Workshop on Active Defense and Deception

The 5th Workshop on Active Defense and Deception (AD&D) will take place on September 18, 2026, in Rome, Italy, co-located with the 31st European Symposium on Research in Computer Security (ESORICS) 2026.

The AD&D workshop aims at promoting Active Defense as an effective extra security layer, with the goals of moving the research forward and of encouraging its adoption by the industry. In particular, as the “assume breach” mindset becomes the norm, Active Defenses are becoming one of the most promising solutions.

Traditionally, information security distinguishes the roles of the attacker and the defender. The attacker is active: gathering information, exploring the system, finding vulnerabilities, and executing exploits; while the defender is passive: collecting and monitoring system logs and trying to detect malicious behavior via attack signatures. The attacker knows very well who the victim is, while the defender often has limited information about the attackers, their methods, and their real motivations. This imbalance makes it more difficult to defend computer systems and helps attackers remain undetected for long periods of time.

Active defense can mitigate these problems by finding ways to proactively engage with attackers during the early stages of the attack lifecycle. This can be implemented in various ways, such as by mutating or diversifying the system (i.e., Moving Target Defense), adapting to attacks in real time (Adaptive Defense), and introducing runtime defenses (e.g., RASP). One important aspect of active defense is deception, where the defender can place enticing traps around the system, mimic vulnerabilities, or obfuscate system elements to deceive, confuse, and mislead possible attackers. Since some of the most destructive attacks, such as supply-chain attacks and phishing campaigns, are composed of multiple stages, active defense has the potential to detect such attacks with relatively simple techniques.

Despite the high accuracy promised by these techniques, active defense has not been widely adopted in information security. Possible reasons include the need for a multidisciplinary approach, the importance of understanding the human aspect and the psychology of attackers, the difficulty of quantifying effectiveness, and the challenge of integrating active defense at different layers in the target system.

Thus, this workshop aims to bring together researchers from a variety of fields such as psychology and cognitive science, with experts in different forms of deception for defense, but also in offense techniques such as social engineering and disinformation. In particular, we aim to address the following questions:

• How can we evaluate and demonstrate the effectiveness of active defense?
• What is the impact of attackers’ deception awareness?
• How can we impact the attackers’ decision making process to make them waste more resources?
• Is it possible to reuse offensive deception techniques against attackers?
• How can we optimize the enticement of deceptive elements without making them too obvious?
• How can deceptive elements be updated to ensure long-term effectiveness?
• What are the myths vs. real world experiences on active defense?
• How can we move forward to increase the adoption of active defense?

Call for contributions

AD&D accepts three types of contributions:

• Research Papers: Traditional research papers with novel contributions are accepted in full and short paper formats. The full papers must be no longer than 16 pages, short papers must be no longer than 10 pages, including all figures. References and appendices will not count towards this limit, but reviewers are not required to read the appendices.

• Position Papers: Position papers should present novel, preliminary research ideas or perspectives that aim to spark discussion and exploration within the community. Submissions must not exceed 10 pages and should include the text “Position Paper:” at the beginning of the title. References and appendices do not count toward the page limit; however, reviewers are not obligated to read the appendices.

• Experience Papers: Experience papers should share novel insights, findings, or lessons learned from real-world applications or deployments in the context of active defense. Submissions must not exceed eight pages and should include the text “Experience Paper:” at the beginning of the title. References and appendices do not count toward the page limit; however, reviewers are not required to read the appendices.

All submissions must be anonymized. The program committee will evaluate submissions based on relevance, impact, and the potential to spark discussion at the workshop. Interdisciplinary work is appreciated and encouraged.

Areas of Interest

Topics of interest include, but are not limited to:

• All types of active defense methods: moving target defense, dynamic and runtime defenses, and deception use cases
• Attacker engagement in different stages of the attack lifecycle
• Measuring the overhead of active defense
• Experiment designs and frameworks to measure the effectiveness of active defense
• Feedback from real-world uses of active defense, canaries, and honeypots: what worked and what did not?
• Automation of active defense and deception
• Monitoring, alerting, containment, and deceptive response strategies
• Ensuring longevity and continuation of deception
• Attackers’ reasoning, decision making, and behavior patterns
• Cognitive approaches that attackers can get prepared against
• Deceiving humans vs. deceiving computers: how can cognitive biases of attackers be influenced through computers?
• Deception for offense: social engineering, phishing, disinformation, dark patterns in UI/UX, and other manipulation techniques
• Adapting offensive deceptive techniques to defense
• Interdisciplinary research methods to improve active defense via attackers’ human factors

Authors are encouraged to contribute research that addresses these topics and pushes the boundaries of knowledge in Active Defense and Deception. Papers reporting industry experiences and case studies will also be encouraged.

Note that we exclude the concepts of preemptive attacks, hacking back, and counter-attacks.

Policy Against the Use of Generative AI

In principle, generative AI is not allowed for submissions except for language polishing purposes. In the latter case, authors should acknowledge the usage of generative AI. If a submission is suspected to use generative AI tools, the authors will be contacted and the paper may risk a desk rejection. Furthermore, usage of AI is not allowed for the review process by the program committee.

Important Dates

• Submission deadline (tentative): June 10, 2026
• Acceptance notice to authors: July 31, 2026
• Publication-ready papers submitted: August 31, 2026
• Workshop date: September 18, 2026

Submission Guidelines

Submitted papers must comply with the LNCS template at the time of submission. Submitted papers should be at most 16 pages (using 10-point font), excluding the bibliography and well-marked appendices, and at most 20 pages total. Committee members are not required to read the appendices, so the paper should be intelligible without them. All submissions must be written in English.

Submissions must be uploaded to the following EasyChair website: https://easychair.org/conferences/?conf=adnd2026

Only PDF files will be accepted. Submissions are double-blind: no author names or affiliations may appear on the title page, and papers should avoid revealing authors’ identities in the text. Submissions not meeting these guidelines risk rejection without consideration of their merits.

Authors of accepted papers must agree with Springer LNCS copyright and are requested to ensure that their papers are presented at the workshop, and to complete the registration for workshop attendance.

Workshop Format

One author of each accepted contribution is expected to present the work at the workshop. The format is expected to include traditional conference-style presentations followed by questions and feedback from the audience. Interactive and engaging presentations are welcomed.

More information regarding speaking times, proceedings, and camera-ready requirements will be provided following notification to authors.

Organization

The 2026 program committee will be announced soon.

General chairs

• Denis Donadel, University of Verona, Italy
• Francesco Lupia, University of Calabria, Italy

Publicity chair

• Natalia Stakhanova, University of Saskatchewan, Canada

Program Committee

• TBA

Supported by

DIMES, University of Calabria

The Honeynet Project

—