Skip to content

Instantly share code, notes, and snippets.

@0xdevalias

0xdevalias/how-to-publish-tech-research-as-an-independent-researcher.md

Last active March 28, 2025 01:23
Show Gist options
  • Save 0xdevalias/60f79b298cd0eb6e38c3307a3cb339e1 to your computer and use it in GitHub Desktop.
Save 0xdevalias/60f79b298cd0eb6e38c3307a3cb339e1 to your computer and use it in GitHub Desktop.
Download ZIP
Some notes on how to publish InfoSec and Software Engineering research papers as an independent researcher
Raw
how-to-publish-tech-research-as-an-independent-researcher.md

How to Publish InfoSec and Software Engineering Research Papers as an Independent Researcher

Some notes on how to publish InfoSec and Software Engineering research papers as an independent researcher.

Table of Contents

Notes

Gist / Blog Post Title Ideas

  • Title Ideas:
    • How to / Publishing Academic InfoSec / Software Engineering Research / Papers as a non-Academic
    • Suggestions from ChatGPT based on the above (Ref):

      • Here are a few polished and clearer title options depending on the tone you want:

        • Professional & Clear
          • Publishing Academic-Style InfoSec and Software Engineering Research Without an Academic Affiliation
          • How to Publish InfoSec and Software Engineering Research Papers as an Independent Researcher
        • Catchy & Accessible
          • Hacking Academia: Publishing InfoSec and Software Engineering Research Without a PhD
          • No PhD, No Problem: How to Publish InfoSec and Software Engineering Research as an Outsider
        • Direct & Informative
          • A Guide to Publishing InfoSec and Software Engineering Papers Without Academic Ties
          • Publishing Research Papers in InfoSec and Software Engineering as a Non-Academic

Reaching out to my networks for insights

ChatGPT Deep Research Exploration

  • Asking ChatGPT deep research about how to write / publish academic research / papers for someone who is used to more traditional InfoSec / software engineering / open source / blog post type approaches:
    • https://chatgpt.com/c/67e4b53d-4734-8008-aaf0-0f303ba57daf (private link)
      • Me: Initial Prompt

        Can you help me learn more about how to publish infosec / software engineering research / papers. I'm not affiliated with any academic institutions currently, and if it's possible to do so without being affiliated with one, that would probably be my default choice/approach, but I'm not entirely closed off to the idea.

        I'm going to collect the information into a GitHub gist titled "How to Publish InfoSec and Software Engineering Research Papers as an Independent Researcher" for my future reference.

        I initially reached out to my networks asking this: "Do I know anyone in the InfoSec / Software Engineering / similar space of things; who also have experience with academia, and what goes into writing / publishing a paper / research? I’d love to learn more about what goes into the process / how to do so."

        I find myself doing a lot of deep dives into software dev / InfoSec things and would traditionally write/release some open source code, and/or write up a blog about it / etc; but I'm wanting to figure out how much extra effort would be involved to package it all up in a way that jumps through the hoops for publishing for academia/related vibes.

        With some of my more recent/ongoing deep dives, I'm finding that the level of research effort I am putting into them / planning to put into them in future is starting to feel like something that would warrant some more 'lasting outputs' than just a blog post/similar; which is why I am starting to think more in this 'published research' area of things now.

      • ChatGPT: Clarifying Scope

        That sounds like a great initiative! To help you best, could you clarify a few things:

        • Are you more interested in academic-style journals and conferences (e.g., IEEE, ACM, Usenix, etc.) or industry-style venues (e.g., Black Hat, DEF CON, etc.)?
        • What types of research outputs are you aiming for—technical proofs, experimental results, security disclosures, tool development, surveys?
        • Would you prefer free/open-access publishing venues, or are paywalled options okay too?
        • Are there any specific topics or fields you're most interested in publishing on (e.g., malware analysis, secure software development, cryptography, vulnerability research)?

        Once I have a bit more context, I’ll pull together a complete guide tailored to your situation, including venues, submission processes, and examples from independent researchers.

      • Me: Providing Additional Context

        I have presented at infosec conferences in the past, and that's definitely something I am open to doing again in future; but the main focus of this is more towards academic style journals/similar 'published research' type things as a basis, and then I would likely adapt the results from that into a more 'hacker conference' style talk later on. Can you release a paper to a journal/similar without actually presenting it at a conference?

        A lot of my recent / ongoing deep dives have been in the space of reverse engineering tooling / processes, with a specific focus on javascript unminification / de-bundling. One of my ongoing areas of interest is in figuring out better ways to return useful variable / function names/identifiers to code that has had them 'stripped'/minified; and that has lead me into looking at fingerprinting functions / code, fingerprinting AST structures, code embeddings, etc. From there I am also thinking about creating tooling to assist in this process, and then likely using that tooling + related concepts to do some larger scale processing of open source projects in a way that would enable matching bundled/minified code back to the original libraries, being able to extract/apply the function/variable names back to the minified code based on that, etc. There will likely be other areas I branch out into exploring as well, for example I have some interest in AI / machine learning aspects related to audio synthesiser patch generation and similar as well. But for the most part, any research/etc I do would be in a general tech / infosec / software engineering / etc space of things.

        I'd prefer free/open access publishing, as that aligns more with my ethos and open source ideals; but I am also open to information related to paywalled things I guess. It might be helpful to give a bit of a contrast between the two options, and the pro's / con's associated with each.

      • ChatGPT: Task Summary

        Great, I’ll put together a guide on how to publish InfoSec and software engineering research papers as an independent researcher, with a focus on academic-style journals and open-access publishing. I’ll also cover how this intersects with hacker conference talks, contrast open-access vs. paywalled venues, and provide guidance on submitting without institutional affiliation.

        I’ll let you know once it’s ready!

        Research completed in 8m · 21 sources

Journals, Publishing, Etc

arXiv

  • https://arxiv.org/

    • arXiv is a free distribution service and an open-access archive for nearly 2.4 million scholarly articles in the fields of physics, mathematics, computer science, quantitative biology, quantitative finance, statistics, electrical engineering and systems science, and economics. Materials on this site are not peer-reviewed by arXiv.

    • https://info.arxiv.org/about/index.html

      • arXiv is a curated research-sharing platform open to anyone. As a pioneer in digital open access, arXiv.org now hosts more than two million scholarly articles in eight subject areas, curated by our strong community of volunteer moderators.

        arXiv offers researchers a broad range of services: article submission, compilation, production, retrieval, search and discovery, web distribution for human readers, and API access for machines, together with content curation and preservation. Our emphasis on openness, collaboration, and scholarship provide the strong foundation on which arXiv thrives.

        arXiv currently serves the fields of physics, mathematics, computer science, quantitative biology, quantitative finance, statistics, electrical engineering and systems science, and economics.

      • Registered users may submit articles to be announced by arXiv. There are no fees or costs for article submission. Submissions to arXiv are subject to a moderation process that classifies material as topical to the subject area and checks for scholarly value. Material is not peer-reviewed by arXiv - the contents of arXiv submissions are wholly the responsibility of the submitter and are presented “as is” without any warranty or guarantee. By hosting works and other materials on this site, arXiv, Cornell University, and their agents do not in any way convey implied approval of the assumptions, methods, results, or conclusions of the work.

    • https://info.arxiv.org/help/submit/index.html

ResearchGate

  • https://www.researchgate.net/

    • Discover scientific knowledge and stay connected to the world of science

    • Discover research Access over 160 million publication pages and stay up to date with what's happening in your field.

    • Connect with your scientific community Share your research, collaborate with your peers, and get the support you need to advance your career.

    • Measure your impact Get in-depth stats on who's been reading your work and keep track of your citations.

Unsorted

  • TODO: Do a bit of a deep dive search for similar blogs/etc and collate relevant resources here

See Also

My Other Related Deepdive Gist's and Projects

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment