The 3nd International Workshop on Autonomous Cybersecurity (AutonomousCyber 2026)
In conjunction with the 31th European Symposium on Research in Computer Security (ESORICS) 2026, 14 to 18 September 2026, Sapienza Università di Roma in Rome, Italy
Overview
The 3rd edition of AutonomousCyber 2026 represents a continued effort to advance research and development in autonomous cybersecurity. Following the success of our inaugural event, AutonomousCyber 2024, co-located with the 31st ACM Conference on Computer and Communications Security (ACM CCS 2024) in Salt Lake City, USA (17 submissions, 7 accepted, 37 participants), and the second edition, AutonomousCyber 2025, held at ESORICS 2025 in Toulouse, France (24 submissions, 7 accepted, 40 participants), the 2026 edition will be co-located with the 31st European Symposium on Research in Computer Security (ESORICS 2026), a premier venue for security and privacy research.
ESORICS provides a uniquely suitable forum for AutonomousCyber 2026 by bringing together a distinguished community of researchers and practitioners working across systems security, privacy, and trustworthy AI. This audience will particularly benefit from interdisciplinary discussions bridging theoretical advances and operational deployment of autonomous defense mechanisms. This edition highlights the ongoing transition from AI-assisted security tools toward fully autonomous and agent-driven cybersecurity systems. Unlike traditional automation, true autonomy in cybersecurity entails continuous learning, contextual reasoning, adaptive decision-making, and proactive threat mitigation under operational constraints. The workshop explores advances in self-reliant cybersecurity systems integrating Artificial Intelligence (AI), Machine Learning (ML), Large Language Models (LLMs), Quantum Machine Learning (QML), and Reinforcement Learning (RL) for proactive cyber defence. Particular emphasis is placed on emerging agentic AI security systems, where LLM-based reasoning, tool use, and multi-agent coordination enable security mechanisms capable of planning, acting, and adapting in real time. We further highlight the role of intelligent cyber agents in continuous assurance and operational resilience, including collaboration between autonomous agents and human operators through human–machine teaming (HMT). The workshop aims to examine how such systems can operate safely, verifiably, and responsibly while strengthening cyber resilience across modern digital infrastructures.
We, therefore, invite original, unpublished research that pushes the boundaries of AI-driven autonomous security defences. Submissions are encouraged that include comprehensive reviews, theoretical advances, experimental results, practical implementations, and case studies—each contributing novel insights and real-world validations to the field of autonomous cybersecurity. In particular, we emphasize research on systems capable of taking security actions under bounded authority, operating under policy constraints, and reasoning about consequences of defensive actions in real time. Submissions focusing solely on detection without autonomous decision-making components are outside the primary scope unless they explicitly enable autonomous operation.
At the AutonomousCyber workshop, we bring together a distinguished program committee composed of globally renowned experts and researchers in cybersecurity, ML, and AI. Our members have a proven track record of high-impact peer-reviewed publications, and their collective experience ensures a rigorous, fair, and timely evaluation process. At the heart of autonomous cybersecurity is the endeavor to establish cybersecurity systems with five main characteristics:
- Self-improving: Unlike mere automation, autonomous cybersecurity applications can improve themselves without manual intervention, adapting to new threats and changes in the environment.
- Continuous learning: Autonomous cybersecurity systems continuously learn from new data, making these systems more resilient and adaptable.
- Goal-directed reasoning: Autonomous systems reason about attack progression, defense impact, and operational objectives, selecting actions that satisfy mission and safety constraints.
- Automatic customization and personalization: Autonomous systems can tailor their responses and strategies based on specific network environments and threat models, offering a more personalized and effective approach to cybersecurity.
- Bounded autonomy and safety: Autonomous cybersecurity systems operate under explicit policy, verification, and human-override mechanisms to ensure safe and accountable behaviour.
Topics of Interest
Our workshop presents an exciting opportunity to explore state-of-the-art methodologies, groundbreaking technologies, and real-world applications. We solicit original, unpublished, and innovative research work relevant to the theme of this workshop. We seek contributions in, but are not limited to, the following key areas of interest and topics:
Foundational and Theoretical Advances
- Cognitive models for enhancing threat intelligence
- Principles and theory of self-learning cybersecurity systems
- Advances in QML for proactive cyber defence
- Human–machine teaming for cyber resilience
- Formal models of autonomous defensive decision-making
- Verification and assurance of agentic cyber defense behaviour
- Evaluation metrics for autonomy, reliability, and safety
Autonomous Cybersecurity Techniques & Methods
- AI-driven threat detection and mitigation algorithms
- Development of simulators for testing autonomous security systems
- Architectural innovations for adaptive and self-improving cybersecurity
Predictive modeling and proactive defence strategies
- Integration of autonomous defences with large-scale networked and distributed systems
- AI agents for continuous assurance and compliance
- LLM-based reasoning for adaptive defense orchestration
- Autonomous vulnerability discovery and patch synthesis
- Benchmarks and datasets for evaluating autonomy in cybersecurity
- Planning and tool-use in cyber defense agents
- Memory, reasoning, and state tracking for security agents
- Adversarial attacks against autonomous cyber agents
- Guardrails and runtime monitors for autonomous security systems
Practical Applications and Case Studies
- AI-based automated patch management and incident response
- Autonomous digital forensics and independent security investigations
- Real-world implementations and lessons learned from deployed autonomous security solutions
- Autonomous SOC operation and AI security copilots
- Autonomous response in cyber-physical and critical infrastructure systems
- Evaluation of autonomous systems in operational and adversarial environments (e.g., red-teaming, CTFs, SOC scenarios)
Ethical, Legal, and Operational Considerations
- Regulatory challenges of deploying autonomous cybersecurity systems
- Ethical considerations in self-adaptive AI-driven cyber defences
- Continuous compliance monitoring with AI-driven systems
- Accountability and governance of action-taking AI defenders
- Human oversight and escalation policies in autonomous defense
- Safety, reliability, and trust frameworks for autonomous cybersecurity systems
We encourage contributions that offer novel insights, theoretical advancements, empirical evaluations, and reflections on real-world implementations in AutonomousCyber 2026. This workshop aims to foster a deeper understanding of autonomous systems in cybersecurity and their pivotal role in shaping the future of digital security.
Committee
Preliminary Program Committee and Organization Team
Workshop Organizers
- Ali Dehghantanha, Canada Research Chair and Professor, University of Guelph, ON, Canada
- Reza M. Parizi, Director of Decentralized Science Lab and Professor, Kennesaw State University, USA
- Gregory Epiphaniou, Associate Professor of Security Engineering, University of Warwick, UK
Workshop Chairs
- Ali Dehghantanha, University of Guelph, ON, Canada
- Reza M. Parizi, Kennesaw State University, USA
- Gregory Epiphaniou, University of Warwick, UK
Publication Chair
- Abbas Yazdinejad, University of Regina, SK, Canada
Publicity Chair
- Tooska Dargahi, Manchester Metropolitan University, UK
- Tao Li, City University of Hong Kong, Hong Kong
Program Committee
- Ehab Al-Shaer, Carnegie Mellon University, USA
- Benjamin C. M. Fung, McGill University, Canada
- Andy Applebaum, Apple Inc, USA
- Melody Wolk, Apple Inc, USA
- Patrick Dwyer, Apple Inc, USA
- Vasilios Mavroudis, Alan Turing Institute, UK
- Chris Hicks, Alan Turing Institute, UK
- Z. Morley Mao, University of Michigan, USA
- Derrick Sturisky, Quantum Computing Inc., USA
- Mohammad Hamoudeh, King Fahad University of Petroleum and Minerals, Saudi Arabia
- Malka Halgamuge, RMIT University, Australia
- Andrew Hamilton, Cybriant, USA
- Alireza Jolafai, Flinders University, Australia
- Vasilis Katos, Bournemouth University, UK
- Ryan K. L. Ko, University of Queensland St Lucia, Australia
- Georgios Loukas, University of Greenwich, UK
- Haider Al-Khateeb, Aston University, UK
- Carsten Maple, University of Warwick, UK
- Mohammad S. Khan, East Tennessee State University, USA
- Nick Pitropakis, Edinburgh Napier University, Scotland
- Ahmad Ridley, Laboratory for Advanced Cybersecurity Research, USA
- Ali Safaa Sadiq Al Shakarchi, Nottingham Trent University, UK
- Jeff Schwartzentruber, eSentire Inc, ON, Canada
- Andre Weimerskirch, Lear Corporation, USA
- Kaiwen Zhang, ´Ecole de technologie sup´erieure, Canada
- Xiaojie Zhu, KAUST, Saudi Arabia
Programme
Submission Details
Submission Guidelines
All accepted papers will be published in the Springer LNCS series.
Submitted papers must not substantially overlap with previously published or currently under review papers for journals or conferences. The only accepted format for submission is PDF, and papers must be prepared using the Springer LNCS template from the time of submission. Papers should be a maximum of 16 pages (using 10-point font), excluding the bibliography and well-marked appendices, with a total maximum length of 20 pages. Please note that committee members are not required to read the appendices, so the main content of the paper should be fully understandable without them.
All submissions must be written in English. Failure to follow these guidelines may result in rejection without review, regardless of the quality of the work. If accepted, authors must agree to the Springer LNCS copyright terms and must commit to presenting their papers at the workshop.
📝 Track Selection: Authors are kindly requested to select the “Autonomous Cybersecurity” track when submitting papers that focus on autonomous threat detection, AI-driven cyber defense, and adaptive security systems.
📥 Submission Site: https://easychair.org/conferences/?conf=esorics2026
Important Dates
- Full Paper Submission Deadline: April 21, 2026 (Firm, anywhere in the world)
- Author Notification: June 12, 2026
- Registeration & Camera-ready: June 26, 2026
Workshop History
The 1st edition of the AutonomousCyber workshop was held in conjunction with the 31st ACM Conference on Computer and Communications Security (ACM CCS 2024) on October 18, 2024, in Salt Lake City, U.S.A. For further details, please refer to Autonomous-Cyber 2024. The workshop attracted researchers and practitioners focusing on autonomous cybersecurity, AI-driven threat detection, and self-learning security mechanisms.
Key Statistics (AutonomousCyber 2024 at ACM CCS):
- Number of submissions: 17
- Number of accepted papers: 7
- Number of participants: 37
The 2nd edition, AutonomousCyber 2025, is being held at ESORICS 2025 in Toulouse, France. This edition received 24 submissions, with 7 accepted papers, and is expected to attract around 50 participants. It further expands the impact of the workshop within the European security and privacy community, reinforcing its relevance and appeal.
Key Statistics (AutonomousCyber 2025 at ESORICS):
- Number of submissions: 24
- Number of accepted papers: 7
- Number participants: 40
Sponsorship
Avaly.ai
