MADWeb

Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb) 2026

Call for Papers

The web connects billions of devices, running a plethora of clients, and serves billions of users every day. To cope with such a widespread adoption, the web constantly changes. This is evident by some browsers that have a release cycle of just six weeks. Unfortunately, these rapid changes are not always designed with a security mindset, resulting in new attack vectors not observed before.

The MADWeb workshop aims to attract researchers who work on the intersection of browser evolution and web security. Our goal is to create and sustain a specialized venue for discussing any aspects of web security and privacy, such as the rapid changes to browsers from a security perspective, the security implications of current web technologies, how we can protect users now, and make browsers in the future more secure without hindering the evolution of the web.

Since MADWeb merged with the SecWeb workshop in 2025, we welcome ideas on extending the web with novel security mechanisms, better access interfaces (browsers), and disciplined programming abstractions to support secure web application development natively. Moreover, we invite contributions that propose provocative thoughts on re-envisioning (part of) the current web platform with security built-in by design.

We welcome work in progress and encourage junior researchers to explore new ideas before publication at a major security conference. We select papers based on their technical contributions and their potential to spark interesting discussions at MADWeb.

Our social media contacts are:

Please use the official hashtag #MADWeb for any public posts related to the workshop.

Important Dates

Areas of Interest

Submissions are solicited in, but not limited to, the following areas:

Submission Instructions

All papers must be written in English. Papers must be formatted for US letter size (not A4) paper in a two-column layout, with columns no more than 9.25 in. high and 3.5 in. wide. The text must be in Times font, 10-point or larger, with 11-point or larger line spacing. Authors are strongly encouraged to use the templates provided by NDSS.

We invite both full papers and work-in-progress papers. Full papers should have no more than 10 pages in total (excluding references and appendices). Work-in-progress papers must have less than 6 pages (again, excluding references and appendices), and can discuss work-in-progress and novel ideas. Work-in-progress papers will be selected based on their potential to spark interesting discussions during the workshop and they will not be included in the formal proceedings of the workshop. Note that full papers might be accepted as Work-in-progress if they are deemed as not mature enough but may spark enough discussions at the workshop.

Submissions must be properly anonymized for double-blind review (please follow NDSS guidelines on paper anonymization).

Submission site (not open yet) https://madweb26.hotcrp.com/

Use of Generative AI (drawn from NDSS CFP)

The use of Generative Artificial Intelligence, i.e., tools capable of generating text, images, or other data using generative models, often in response to prompts, is permitted for paper preparation as long as (1) the result does not plagiarize, misrepresent, or falsify content, (2) the resulting work in its totality is an accurate representation of the authors’ underlying work and novel intellectual contributions and is not primarily the result of the tools’ generative capabilities, and (3) the authors accept responsibility for the veracity and correctness of all material in their paper, including any AI-generated material.

The use of generative AI software tools must be disclosed as part of the paper submission. The level of disclosure should be commensurate with the proportion of new text or content generated by these tools. If entire (sub)sections of a paper, including tables, graphs, images, and other content were AI-generated, the authors must disclose which sections and which tools and tool versions were used to generate those sections (e.g., by preparing an Appendix that describes the use, specific tools and versions, the text of the prompts provided as input, and any post-generation editing). If the amount of text being generated is small (limited to phrases or a few sentences), then it would be sufficient to add a citation or a footnote to the relevant section of the submission utilizing the system(s) and include a general disclaimer in the Acknowledgements section. If generative AI software tools are only used to edit and improve the quality of human-generated existing text in much the same way as one would use a basic word processing system to correct spelling or grammar or use a typing assistant (like Grammarly) to improve spelling, grammar, punctuation, clarity, engagement, it is not necessary to disclose such usage of these tools in the paper.

Ethical Considerations (drawn from NDSS CFP)

Each paper may optionally include an “Ethics Considerations” section immediately preceding the reference section. In this section, the authors may discuss if they believe the work poses any ethical risk and the steps that are taken to mitigate such risk. If the authors believe that their work does not pose any ethical considerations, this section is not necessary.

Research can potentially lead to adverse outcomes. Individuals or organizations may experience negative consequences during the research process, immediately following publication, or in the future. Authors must proactively anticipate and address potential negative consequences of both conducting and publishing their research. Submissions may be rejected regardless of scientific merit if they fail to adequately address ethical concerns. If a paper relates to human subjects, analyzes data derived from human subjects, may put humans at risk, or might have other ethical implications or introduce legal issues of potential concern to the NDSS community, authors should disclose if an ethics review (e.g., IRB approval) was conducted, and discuss in the paper how ethical and legal concerns were addressed. IRB exemptions may not be sufficient grounds for proper mitigation of ethical concerns. If the paper reports a potentially high-impact vulnerability, the authors should report or at least discuss their plan for responsible disclosure. The chairs will contact the authors in case of concerns. An Ethics Review Board (ERB), consisting of TPC members, will check papers flagged by reviewers as potentially including ethically fraught research. Authors are encouraged to review the Menlo Report for general ethical guidelines for computer and information security research. The Program Committee reserves the right to reject a submission if insufficient evidence was presented that ethical or relevant legal concerns were appropriately addressed.

Workshop Format

MADWeb will be co-located with NDSS 2026. MADWeb will be an on-site event.

One author of each accepted paper is expected to present the paper, in person, at the workshop. The format will be traditional conference-style research presentations with questions from the audience. Interactive and engaging presentations are welcome. As for the previous editions, we plan to give best paper and best presentation awards. Following notification to authors, more information will be provided regarding speaking times and other details.

The accepted papers will be made available on the workshop website and the workshop will have official proceedings. Publication in the proceedings is not mandatory and authors can choose to have their papers excluded from the official proceedings by selecting “No proceedings” during submission in HotCRP.

Program Committee Co-Chairs

Program Committee Nomination

Want to help shape MADWeb 2026? Nominate yourself for the Program Committee: https://forms.gle/7nPk4vukFmDFqrD27

Deadline: Oct 31, 2025

Program Committee (TBD)

Steering Committee

madwebwork.bsky.social
infosec.exchange/@madwebwork
@madwebwork

MADWeb 2026, in cooperation with the NDSS Symposium