2nd ACCSS Security & AI Workshop: Security and Privacy in the Age of Generative AI
Organised by the ACCSS Working Group on AI & Security, this event brings together researchers at the intersection of security/privacy and artificial intelligence to foster innovation and share cutting-edge ideas, experiences, and research opportunities.
A key feature of this year’s edition will be breakout sessions on topics collected from the community, enabling focused discussions and collaborative exchange on emerging challenges. Participants are also invited to submit posters to present their work and engage with peers in an open and interactive setting.
When registering, you will have the opportunity to suggest topics for the breakout sessions, helping shape the conversation.
Details
- Date: 23 October 2025 10:00-16:00
- Location: TU Delft - Mekelweg 5, 2628 CD Delft
- Register before 15th October: https://forms.microsoft.com/e/5niriCUZ7V
- Check here the program
Keynote Speakers
Dr. Mengyuan (Maggie) Zhang — Vrije Universiteit Amsterdam
Talk Title: Quantifiable Security: Challenges and Opportunities in the Age of AI
Abstract: Quantifying security has always been at the heart of cybersecurity practice across industries. Metrics such as the Common Vulnerability Scoring System (CVSS) and the Exploit Prediction Scoring System (EPSS) provide the numerical foundation for vulnerability prioritisation, network hardening, and policy decisions. Yet, despite their ubiquity, these frameworks face persistent challenges: inconsistencies across databases, disagreements between assessors, and a lack of contextual understanding of system-wide risk. Human-based efforts delay security assessments, leading to larger attack windows.Recent advances in machine learning and generative AI introduce both new possibilities and new uncertainties. Predictive models can learn to forecast exploit likelihoods or automate vulnerability explanations, but when trained on inconsistent data, they risk amplifying human bias rather than resolving it. This talk traces the evolution of quantifiable security, from standardised scoring frameworks, to the development of holistic system-level quantification, and finally to AI-driven prediction. I will also discuss current research that uncovers systemic inconsistencies in vulnerability datasets. It will finally outline emerging opportunities to build transparent, explainable, and confidence-aware metrics that bridge the gap between automated risk prediction and trustworthy human decision-making.
About: Since 2024, Mengyuan is an Assistant Professor at the Vrije Universiteit (VU) Amsterdam in the Foundational and Experimental Security group of the Department of Computer Science. Previously, she worked as a Research Assistant Professor in the Department of Computing at the Hong Kong Polytechnic University and as an Experienced Researcher at Ericsson Research Canada. She received my B.E. and M.E. in Information Security from Nanjing University of Posts and Telecommunications, and hold a Ph.D. in Information and Systems Engineering from Concordia University, Montreal, Canada, under the supervision of Prof. Lingyu Wang.
Her interests include security metrics, software security, vulnerability assessment, cloud/5G security & privacy, and applied ML in security.
Dr. Tailia Malloy — University of Luxembourg
Talk Title: Human-AI Interdependence in Security and Privacy
Abstract: Large Language Models (LLMs) and other forms of Generative Artificial Intelligence (GAI) have become ubiquitous in real world applications. This has raised considerable concern over the potential harm that these systems may have in a wide variety of domains. To prevent negative security and privacy outcomes stemming from the use of these models, it is necessary to understand their threats and benefits. These threats are introduced by malicious applications by bad actors, such as social engineering or cyber-attacks, as well as unintentional use by benign actors such as insecure code generation or incorrect information dissemination. Potential benefits of these models include use by cybersecurity professionals to improve the effectiveness of their defense strategies and use by the public to help inform them of best practices to ensure their privacy and security. This is further complicated by the recent advancements in agentic AI, which adds additional complexity to our interaction with AI. In this talk I will detail a human centric perspective on understanding these various challenges and opportunities, drawing from human-computer interaction, cognitive science, and artificial intelligence research to highlight the importance of understanding how humans form interdependent relationships with AI models, and how this impacts security and privacy.
About: Tailia Malloy (They/She) is a postdoc at the University of Luxembourg in the Interdisciplinary Center for Security, Reliability, and Trust, researching Large Language Model applications in personalization, cybersecurity, and human interaction. Before starting at UniLu, they had another position as a postdoc at Carnegie Mellon University in the Social and Decision Sciences department working in cognitive modeling with Generative AI models and Human-AI Interaction. They received their PhD from Rensselaer Polytech Institute in Cognitive Science, with their thesis focusing on Deep Reinforcement Learning and cognitive modeling.
Programme
The workshop will be held in Commissiekamer 3 - 20 Aula Conference Centre - TU Delft.
| Time | What |
|---|---|
| 9:30-10:00 | Walk-in |
| 10:00-10:10 | Welcome |
| 10:10-11:00 | Keynote |
| 11:00-11:15 | Coffee |
| 11:15-12:15 | Poster/Breakout session |
| 12:15-13:15 | Lunch |
| 13:15-14:15 | Keynote |
| 14:150-14:30 | Coffee |
| 14:30-16:00 | Breakout sessions |
| 16:00- | Drinks & Bitterballen |
Organizers
TU Eindhoven
k.tuma@tue.nl
TU Delft
m.khosla@tudelft.nl
University of Twente
t.s.vanede@utwente.nl