- network security & network forensics
- aviation and maritime system and communication security
- cyber defence exercises & awareness trainings (including red-teaming, learning, capability profiling & assessment).
- network measurements (active & passive)
- WAN-routing & security (IPv6, BGP/BGPsec,...)
I obtained my Ph.D. (Dr. rer. nat.) in computer science from the Technical University of Munich, Germany, in the group of Prof Anja Feldmann, PhD in 2005 and my Diploma (MSc) from the Saarland University, Saarbrücken, Germany in 2002.
Cyber Security Research
The term Cyber Security has become a buzzword in the recent years. It's overloaded and doesn't mean much anymore. Many people, including me, try to avoid the word as much as possible. In a university context, however, it's a student magnet. We see a very high demand in 'cyber security education', but it should be clearly understood that 'cyber security' is not a scientific discipline in itself. Instead it combines insights from many other disciplines: for example, from computer science it takes secure software design, or how to build intrusion detection systems, methods for vulnerability testing, and so on; cryptography is rooted in mathematics; psychology helps to understand human factors; aspects of forensic science are used by law enforcement agencies; social sciences, business and economic understanding is essential; operational and strategic risk management models & audits help with reducing the threats in day-to-day operations; and of course legal and political disciplines are required.
For me the term 'cyber security' is simply an expression meaning interdisciplinary. In fact interdisciplinarity and effective communication are the only way we can fight today's problems in 'cyberspace'. It is the combination of knowledge and insights from several great areas of science that is required to secure 'cyberspace'. This is exiting, interesting, but also very challenging.
In our research at Tallinn University of Technology we focus on three main research areas: (1) serious games; (2) critical infrastructure protection; and (3) skill profiling and attributions.
(1) Technical Cyber Defense Exercises are a valuable teaching and learning tool. They are in great demand at any size from the very small up to the leading edge ones, such as Locked
Shields organized by the NATO Cooperative Cyber Defence Centre of Excellence. Our group is participating in this exercise and we try to keep it the most innovative and cutting-edge exercise in the world. Personally, I have been a member of "green" (technical organization) and "red-team" (offensive attacking team) for over five years now.
One of the big challenges is scaling such exercises, as the preparations are often done manual or at best semi-automatic. Such an approach is labor intensive, tedious and very error-prone. My research interests in the area of serious games includes the following areas: a) improving scalability and mitigation human-error using automation; b) behavioral analysis during cyber crisis management; and c) measuring and improving learning in such technical exercises.
Overall, the dialog with industry is very important to my research, as it ensures research will not lose it's foundations. High-quality research should build on solid theoretical foundations, but must also deliver real-world impact.
During my PhD I have worked with Anja Feldmann and Rüdiger Volk from Deutsche Telekom on a network-wide configuration management system, which is in production use in DT's network since 2004. The system specifies eBGP routing policies on an abstract graph-level, but then compiles it all the way down to the vendor-dependent code and auto-configures their routers.
At the University of Adelaide in South Australia I did my post-doc in the School of Mathematical Science working with Matthew Roughan. I am still continuing collaborations with my friends "down under". At the moment we are extending our configuration management system to be beneficial to the network security area as well, for example to configure and auto-deploy Cyber Defense Exercises.
(2) The 2nd research area is Critical Infrastructure Protection (CIP). This area combines several areas of cyber security. Obtaining situational awareness is a pressing challenge, as well as the best risk management approach. However, my personal interest looks at CIP from an aviation perspective.
(3) As mentioned above, cyber Security is a very different domain from any classical degree program, and for this reason it is very hard to select good students purely based on their past performance; and b) the university faces a scale problem. As Tallinn University of Technology runs a tuition-free program, we receive a huge number of applications from international students. However, determining who is a good cyber security student just by looking at grades on a transcipt does not work in this area. In fact, what defines a "good cyber security student"? The area is so broad, and elite hackers might even be school-dropouts. In the admission process we are conducting Skype-Interviews with most qualified students. The interview process tests on many competencies beyond pure technical and intellectual abilities, but is not sufficient to truly determine who is a good student and who is not. For this reason we are starting now to conduct research in the area of competency profiling. This is a first step to solve our problem, but also hugely valuable for companies, who want to determine the skill profile of its employees or who want to select the best candidate in an interview process. Thinking this research further, we might end-up in a forensic area where attribution can be made based on past skill profiles.
It is this balance between theory and "hands-on" that enables innovation and changes technology.
What drives my research also applies to my teaching. Personally, I believe that traditional universities are at risk of sleepwalking into a crisis, as Massive Open Online Courses (MOOCs) change the higher-education environments drastically. We need to rethink our methods/values and implement innovative teaching into our programs. I have also recently been involved in the restructuring of our postgraduate Internet Computing and Network Security (ICNS) program.
However, the interdisciplinary nature that a cyber security teaching requires provides challenges and opportunities for novel approaches. We are facing students with a very diverse background and very diverse set of skills, and it is almost impossible to teach them purely using traditional methods.
For more information about my view on teaching cyber security in higher-education, please see my teaching statement.
Since April 2012 I am a Fellow of the UK Higher Education Academy (HEA) having completed the HEA accredited "New Lecturers' Course", which is a comprehensive course for new academic faculty in UK.
- Undergraduate courses
- COF181 Introduction to Programming II
(2012/13 Sem 2)
- COC190 Advanced Networking
(2012/13 Sem 2, 2013/14 Sem 2)
- COP455 Network Systems
(2009/10 Sem 1, 2010/11 Sem 2, 2011/12 Sem 2, 2012/13 Sem 1, 2013/14 Sem 1)
- COP502 Networks Lab
(2009/10 Sem 2, 2010/11 Sem 2, 2011/12 Sem 2)
- COP502 Building Secure Networks
(2012/13 Sem 1, 2013/14 Sem 1)
- COP532 Internet Architectures
(2010/11 Sem 1, 2011/12 Sem 1)
- COP532 Internet Protocols
(2012/13 Sem 1, 2013/14 Sem 1)
Tallinn University of Technology:
- MSc-level courses
- ITC8060 & ITC8061 Network Protocol Design
(3ECTS variant: Spring 2014/15, updated 6ECTS variant: Spring 2015/16, Spring 2016/17)
- ITX8040 Cyberdefence Seminar
(Spring 2014/15, Autumn 2015/16)
- ITX8230 Digital Forensics Seminar
(Spring 2014/15, Autumn 2015/16)
- ITX8512 Practical Training
(Continuously since spring 2014.)
- ITC8070 Information Systems Attacks and Defence
(Autumn 2016/17, Autumn 2017/18)
- IXX9601 Doctoral Seminar I, II & III
(Autumn 2014/15, Autumn 2015/16, Spring 2016/17)
- ITC9010 Special Topics of Cyber Security I
(Spring 2015/16, Spring 2016/17)
- ITC9020 Special Topics of Cyber Security II
(Autumn 2016/17, Autumn 2017/18)
Cyber Security Summer School (C3S)
- C3S 2015 — Information Security
(13-17 July 2015)
- C3S 2016 — Digital Forensics ‐ Technology and Law
(3-8 July 2016)
- C3S 2017 — Social Engineering Capture The Flag
(10-14 July 2017)
Current PhD Students
- Mauno Pihelgas (since July 2014)
- Kaur Kullman (since July 2015)
- Toomas Lepik (since July 2015)
- Sten Mäses (since July 2016)
- Kristjan Kikerpill (Law-PhD student at University of Tartu. Co-supervising from tech-side since July 2016)
- Jens Getreu (since September 2017)
Graduated/completed PhD students:
I have supervised over 45 MSc theses, and done numerous final year projects reviews, PhD progress reviews and been on the committee of 15 PhD defenses.
- ACM Internet Measurement Conference 2017, London, England, Nov 1-3, 2017 (general co-chair jointly with Steve Uhlig)
- 3nd Interdisciplinary Cyber Research (ICR) workshop, Tallinn, Estonia, 2017 (general co-chair jointly with Anna-Maria Osula)
- C3S Cyber Security Summer School—Social Engineering Capture The Flag, Tallinn, Estonia, 2017 (jointly with Tobias Eggendorfer)
- 20th IEEE Global Internet Symposium, Atlanta, GA, USA, May 1-4, 2017 (co-TPC chair)
- C3S Cyber Security Summer School on Digital ForensicsTechnology and Law, Tallinn, Estonia, July 3-8, 2016 (general co-chair jointly with Helen Eenmaa-Dimitrieva)
- 2nd Interdisciplinary Cyber Research (ICR) workshop, Tallinn, Estonia, July 2, 2016 (general co-chair jointly with Anna-Maria Osula)
- ACM SIGCOMM, London, UK, August 17-21, 2015 (general co-chair jointly with Steve Uhlig, 608 attendee conference)
- Interdisciplinary Cyber Research (ICR) workshop, Tallinn, Estonia, July 18, 2015 (general co-chair jointly with Anna-Maria Osula)
- C3S Cyber Security Summer School on Information Security, Tallinn, Estonia, July 13-17 2015 (general co-chair jointly with Jon Crowcroft, 70 PhD students, 14 mentors & 11 speakers participating. Impressions from C3S'15 on youtube)
- NPsec, 2013 (general co-chair jointly with Jun Li)
- CoNext Student Workshop, 2010 (co-chair jointly with Brighten Godfrey and Chuanxiong Guo)
Reviewer/Program Committee Member:
- ACM SIGCOMM 2017, Los Angeles, CA, USA, August 2017
- NordSec 2017, Tartu, Estonia, November 8-10, 2017
- The First International Workshop on Big Data Analytic for Cybercrime Investigation and Prevention, Boston, MA, USA, Dec 11-14, 2017
- IFIP Networking 2017, Stockholm, Sweden, June 13-15, 2017
- 6th International Conference on Theory and Practice in Modern Computing, Lisbon, Portugal, July 21-23, 2017
- AFIN 2016, Nice, France, July 24-28, 2016
- 5th International Conference on Theory and Practice in Modern Computing, Funchal, Madeira, Portugal, July 2-4, 2016
- IFIP Networking 2016, Vienna, Austria, May 17-19, 2016
- 19th IEEE Global Internet Symposium (GI 2016), in conjunction with IEEE INFOCOM 2016, San Francisco, CA, USA, April 10-15, 2016
- Future Computing 2016, Rome, Italy, March 20-24, 2016
- NPsec, San Francisco, November 10, 2015
- 9th IEEE Workshop on Network Measurements (WNM'15), Clearwater Beach, Florida, USA, October 26-29, 2015
- AFIN 2015, Venice, Italy, August, 2015
- Multi Conference on Computer Science and Information Systems (MCCSIS 2015), Las Palmas de Gran Canaria, Spain, July 21-24, 2015
- 4th International Conference on Theory and Practice in Modern Computing, Las Palmas de Gran Canaria, Spain, July 21-24, 2015
- 18th IEEE Global Internet Symposium (GI 2015), in conjunction with IEEE INFOCOM 2015, Hong Kong, April 27-May 1, 2015
- Internet Measurement Conference (IMC), Vancouver, November, 2014
- AFIN 2014, Lisbon, Portugal, November, 2014
- ISI'14, Delhi, India, September, 2014
- WNM 2014, Edmonton, Canada, September, 2014
- Multi Conference on Computer Science and Information Systems (MCCSIS 2014), Lisbon, Portugal, July 15-19, 2014
- 3rd International Conference Theory and Practice in Modern Computing 2014, Lisbon, Portugal, July 15-17, 2014
- ICCGI 2014, Seville, June 22-26, 2014
- ACCESS 2014, Seville, June 22-26, 2014
- Future Computing 2014, Venice, May 25-29, 2014
- 17th IEEE Global Internet Symposium (GI 2014), Toronto, Canada, May 2, 2014
- Traffic Monitoring and Analysis Workshop (TMA 2014), London, UK, April 14, 2014
- PESARO 2014, Nice, France, February 23-27, 2014
- CoNext Student Workshop, Santa Barbara, California, December, 2013
- 7th IEEE Workshop on Network Measurements, Sydney, Australia, October, 2013
- ACM SIGCOMM TPC, Hong Kong, China, August, 2013
- AFIN 2013, Barcelona, August, 2013
- ICCGI 2013, Nice, July 21-26, 2013
- ACCESS 2013, Nice, July 21-26, 2013
- IADIS Theory and Practice in Modern Computing, Prague, Czech Republic, July 22-24, 2013
- PESARO 2013, Venice, Italy, April 22-26, 2013
- Traffic Monitoring and Analysis Workshop (TMA 2013), Turin, Italy, April 19 2013
- 16th IEEE International Global Internet Symposium (GI 2013), Turin, Italy, April 19, 2013
- Passive and Active Measurement Conference (PAM), Hong Kong, China, March 18-20, 2013
- Second Workshop on Rigorous Protocol Engineering (WRiPE), Austin, TX, USA, October, 2012
- SIGCOMM 2012 Posters/Demos TPC, Helsinki, August, 2012
- AFIN 2012, Rome, August, 2012
- ACCESS 2012, Venice, June 24-29, 2012
- IADIS Theory and Practice in Modern Computing, Lisbon, Portugal, July 17-19, 2012
- USENIX HOT-ICE, San Jose, April, 2012
- Passive & Active Measurement Conference (PAM), Vienna, March, 2012
- CCNC MCEN Workshop, Las Vegas, January, 2012
- Internet Measurement Conference (IMC), Berlin, November, 2011
- The Third International Conference on Advances in Future Internet - AFIN, Nice, August, 2011
- IADIS International Conference Telecommunications, Networks and Systems, Rome, July, 2011
- Third COST TMA International Workshop on Traffic Monitoring and Analysis, Vienna, April, 2011
- Conference on emerging Networking EXperiments and Technologies (CoNEXT), Philadelphia, November, 2010
- Internet Measurement Conference (IMC), Melbourne, November, 2010
- ACM CCS, 2016 (external reviewer)
- IEEE Infocom, 2014 (external reviewer)
- IEEE Infocom, 2012 (external reviewer)
- Passive and Active Measurement Conference (PAM), 2010 (external reviewer)
- Assessor for the Lillian Elizabeth Bowmaker Bursary, 2010-2013
- Passive and Active Measurement Conference (PAM), 2008 (external)
- Australasian Telecommunication Networks and Applications Conference, 2007
- Interdomain Routing Workshop (IDRWS), 2004
Organizational Committee Member:
- WODNAFO 10, Adelaide, Australia 2010
- Passive and Active Measurement Conference (PAM), 2006
- Interdomain Routing Workshop (IDRWS), 2004
I am married to Kaie Maennel and we have two sons, Oliver Matthias, and Martin Alexander (password for pictures on request). I hold a commercial pilots license (EASA CPL & Australian PPL), with IR privileges (EASA SEP-SPA IR & CASA PIFR) and have a current EASA Class 1 and CASA Class 2 medical.
|Olaf Maennel | skype: olaf_maennel | e-mail: email@example.com | 10 Oct 2017 ||