WTMC 2026 — Workshop on Traffic Measurements for Cybersecurity

Overview

WTMC is a workshop on cybersecurity research grounded in traffic measurements and empirical network observations. It focuses on how data collected from network traffic, protocols, applications, platforms, and Internet-scale infrastructure can improve our understanding of attacks, abuse, defenses, and other security-relevant online phenomena. Such measurements are essential not only for analyzing threats but also for assessing the effectiveness, limitations, and operational impact of countermeasures.

Traffic measurements have long supported the study of malware propagation, botnet activity, phishing campaigns, network anomalies, and other forms of abuse. They also provide a basis for evaluating detection and prevention mechanisms, studying the economics of cybersecurity, and understanding how protocol design, deployment choices, and user behavior affect security and privacy. More recent work has also begun to measure the role of generative AI in cybersecurity, including both its use in attacks and its use in defense.

The aim of WTMC is to bring together researchers and practitioners from academia and industry working on measurement-driven cybersecurity. We invite submissions describing original research, measurement methodologies, empirical studies, operational experience, and reappraisals of prior results that advance the understanding of cybersecurity from a traffic and network measurement perspective.

Topics of interest

Topics of interest include, but are not limited to:

Measurements for incident response, investigation, and evidence handling
Measurements of cyber attacks, including DDoS, botnets, malware, and phishing campaigns
Measurements of abuse infrastructures and the evolution of cyber threats
Measurements for the security and privacy of web-based applications and online services
Measurements of the impact and uses of generative AI in cyberdefense and cyberattacks
Measurements of the deployment and security impact of Internet protocols and mechanisms
Measurements for anomaly detection and attack discovery
Measurements for the economics of cybersecurity and privacy
Measurements of security and privacy in the Internet of Things and cyber-physical systems
Measurements of Internet censorship and related security-relevant online restrictions
Empirical studies of the security and privacy impact of regulation and policy
Traffic analysis to understand the nature, structure, and evolution of cybersecurity threats
Measurements for assessing the effectiveness of detection, prevention, and mitigation techniques
Passive, active, and hybrid measurement techniques for cybersecurity
Traffic classification, topology discovery, and Internet-scale monitoring for security
Correlation of measurements across layers, protocols, platforms, or networks for cybersecurity
Machine learning and data mining for the analysis of traffic measurements for cybersecurity
Large-scale measurement approaches for cybersecurity, including distributed and crowd-sourced methods
Visualization methods supporting the analysis of attacks, threats, and security incidents
Measurements of protocol and application behavior and their implications for security and privacy
Vulnerability notifications and their measurable security impact
Ethical issues in cybersecurity measurements
Reappraisal and replication of previous empirical findings

Submissions

Papers will be selected through a rigorous double-blind peer-review process, with 3–4 reviews per paper, and must present original, high-quality work. All papers must be written in English.

Authors are invited to submit short papers, regular papers, and long papers via EasyChair. Reviewers are explicitly not expected to read the appendices while deciding whether to accept or reject the paper.

Short papers: up to 4 pages + 2 pages for appendices/references
Regular papers: up to 6 pages + 2 pages for appendices/references
Long papers: up to 10 pages + 4 pages for appendices/references

Papers should be prepared in ACM format using LaTeX. Please follow the main CCS formatting instructions when preparing submissions. The sigconf template is available from ACM. Failure to comply with the page limits or formatting requirements may result in rejection.

Papers describing cybersecurity measurement studies should include an ethical considerations paragraph and, where applicable, should seek guidance from their institutional ethics committee or institutional review board. Authors may consult the Menlo Report and its companion document for general guidance.

Authors are encouraged to make available the software, datasets, models, or other artifacts used in their work whenever feasible, in order to support reproducibility and enable follow-up research. Submissions may include a short paragraph describing reproducibility-related aspects of the work.

Submission page: https://easychair.org/conferences/?conf=wtmc2026

Submission of a paper implies that, if the paper is accepted, at least one author will register for the workshop and present the paper.

Accepted papers will be published in the ACM Digital Library in a volume accompanying the main conference proceedings, with a separate ISBN.

Generative AI policies

WTMC adheres to the ACM Policy on Authorship regarding the use of generative AI tools. Authors and reviewers are required to follow the guidelines for the use of Large Language Models and other generative AI tools, such as ChatGPT, Claude, and Copilot, as set out in the ACM CCS Policy on the Use of Generative AI and LLMs .

Important dates

June 12, 2026 Paper submission deadline, AoE, UTC−12

August 8, 2026 Notification date

August 22, 2026 Camera-ready paper deadline

Venue

The 11th International WTMC workshop will be held at The World Forum in The Hague, The Netherlands. Detailed venue information can be found on the ACM CCS 2026 venue page .

Organizing committee

Maciej Korczyński, Grenoble Alps University, France
Carlos Hernández Gañán, Delft University of Technology, The Netherlands
Wojciech Mazurczyk, Warsaw University of Technology, Poland
Samaneh Tajalizadehkhoob, ICANN, The Netherlands
Pedro Casas, Austrian Institute of Technology, Austria

Program committee

TBA

Sponsors and supporters

Supporters

Previous workshops

WTMC 2025 at IEEE Euro S&P, Venice, Italy
WTMC 2024 at IEEE Euro S&P, Vienna, Austria
WTMC 2023 at IEEE Euro S&P, Delft, the Netherlands
WTMC 2022 at IEEE Euro S&P, Genoa, Italy
WTMC 2021 at IEEE S&P, Virtual Event
WTMC 2020 at IEEE Euro S&P, Virtual Event
WTMC 2019 at IEEE S&P, San Francisco, California, USA
WTMC 2018 at ACM SIGCOMM, Budapest, Hungary
WTMC 2017 at IEEE S&P, San Jose, California, USA
WTMC 2016 at ACM ASIACCS, Xi'an, China

Contact

Contact the WTMC 2026 chairs at wtmc2026@easychair.org.