Great discussions today at the “Management of Complex Threats” workshop at IEEE/IFIP NOMS 2026 in Rome!
Together with Pierre Parrend and colleagues from IMT Atlantique and EPITA, and with the support of the CyberSecDome Horizon Europe project, we brought together around 20 researchers and practitioners from across Europe and Asia to discuss the future of AI-driven cybersecurity and the management of complex threats.
The workshop showcased an impressive breadth of topics:
• uncertainty-aware traffic classification from researchers at Czech Technical University in Prague
• adaptive IoT anomaly detection from National Institute of Informatics
• federated security gateways for LLM agents from Hochschule Furtwangen University
• autonomous AI-driven penetration testing from University of Calabria
• LLM-based honeypots from researchers in France
• cyber-physical attacks against cooperative robot systems from Birla Institute of Technology and Science Pilani
• and topology-based cyberattack detection for water distribution systems involving University of Strasbourg, Karlsruhe Institute of Technology, and EPITA.
I was also particularly happy to see strong contributions from the broader Cyber CNI chair ecosystem at IMT Atlantique:
Mathis Durand (Cyber CNI, CNRS UMR IRISA, IMT Atlantique) presented joint work with Yvon Kermarrec and Marc-Oliver Pahl on SSH honeypot realism and fingerprinting resistance. Their work analyzed how ethical hackers detect deception systems in practice and derived a taxonomy of effective honeypot detection techniques.
Mohammed Mezaouli (CNRS Lab-STICC, IMT Atlantique) presented joint work with Yehya Nasser, Samir Saoudi, and Marc-Oliver Pahl on AI-based real-time anomaly detection for embedded C functions using instruction-level traces and current measurements — an exciting step toward protecting resource-constrained IoT systems against zero-day style attacks.
One recurring theme across the workshop was clear: AI is both the attack surface and the defense mechanism. From semantic attacks against LLMs to autonomous penetration testing and trustworthy AI-driven defense systems, future 6G, IoT, and industrial infrastructures will require fundamentally new approaches to resilience and operational security.
A big thank you to all speakers, authors, and participants for the technically deep discussions and excellent atmosphere throughout the day!