Black Hat Briefings Digital Self Defense
Call for Papers
Papers and presentations are now being accepted for the Black Hat Windows Security 2004 Briefings. Papers and requests to speak will be received and reviewed from now until December 10, 2003.

Submit by completing the submissions form.


The Black Hat Briefings was created to fill the need for computer security professionals to better understand the security risks to information infrastructures and computer systems. Black Hat accomplishes this by assembling a group of vendor-neutral security professionals and having them speak candidly about the problems businesses face and the solutions to those problems. No gimmicks - just straight talk by people who make it their business to know the information security space.

Black Hat does not accept product or vendor related pitches. If your talk is a thinly-veiled advertisement for a new product or service your company is offering, please do not apply.

If you want to present a "101" level course on a new technology or to introduce the attendees to a new issue, please label your submission as such. For example, a person talking about an overview of anonymous networking technologies would call their talk something like "Anonymous Networking 101: An overview of technologies used to obfuscate your network behavior", etc.


#1 Decide which show you would be able to present at.
You must choose to speak at the Windows Security 2004. Speakers who are chosen to speak at one are not automatically chosen to speak at the other. You are currently on the Windows Security 2004 CFP page.
The goal: To assure that presenters will be ready with completed materials.

#2 Decide what key subjects/topics your presentation will cover and select the appropriate track.
This is intended to help us place your talk in the appropriate subject/topic category. Because of the unique nature of this conference, the combining of some of the best hackers with security professionals, there will be an emphasis on where the rubber meets the road. What works, what doesn't, and what to do about it.
The goal: To assure diversity in the topic and presentation selections.

The Black Hat Windows Security 2004 Briefings tracks will be*:

Day One
Track 1: Policy, Law
Track 2: MS Specific Defense
Track 3: Deep Knowledge

Day Two
Track 4: Routing & Infrastructure
Track 5: MS Specific Attack
Track 6: Application Security

*note: schedule is subject to change. If selected, please be aware that you must be available to speak on either day.

#3 Understand the different time constraints.
Generally, talks will be 75 minutes, 90 minutes. It is expected the speaker will budget time for audience participation and Q&A.
The goal: Create lively and challenging interaction with the audience.

#4 Submit a presentation.
Submit proposals by completing the submissions form.

Speakers may submit more than one proposal but each proposal must be submitted via separate submissions forms. Completed forms should be sent to cfp at

Sunbmissions are due no later than December 10, 2003

#5 Submit supporting material. Submit any additional materials (in Microsoft Word '95, '97 or 2000, Power Point '95, '97 or 2000, Adobe Acrobat .PDF or plain text) after completing the submissions form. Additional materials may include but not be limited to items such as white papers, code, demos, proof of concept, references, resume, etc that may enable us to to help decide whether your topic would be appropriate. Materials should also be sent along to: cfp at


Send submissions to cfp<a> Presentations are selected and evaluated in the order received. If you want to present on a topic, let us know early even if you turn your materials in right at the deadline. This helps us plan and select topics. Don't hold off until the last minute.

Talks will be reviewed through a voting process. Submissions get rated on a one to five scale by each of the reviewers, and the resulting scores are added up. Those submissions in each category with the highest scores are selected. In the case of topic overlap a lesser scoring submission may be selected to keep variety in the program.

People submitting a talk proposal will get email notification that Black Hat has received the proposal generally within 48 hours of receipt of the submission. Once selection has been completed you will receive in email a confirmation of acceptance or rejection.

Speakers will be contacted if there are any questions about their presentations. If your talk is accepted, you can continue to modify and evolve it up until the materials due date, at which time it is frozen for the printed materials and CD ROM.

All presentations must be vendor neutral (no sales pitches for services or products are permitted). Presentations which demonstrate proprietary tool(s) must provide a copy of the tool(s) for distribution on the Black Hat CD and website. All sources of information, software, etc should be properly cited.

Things that get our attention:
Talks that are more technical or reveal new vulnerabilities are of more interest than a review of material covered many times before. We are striving to create a high-end technical conference and any talk that helps reach this goal will be given extra attention.

Original content or research that has been created specifically for Black Hat and has not been seen before always gets extra priority as well as demonstrations involving new material, or a new way of presenting information to the attendees.

Note: By speaking at the Black Hat Briefings you are granting Black Hat, Inc. permission to reproduce, distribute, advertise and show your presentation including but not limited to, printed and/or electronic ads, flyers, mailers, etc.


To meet the goals outlined above, Black Hat expects several things from selected speakers.

1) If you are going to announce or demonstrate a new tool as the primary focus of your talk, that tool must be made available for the conference CD ROM. We don't want a room full of people all excited about what you have demonstrated only to learn the tool is $12,000 and not available to the general public.

2) Your completed materials for the printed conference proceedings and CD ROM MUST be submitted by the date specified on the CFP Letter of Acceptance or you will be dropped as a speaker and an alternative will be put in your place.

3) Black Hat expects speakers to be available during the lunches and reception in order to meet and mingle with the attendees. If you cannot do so, for example because of a business commitment, please let us know when you submit your materials.

4) Assume that the attendees already understand the basic concepts regarding your topic. For example, if you are talking about cryptography, assume that everyone knows the difference between public key vs. symmetric algorithms. Black Hat strives to be known as a more technical security conference, and as such, expect more high-level details from their speakers. If you must err in one direction or the other, err on the side of more technical.

5) In your presentation please include a reference to all of the tool(s), law(s), web site(s) or publication(s) you refer to. This bibliography will greatly help attendees who wish to learn more about your subject, but are not sure where to start. This is a new requirement for presentations as of 2003.

6) The content you provide for the conference CD ROM should include a copy of all the RFCs, White Papers, and/or tools referenced in your presentation. Attendees really like this, and we do too.

7) If you are performing a demonstration we expect you to provide all the necessary equipment. We will only provide an internet connection, power, and AV equipment as detailed in the Presentation Resources section.

8) If your presentation discusses a problem, also present suggested solutions. If no solutions exist please explain why they are not possible or practical and what you think the impact will be. If you present a solution to a new problem also explain what the weaknesses to the solution are, as well as their impact on the problem.

We can accommodate most requests if it enhances your presentation and they are made at least four weeks in advance of the show. Current tools we can make available to speakers include LCD projectors, slide projectors, microphones, video switch boxes, and wireless network access.

Black Hat currently provides 2 lcd projectors, 2 screens, microphone, and video switch box. Microphones are always wired since wireless mics can often be interrupted by cell phones.

This year will be two LCD projectors in a session. If your talk requires any sort of demonstration we encourage you to set up a network (presenters are advised that they are responsible for providing their own hardware and software) and have each machine projecting on one of the LCDs. This way audience members will be able to follow along what is occurring on each node as the talks progress, or the speaker may provide different information on different screen, etc.

There will be wireless Internet connectivity in case you need network access to demonstrate any aspect of your presentation.

Each presenter is responsible for bringing their own laptop to run their presentation from.
No loaner machines will be available.

Please forward any additional resource questions to cfp<a>


If you have never presented at Black Hat before, and you are selected to present, Black Hat will pay for one presenter's coach class roundtrip airfare and one hotel room for three nights at the Sheraton Seattle Hotel & Towers and a speaking honorarium of $500 USD.

If you have spoken before at Black Hat you will receive one presenter's round trip coach class airfare, one hotel room for three nights at the official Black Hat venue hotel, and a speaking honorarium of $1,000 USD.

  1. If you have been specifically invited to speak you fall into the second category.
  2. If you work for a company that is also an official Black Hat sponsor, we are unable to offer any compensation for travel, accommodations or honorarium.
  3. Speakers who are asked to participate in a panel but who also present on a topic will not be paid an additional honorarium.
  4. Speakers who are asked to present on separate topics at the same conference will earn an honorarium for each presentation. Only the original airfare and hotel room will be covered (no additional rooms, room nights or travel expenses will be provided or reimbursed).

Once you have been accepted, you will be contacted by us to make hotel and travel arrangements. Please make sure that you include a valid email address and telephone number (and fax if possible) where you can be reached.

The Black Hat Windows Security 2004 Briefings & Training Conference will take place January 27-30 at the Sheraton Seattle Hotel & Towers. Please see the Black Hat Windows 2004 Briefings pages for more information on hotel, venue, schedules, etc.

December 10, 2003: Call for Papers closes for Black Hat Windows Security 2004. Submit Now.
Decmeber 27, 2003: Conference / Group discount rates at the hotel closes.
January 10, 2004: Early Bird Discount Rate for registration closes
January 27-28, 2004: Black Hat Windows Security 2004 Training at the Sheraton Seattle Hotel & Towers
January 29-30:
Black Hat Windows Security 2004 Briefings at the Sheraton Seattle Hotel & Towers

Please visit for previous conference archives, information, and speeches. Updated announcements will be posted to news groups, security mailing lists, email, and the Black Hat web site when available.

Thank you for your time!

Jeff Moss, Organizer

Black Hat Logo
(c) 1996-2007 Black Hat