- Topics of Interest
- Submission Guidelines
- Important Dates
- Organizers and Program Committee
- Workshop Planning new!
The 1st International Workshop on Assessment with New methodologies, Unified Benchmarks, and environments, of Intrusion detection and response Systems (ANUBIS) will take place in Toulouse, France in September 2025. ANUBIS is co-located with the 30th European Symposium on Research in Computer Security (ESORICS 2025). ANUBIS is supported by France 2030 through the “Superviz” project.
In the face of the humongous volume of publications in the field of intrusion detection and response, coupled with the lack of rigorous evaluation methodology of these (increasingly AI-based) methods, reproducibility is close to impossible. To remediate to that issue, ANUBIS offers the opportunity for researchers from different domains and communities to bring and discuss their evaluation methodology practices.
Evaluation is a fundamentally transverse topic, and multidisciplinary expertise about cybersecurity goals, technical domain constraints, and machine learning components is necessary to achieve fair, explainable, and trustworthy evaluation. As such, we are looking for submissions that deal with the methods, tools and techniques to evaluate security measures that aim to protect (computer) systems against intrusions. We welcome original papers submitted by researchers and practitioners from various backgrounds, such as security and privacy (incl. code audit or penetration testing), formal methods, experimental platforms (incl. digital twins), machine learning and data mining.
Topics of Interest
The aim of ANUBIS is to bring together scientists involved in bringing new and better ways to evaluate intrusion detection and response systems used in various environments (IT, OT, and IoT and 5G/6G) and relying on various data (e.g., radio, system, and network). We invite researchers and practitioners to submit original papers focusing on:
- Threat data collection software and methods
- Evaluation of current and new security datasets
- Privacy-preserving datasets collection
- AI for synthetic data generation (legitimate, malicious and mixed workloads)
- Data representation for security
- Methodology, benchmark, metrics, formal methods, and tools for datasets or security tools evaluation
- Evaluation in dynamic environments and concept drift analysis
- Platforms, learning environments, digital twins, and software for reproducible experiments
- Evaluation of AI approaches for intrusion detection and response, such as reinforcement learning and federated learning
Submission Guidelines
The workshop accepts original research work and work-in-progress, not substantially overlapping with previous publications or concurrent submissions, as either:
- long papers: at most 16 pages (using 10-point font), excluding the bibliography and well-marked appendices, or
- short papers: at most 8 pages (using 10-point font), excluding the bibliography and well-marked appendices.
Submitted papers must follow the LNCS template from the time they are submitted. ANUBIS follows a double-blind review process and all papers that are not desk-rejected will be reviewed by two to three experts. Submissions must be uploaded to the following EasyChair website https://easychair.org/conferences/?conf=esorics2025, in the ANUBIS track.
Important dates
- Submission deadline:
7 June 2025 AoE23 June 2025 AoE (extended!) - Notification to authors:
17 July 202522 July 2025 - Camera-ready version: 12 September 2025 AoE
- Workshop: 26 September 2025
Organizers of the Workshop
- Pierre-François Gimenez, Inria, France
- Gregory Blanc, Télécom SudParis, France
Program Committee
- Solayman Ayoubi, Sorbonne Université, CNRS, LIP6, France
- José Camacho, University of Granada, Spain
- Marta Catillo, Università del Sannio, Italy
- Sebastian Garcia, Stratosphere Lab, AIC Group, Department of Computer Science, CTU University, Czech Republic
- Katarzyna Kapusta, Thalès, France
- Corentin Larroche, ANSSI, France
- Siamak Layeghy, The University of Queensland, Australia
- Frédéric Majorczyk, DGA, France
- Stéphane Mocanu, Laboratoire d’Informatique de Grenoble, France
- Benoit Nougnanke, Télécom SudParis, France
- Philippe Owezarski, LAAS-CNRS, France
- Barbara Pilastre, AMIAD, France
- Adrien Schoen, ENS Lyon, France
- Priyanka Singh, The University of Queensland, Australia
- Dario Stabili, Università degli Studi di Modena e Reggio Emilia, Italy
- Katarzyna Wasielewska, University of Granada, Spain
- Gabriel Zaïd, Thales ITSEF, France
Workshop Planning
The ANUBIS workshop will be held at Université de Toulouse in Toulouse, France on September 26. You’ll find more information on the venue on the ESORICS website.
| Time | Content |
|---|---|
| 9h | Introduction |
| 9h15 | Keynote (TBA) |
| 10h10 | No Bot Allowed: Detection of Automated Traffic on Modern Booking Platforms. Methods, Insights, and Current Challenges, Umberto Fontana, Elisa Chiapponi, Claudio Costanza, Vincent Rigal, Olivier Thonnard, Martynas Buozis and Herve Debar |
| 10h30-10h50 | Coffee break (20mn) |
| 10h50 | HENDRICS: A Hardware-in-the-Loop Testbed for Enhanced Intrusion Detection, Response and Recovery of Industrial Control Systems, Lalie Arnoud, Zoé Lagache, Pierre-Henri Thevenon, Aloïs Champenois, Victor Breux, Maxime Puys, Eric Gaussier and Oum-El-Kheir Aktouf |
| 11h20 | Get out of DEDALE with RESCOUSSE: a New Dataset and Testbed for Evaluating the Detection of APT attacks among Network and System Logs, Maxime Lanvin and Frédéric Majorczyk |
| 11h50 | Superviz25-SQL: High-Quality Dataset to Empower Unsupervised SQL Injection Detection Systems, Grégor Quetel, Eric Alata, Pierre-François Gimenez, Laurent Pautet and Thomas Robert |
| 12h20-13h50 | Lunch Break (1h30) |
| 13h50 | Middlebox Assessment and Network Gaps: Observing Enforced Security, Alya Alshaikh, Ilies Benhabbour and Marc Dacier |
| 14h20 | Network Intrusion Response Systems: Towards standardized evaluation of intrusion response, Thomas Marchioro, Rachida Saroui and Alexis Olivereau |
| 14h50 | Nxcap: A Unified Format for NIDS Benchmarking, Gabin Noblet, Cédric Lefebvre, Philippe Owezarski and William Ritchie |
| 15h20-15h40 | Coffee break (20mn) |
| 15h40 | Synthetic Network Traffic Generation for Intrusion Detection Systems: a Systematic Literature Review, Pierre-François Gimenez |
| 16h10 | Constraint-based Network Topology Generation for Evaluating Federated Intrusion Detection Systems, Léo Lavaur, Fabien Autrel and Yann Busnel |
| 16h40 | Closing remarks |
| 17h10 | End of the workshop |