threats are produced in a highly automated way, often supported or based on machine learning and artificial intelligence
  2. Industrial environments, emerging industries, embedded devices in smart environments pose new risks 
  3. IoT usually stands for Internet of Things. IoT devices are more and more commonly abused by cyber criminals
May 2021

Early registration & icebreaker event

Everyone who is already in Bochum is invited for the icebreaker event, with early registration 🙂


17:30 – 22:00Early registration & Icebreaker Event
Sept 24, 2020

CARO webinar


All times are CEST. Check what time that is in your time zone with a tool like this

13:00 Opening
13:10 Igor Muttik, Cybercurio. Catching Future APTs
13.40 Anurag Shandilya, K7. Who is controlling your Industrial Control System?
13.55 Mark Lechtik, Giampaolo Dedola Kaspersky. Chronicles of the Goblin: Government Espionage Beyond Digital Domain

14:15 Break

14:30 Martin Hron, Avast. The one to rule them all: an unexpected way how to compromise a network Network
15:00 Gabor Szappanos, Sophos. Mining Mayhem: the Fallout of Eternalblue
15:30 Stefan Hausotte, Boris Ahrens, G DATA. A Modern Sample Exchange System

15:50 Break

16:05 David Fiser, Trend Micro. Supply Chain Attacks in The Age of Cloud Computing
16:35 Jaromir Horejsi & Joseph C. Chen, Trend Micro. Operation Overtrap: Decomposing a Multi-Vector Attack Campaign Against Japanese Online Banking Users
16:50 Gabriel Cirlig. White Ops. Bad PUPpies – Big Money, Big Fraud, Ad fraud

17:20 Break

17:35 Jakub Soucek & Martin Jirkal, ESET. LATAM financial cybercrime: Competitors in crime sharing TTPs
18:05 Alex Holland, Josh Stroschein, Bromium. Tracking Malware Campaigns by Malicious Office Document Images through the Application of Perceptual Hash Algorithms
18:35 Maciej Kotowicz, Fishing Elephant, or how to build cloud based APT

19:00 Closing session

Fees & Registration

Attending the CARO webinar is free, but registration is mandatory. Registration will be vetted. 

Access to the CARO workshop 2020 is restricted. Please send an email with your name, your affiliation and few sentences about your motivation to attend CARO workshop to (LINK). You will receive a link to the registration page with more detailed info in your notification of acceptance. The mails won’t be sent before Monday Sep 21st.

CARO 2020

G DATA Campus, Königsallee 178
44799 Bochum, Germany