Understanding Acceptance Rates in Cybersecurity Conferences
Acceptance rates are often used as a rough barometer of how selective a conference is. For researchers in computer security and privacy, knowing the likelihood of a paper being accepted can help you set expectations and choose where to submit. In this post we look at recent acceptance‑rate statistics for some of the most prominent cybersecurity conferences and consider what they tell us.
Why acceptance rates matter
An acceptance rate is the ratio of accepted papers to all submitted papers for a given conference cycle. A low acceptance rate generally indicates a highly competitive venue with many submissions and limited program slots. However, it is only one factor among many when judging the quality of a venue. Other considerations include the impact of past papers, the expertise of the program committee and the community served by the conference. Still, acceptance rates provide useful context for understanding how difficult it can be to get a paper into a particular venue and how those odds change over time.
Acceptance‑rate data for leading security conferences
The following table summarises recent acceptance‑rate statistics for several top‑tier cybersecurity conferences. All numbers refer to the percentage of accepted full papers relative to submitted papers, with the number of accepted and submitted papers shown in parentheses.
| Conference | Example year | Acceptance rate (accepted/submitted) | Internal link |
|---|---|---|---|
| IEEE Symposium on Security & Privacy (S&P) | 2024 | 17.8 % (258/1449) | IEEE Symposium on Security & Privacy |
| 2023 | 17.1 % (196/1147) | ||
| ACM Conference on Computer and Communications Security (CCS) | 2024 | 16.9 % (331/1964) | ACM Conference on Computer and Communications Security |
| 2023 | 19.15 % (235/1222) | ||
| USENIX Security Symposium | 2024 | 18.32 % (417/2276) | USENIX Security Symposium |
| 2023 | 29.2 % (422/1444) | ||
| Network & Distributed System Security Symposium (NDSS) | 2024 | 20.2 % (140/694) | Network & Distributed System Security Symposium |
| 2023 | 16.2 % (94/581) |
IEEE Symposium on Security & Privacy (S&P)
The IEEE Symposium on Security & Privacy (often nicknamed “Oakland” after its original location) is one of the longest‑running venues in cybersecurity. Recent data show that the S&P acceptance rate has hovered around the 12 %–18 % range over the last several years. For example, in 2024 the symposium accepted 258 papers from 1449 submissions (17.8 %). Program chairs have noted that under the conference’s multi‑cycle review process the acceptance rate for first submissions can be as low as 1.5 %, with conditional‑accept revisions bringing that number to around 5 %. Under a more traditional single review cycle the acceptance rate would be around 6.5 %. These figures highlight just how competitive S&P has become. You can find more details on our conference page: IEEE Symposium on Security & Privacy.
ACM Conference on Computer and Communications Security (CCS)
CCS is the flagship conference of the ACM Special Interest Group on Security, Audit and Control (SIGSAC). Its acceptance rate has historically ranged between 16 % and 22 %. For instance, the 2024 edition accepted 331 papers out of 1964 submissions, yielding an acceptance rate of 16.9 %. The previous year, 235 papers were accepted from 1222 submissions, producing a 19.15 % acceptance rate. The steadily high submission numbers reflect the conference’s broad scope, which covers everything from cryptography and network security to privacy and system security. See our CCS page for more information: ACM Conference on Computer and Communications Security.
USENIX Security Symposium
USENIX Security is known for its rigorous peer review and practitioner‑friendly emphasis on reproducibility. Its acceptance rate can vary significantly from year to year due to multiple submission deadlines. In 2024, the conference accepted 417 papers out of 2276 submissions (18.32 %). In 2023, an unusually high 29.2 % acceptance rate was recorded when 422 papers were accepted from 1444 submissions, and this spike likely reflects the introduction of additional submission cycles and categories. Despite yearly fluctuations, USENIX Security remains highly selective. You can read more about the symposium on our conference page: USENIX Security Symposium.
Network & Distributed System Security Symposium (NDSS)
NDSS, hosted by the Internet Society, focuses on network and distributed systems security. The symposium’s acceptance rate has remained fairly steady in the mid‑teens, with occasional rises when submission numbers fluctuate. In 2024, NDSS accepted 140 papers from 694 submissions for an acceptance rate of 20.2 %. The year before, 94 papers were accepted out of 581 submissions (16.2 %). The conference emphasises practical relevance, encouraging contributions that bridge theory and real‑world systems. Visit our NDSS page to learn more: Network & Distributed System Security Symposium.
Trends and takeaways
Data compiled across multiple years suggest that acceptance rates at top security conferences have trended downward as submission numbers rise. A widely cited statistics page observes that security conferences are becoming harder and harder to get in. There are several reasons for this:
- Growing interest in security research. With more researchers working in cybersecurity, the number of submissions continues to increase. Program committees cannot proportionally enlarge the schedule without diluting quality, so acceptance rates decline.
- Single‑track programs. Venues like S&P run a single track of talks to keep attendees focused, which inherently limits the number of papers they can accept.
- New submission models. Multi‑cycle review processes at some conferences mean that acceptance is broken into several stages. For example, S&P records a first‑submission acceptance rate of only about 1.5 %, rising to 5 % with revisions.
While acceptance rates offer a useful yardstick, they do not tell the whole story. A higher acceptance rate can occur because a conference has multiple tracks or includes short papers; a lower rate may result from an overloaded review schedule rather than better quality. When deciding where to submit, consider the conference’s scope, community and the kind of impact you want your work to have.
Conclusion
The leading security conferences remain highly competitive, with acceptance rates generally in the 10 %–20 % range and sometimes even lower. This selectivity underscores the value of publishing at venues like IEEE Symposium on Security & Privacy, ACM Conference on Computer and Communications Security, USENIX Security Symposium and Network & Distributed System Security Symposium. But remember that an acceptance rate is just one measure. The significance of your work, its relevance to the conference community and the clarity of your presentation are equally important. By understanding the numbers and the context behind them, you can better navigate the publication landscape and choose the right home for your research.