3 rd ACM Workshop on
Large AI Systems and Models with Privacy and Security Analysis
November 15, 2026 — The Hague, The Netherlands
co-located with the 33rd ACM Conference on Computer and Communications Security

Call for Papers

Important Dates

  • Paper submission deadline: July 19, 2026, 11:59 PM (all deadlines are AoE, UTC-12)
  • Acceptance notification: August 24, 2026
  • Camera ready due: September 7, 2026
  • Workshop day: November 15, 2026

Overview

The trajectory of AI has fundamentally shifted in 2026. We are moving beyond standalone Large AI Models (LAMs) to deeply integrated, autonomous Agentic AI systems capable of long-term planning, external tool execution, and local shell access. While these agentic frameworks promise to revolutionize critical infrastructure management, they simultaneously introduce a massive system-level attack surface. In this new paradigm, traditional empirical defenses are no longer sufficient.

Building upon the resounding success and immense community impact of LAMPS'24 and LAMPS'25, which consistently drew over 80 attendees and highly competitive submissions, LAMPS'26 is dedicated to tackling this exact frontier. As a recognized catalyst for cutting-edge AI security research, we place a spotlight on mathematically grounded defenses this year. We explicitly bridge Agentic Security with rigorous Formal Verification and Advanced Cryptography to secure high-stakes autonomous systems, effectively setting the research agenda for the future of secure AI deployment.

Topics of Interest

Topics of interest include (but are not limited to):

Track 1: Agentic System Security & Formal Verification (Featured Theme)

  • Formal Guarantees for Tool-Use: Applying formal verification to bound agent actions, mathematically proving safe API execution and preventing sandbox escapes.
  • Skill Exploitation & IPI: Defending against the malicious manipulation of agent "skills" (e.g., shell execution, web browsing) via indirect prompt injection.
  • The "Double Agent" Risk: Mitigating threats where personalized agents autonomously execute unauthorized actions without human-in-the-loop oversight.
  • Agent-to-Agent (Multi-Agent) Vulnerabilities: Investigating emergent interaction risks such as agent collusion, adversarial manipulation of peer agents (e.g., cross-agent prompt injection), and systemic cascading failures.
  • Agent-Environment and Tool Interaction Risks: Examining compounding vulnerabilities when agents autonomously interact with external environments, APIs, and untested data sources, leading to unauthorized traversal or payload execution.

Track 2: Cryptographic Defenses & Privacy-Preserving AI

  • Cryptographic Agent Memory: Leveraging Fully Homomorphic Encryption (FHE) and Secure Multi-Party Computation (SMPC) for encrypted agent states and secure collaborative reasoning.
  • Verifiable Agent Actions: Utilizing Zero-Knowledge Proofs (ZKPs) to audit autonomous agent workflows without revealing underlying prompts or sensitive user data.
  • Advanced Data Protection: Data anonymization, synthetic data generation, and IP protection in model weights via cryptographic watermarking.
  • Countermeasures against advanced adversarial attacks, data poisoning, and model extraction in continuous-learning systems.

Track 3: Secure LAMs for Critical Infrastructure

  • AI-driven automated security orchestration, penetration testing, and incident response (SOAR).
  • Vulnerability assessments of LAMs deployed in industrial control systems and cyber-physical environments.
  • Collaborative AI for secure, cross-border global cyber threat intelligence sharing.

Track 4: Human-Centric AI Security & Governance

  • Human-Agent Interaction Exploitation: Addressing the risks of deceptive alignment, advanced social engineering by autonomous agents, and vulnerabilities stemming from human over-reliance on agentic workflows.
  • Human factors in adversarial vulnerabilities and social engineering via autonomous AI assistants.
  • Combatting deepfakes to preserve trust in digital communications.
  • Explainability, fairness, and transparent decision-making in high-stakes autonomous systems.
  • Frameworks for responsible AI governance and participative stakeholder engagement.

Submission Guidelines

Submitted papers must not substantially overlap with papers that have been published or simultaneously submitted to a journal or a conference with proceedings.

  • Short Papers: These papers should present concise and focused contributions, such as preliminary research findings, novel ideas with early evidence, or case studies relevant to the aforementioned topics of interest. Submissions must be up to 4 pages of body text in the ACM double-column format. Short papers must offer a clear and well-motivated contribution, even if the work is at an early stage, and should be of interest to the research community.
  • Research Papers: These papers should present new work, evidence, or ideas related to aforementioned topics of interest. Submission must be up to 8 pages of body text in the ACM double-column format, excluding well-marked references and appendices, and at most 10 pages. Research papers must be well-argued and worthy of publication and citation, on one of the topics listed above.
  • Systematization of knowledge (SoK) Papers: These papers should either consolidate and clarify ideas in a major research area within secure and trustworthy machine learning or provided compelling evidence to support or challenge long-held beliefs in such areas. Submission must be up to 8 pages of body text in the ACM double-column format, excluding well-marked references and appendices, and at most 10 pages. SoK papers must include "SoK:" at the beginning of their title.
  • Position Papers: These papers should cover broader issues and visions related to aforementioned topics of interest, including open challenges, technical perspectives, educational aspects, societal impact, or notable research results. Submissions must be very well-argued and consist of at most 4 pages of body text in the ACM double-column format, excluding well-marked references and appendices, and at most 5 pages in total. Position papers must include "Position:" at the beginning of their title.

Submission Site

Submission link: https://ccs26-lamps.hotcrp.com

Only PDF files will be accepted. Submissions not meeting these guidelines risk rejection without consideration of their merits. Authors of accepted papers must guarantee that one of the authors will register and present the paper at the workshop. Proceedings of the workshop will be available on a CD to the workshop attendees and will become part of the ACM Digital Library.

The archival papers will be included in the workshop proceedings. Due to time constraints, accepted papers will be selected for presentation as either talk or poster based on their review score and novelty. Nonetheless, all accepted papers should be considered as having equal importance.

Authors are responsible for obtaining appropriate publication clearances. Attendance and presentation by at least one author of each accepted paper at the workshop are mandatory for the paper to be included in the proceedings.

For any questions, please contact one of the PC co-chairs Xiaoyu Xia: xiaoyu.xia@rmit.edu.au.

Committee

PC Chairs

Web/Publication Chair

Organizing Committee