- network security & network forensics
- aviation and maritime system and communication security
- cyber defence exercises & awareness trainings (including red-teaming, learning, capability profiling & assessment).
- network measurements (active & passive)
- WAN-routing & security (IPv6, BGP/BGPsec,...)
I obtained my Ph.D. (Dr. rer. nat.) in computer science from the Technical University of Munich, Germany, in the group of Prof Anja Feldmann, PhD in 2005 and my Diploma (MSc) from the Saarland University, Saarbrücken, Germany in 2002.
Cyber Security Research
The term Cybersecurity has become a buzzword in the recent years. It's overloaded and doesn't mean much anymore. Many people, including me, try to avoid the word as much as possible. In a university context, however, it's a student magnet. We see a very high demand in 'cybersecurity education', but it should be clearly understood that 'cybersecurity' is not a scientific discipline in itself. Instead it combines insights from many other disciplines: for example, from computer science it takes secure software design, or how to build intrusion detection systems, methods for vulnerability testing, and so on; cryptography is rooted in mathematics; psychology helps to understand human factors; aspects of forensic science are used by law enforcement agencies; social sciences, business and economic understanding is essential; operational and strategic risk management models & audits help with reducing the threats in day-to-day operations; and of course legal and political disciplines are required.
For me the term 'cybersecurity' is simply an expression meaning interdisciplinary. In fact interdisciplinarity and effective communication are the only way we can fight today's problems in 'cyberspace'. It is the combination of knowledge and insights from several great areas of science that is required to secure 'cyberspace'. This is exiting, interesting, but also very challenging.
In our research at Tallinn University of Technology we focus on three main research areas: (1) serious games; (2) critical infrastructure protection; and (3) skill profiling and attributions.
(1) Technical Cyber Defense Exercises are a valuable teaching and learning tool. They are in great demand at any size from the very small up to the leading edge ones, such as Locked
Shields organized by the NATO Cooperative Cyber Defence Centre of Excellence. Our group is participating in this exercise and we try to keep it the most innovative and cutting-edge exercise in the world. Personally, I have been a member of "green" (technical organization) and "red-team" (offensive attacking team) for over five years now.
One of the big challenges is scaling such exercises, as the preparations are often done manual or at best semi-automatic. Such an approach is labor intensive, tedious and very error-prone. My research interests in the area of serious games includes the following areas: a) improving scalability and mitigation human-error using automation; b) behavioral analysis during cyber crisis management; and c) measuring and improving learning in such technical exercises.
Overall, the dialog with industry is very important to my research, as it ensures research will not lose it's foundations. High-quality research should build on solid theoretical foundations, but must also deliver real-world impact.
During my PhD I have worked with Anja Feldmann and Rüdiger Volk from Deutsche Telekom on a network-wide configuration management system, which is in production use in DT's network since 2004. The system specifies eBGP routing policies on an abstract graph-level, but then compiles it all the way down to the vendor-dependent code and auto-configures their routers.
At the University of Adelaide in South Australia I did my post-doc in the School of Mathematical Science working with Matthew Roughan. I am still continuing collaborations with my friends "down under". At the moment we are extending our configuration management system to be beneficial to the network security area as well, for example to configure and auto-deploy Cyber Defense Exercises.
(2) The 2nd research area is Critical Infrastructure Protection (CIP). This area combines several areas of cyber security. Obtaining situational awareness is a pressing challenge, as well as the best risk management approach. However, my personal interest looks at CIP from an aviation perspective.
(3) As mentioned above, cybersecurity is a very different domain from any classical degree program, and for this reason it is very hard to select good students purely based on their past performance; and b) the university faces a scale problem. As Tallinn University of Technology runs a tuition-free program, we receive a huge number of applications from international students. However, determining who is a good cyber security student just by looking at grades on a transcript does not work in this area. In fact, what defines a "good cybersecurity student"? The area is so broad, and elite hackers might even be school-dropouts. In the admission process we are conducting Skype-Interviews with most qualified students. The interview process tests on many competencies beyond pure technical and intellectual abilities, but is not sufficient to truly determine who is a good student and who is not. For this reason we are starting now to conduct research in the area of competency profiling. This is a first step to solve our problem, but also hugely valuable for companies, who want to determine the skill profile of its employees or who want to select the best candidate in an interview process. Thinking this research further, we might end-up in a forensic area where attribution can be made based on past skill profiles.
It is this balance between theory and "hands-on" that enables innovation and changes technology.
With respect to my teaching, cyber security is a very interesting area as well. If we consider the interdisciplinary scope of cybersecurity, we must also realize that this provides great challenges for teaching. Traditional teaching does not work anymore. We need to rethink our methods/values and implement innovative teaching into our programs. I have also recently been involved in the restructuring of Loughborough's postgraduate Internet Computing and Network Security (ICNS) program and contribute to the constant development of Tallinn University of Technology's Cyber Security MSc.
For more information about my view on teaching cyber security in higher-education, please see my teaching statement.
Since April 2012 I am a Fellow of the UK Higher Education Academy (HEA) having completed the HEA accredited "New Lecturers' Course", which is a comprehensive course for new academic faculty in UK.
- Undergraduate courses
- COF181 Introduction to Programming II
(2012/13 Sem 2)
- COC190 Advanced Networking
(2012/13 Sem 2, 2013/14 Sem 2)
- COP455 Network Systems
(2009/10 Sem 1, 2010/11 Sem 2, 2011/12 Sem 2, 2012/13 Sem 1, 2013/14 Sem 1)
- COP502 Networks Lab
(2009/10 Sem 2, 2010/11 Sem 2, 2011/12 Sem 2)
- COP502 Building Secure Networks
(2012/13 Sem 1, 2013/14 Sem 1)
- COP532 Internet Architectures
(2010/11 Sem 1, 2011/12 Sem 1)
- COP532 Internet Protocols
(2012/13 Sem 1, 2013/14 Sem 1)
Tallinn University of Technology:
- MSc-level courses
- ITC8060 & ITC8061 Network Protocol Design
(3ECTS variant: Spring 2014/15, updated 6ECTS variant: Spring 2015/16, Spring 2016/17, Spring 2017/18, Spring 2018/19, Spring 2019/20)
- ITX8040 Cyberdefence Seminar
(Spring 2014/15, Autumn 2015/16)
- ITX8230 Digital Forensics Seminar
(Spring 2014/15, Autumn 2015/16)
- ITX8512 Practical Training
(Continuously since spring 2014.)
- ITC8070 Information Systems Attacks and Defence
(Autumn 2016/17, Autumn 2017/18, Autumn 2018/19, Autumn 2019/20)
- IXX9601 Doctoral Seminar I, II & III
(Autumn 2014/15, Autumn 2015/16, Spring 2016/17)
- ITC9010 Special Topics of Cyber Security I
(Spring 2015/16, Spring 2016/17, Spring 2017/18, Spring 2018/19)
- ITC9020 Special Topics of Cyber Security II
(Autumn 2016/17, Autumn 2017/18, Autumn 2017/18)
Cyber Security Summer School (C3S)
- C3S 2015 — Information Security
(13-17 July 2015)
- C3S 2016 — Digital Forensics ‐ Technology and Law
(3-8 July 2016)
- C3S 2017 — Social Engineering Capture The Flag
(10-14 July 2017)
- C3S 2018 — Maritime Cyber Security
(11-15 June 2018)
Current PhD Students
- Mauno Pihelgas (since July 2014 - on paternity leave)
- Kaur Kullman (since July 2015 - expected to graduate in 2020)
- Erwin Orye (since September 2018, industrial PhD working at the NATO CCDCOE)
- Dan Heering (since September 2018)
- Andrew Roberts (since Nov 2020)
Graduated/completed PhD students:
I have supervised over 60 MSc theses, and done numerous final year projects reviews, PhD progress reviews and been on the committee of 17 PhD defenses.
- Central European Cybersecurity Conference 2019, Munich, Germany, November 14-15, 2019 (TPC-co-chair)
- Interdisciplinary Cyber Research (ICR) workshop, Tallinn, Estonia, June 29, 2019 (general co-chair jointly with Anna-Maria Osula)
- Interdisciplinary Cyber Research (ICR) workshop, Tallinn, Estonia, June 9, 2018 (general co-chair jointly with Anna-Maria Osula)
- ACM Internet Measurement Conference 2017, London, England, Nov 1-3, 2017 (general co-chair jointly with Steve Uhlig)
- Interdisciplinary Cyber Research (ICR) workshop, Tallinn, Estonia, July 8, 2017 (general co-chair jointly with Anna-Maria Osula)
- 20th IEEE Global Internet Symposium, Atlanta, GA, USA, May 1-4, 2017 (co-TPC chair)
- Interdisciplinary Cyber Research (ICR) workshop, Tallinn, Estonia, July 2, 2016 (general co-chair jointly with Anna-Maria Osula)
- ACM SIGCOMM, London, UK, August 17-21, 2015 (general co-chair jointly with Steve Uhlig, 608 attendee conference)
- Interdisciplinary Cyber Research (ICR) workshop, Tallinn, Estonia, July 18, 2015 (general co-chair jointly with Anna-Maria Osula)
- NPsec, 2013 (general co-chair jointly with Jun Li)
- CoNext Student Workshop, 2010 (co-chair jointly with Brighten Godfrey and Chuanxiong Guo)
Reviewer/Program Committee Member:
- IEEE ICC 2020 NGNI Symposium (workshop co-located with ICC), Dublin, Ireland, 7-11 June 2020.
- International Conference on Smart Education and Applied Social Sciences 2020, Oxford University, UK, 25-26 March 2020.
- International Federation for Information Processing (IFIP) Networking 2020 Conference (NETWORKING 2020), Paris, France, 22-26 June, 2020.
- Baltic DB&IS 2020 , Tallinn, Estonia, 16-19 June, 2020.
- 4th International Workshop on Big Data Analytic for Cyber Crime Investigation and Prevention 2020, Virtual, Dec 10-13, 2020
- Passive and Active Measurement Conference (PAM), Virtual, March 30-31, 2020
- , Virtual, June 10-11, 2020
- EMENA-ISTL 2019 3rd International Conference Europe Middle East & North Africa Information Systems and Technologies to support Learning. Fez, Morocco, Nov 21-23, 2019
- NordSec 2019, Aalborg, Denmark, November 18-20, 2019
- The 27th IEEE International Conference on Network Protocols, Chicago, USA, October 7-10, 2019.
- ACM Internet Measurement Conference 2019, Amsterdam, Netherlands, 21-23 Oct 2019.
- The 2nd International Conference on Machine Learning for Networking (MLN19), Paris, France, 2-5 December 2019
- The 14th IFAC/IFIP/IFORS/IEA Symposium on Analysis, Design, and Evaluation of Human-Machine Systems, Tallinn, Estonia, 16-19 September, 2019
- INTERNET 2019, Venice, Italy, June 24-28, 2019
- ICCGI 2019, Venice, Italy, June 24-28, 2019
- SECURWARE 2019, Nice, France, Oct 27-31, 2019
- Workshop on Cyber Range Technologies and Applications, Stockholm, Sweden, June 20, 2019.
- CyCon 2019, Tallinn, Estonia, May 28-31, 2019
- IEEE ICC'19 - NGNI Symposium, Shanghai, China, 20-24 May, 2019
- IFIP Networking 2019, Warsaw, Poland, 20-22 May 2019
- FUTURE COMPUTING 2019, Rome, Italy, May 5-9, 2019
- 22th IEEE Global Internet Symposium (GI 2019), in conjunction with IEEE INFOCOM 2019, Paris, France, April 29-May 2, 2019
- PESARO 2019, Valencia, Spain, 24-28 March 2019
- SIGCSE 2019 Poster Reviewer, Minneapolis, Minnesota, USA, February 27th - March 2nd, 2019
- The Thrid International Workshop on Big Data Analytic for Cybercrime Investigation and Prevention, Los Angeles, USA, Dec 9-12, 2019
- Central European Cybersecurity Conference 2018, Ljubljana, Slovenia, November 15-16, 2018
- NordSec 2018, Oslo, Norway, November 28-30, 2018
- EMENA-ISTL 2018 2nd International Conference Europe Middle East & North Africa Information Systems and Technologies to support Learning. Fez, Morocco, October 25-27, 2018
- IFIP Networking 2018, Zurich, Switzerland, May 14-16, 2018
- The Second International Workshop on Big Data Analytic for Cybercrime Investigation and Prevention, Seattle, USA, Dec 10-13, 2018
- INTERNET 2018, Rome, Italy, June 30- July 04, 2019
- ICCGI 2018, Rome, Italy, June 30- July 04, 2019
- AFIN 2018, Venice, Italy, September 16-20, 2018
- 7th International Conference on Theory and Practice in Modern Computing, Madrid, Spain, July 18-20, 2018
- 21th IEEE Global Internet Symposium (GI 2018), in conjunction with IEEE INFOCOM 2018, Honolulu, HI, USA, April 15-19, 2018
- ACM SIGCOMM 2017, Los Angeles, CA, USA, August 2017
- NordSec 2017, Tartu, Estonia, November 8-10, 2017
- The First International Workshop on Big Data Analytic for Cybercrime Investigation and Prevention, Boston, MA, USA, Dec 11-14, 2017
- IFIP Networking 2017, Stockholm, Sweden, June 13-15, 2017
- 6th International Conference on Theory and Practice in Modern Computing, Lisbon, Portugal, July 21-23, 2017
- AFIN 2016, Nice, France, July 24-28, 2016
- 5th International Conference on Theory and Practice in Modern Computing, Funchal, Madeira, Portugal, July 2-4, 2016
- IFIP Networking 2016, Vienna, Austria, May 17-19, 2016
- 19th IEEE Global Internet Symposium (GI 2016), in conjunction with IEEE INFOCOM 2016, San Francisco, CA, USA, April 10-15, 2016
- Future Computing 2016, Rome, Italy, March 20-24, 2016
- NPsec, San Francisco, November 10, 2015
- 9th IEEE Workshop on Network Measurements (WNM'15), Clearwater Beach, Florida, USA, October 26-29, 2015
- AFIN 2015, Venice, Italy, August, 2015
- Multi Conference on Computer Science and Information Systems (MCCSIS 2015), Las Palmas de Gran Canaria, Spain, July 21-24, 2015
- 4th International Conference on Theory and Practice in Modern Computing, Las Palmas de Gran Canaria, Spain, July 21-24, 2015
- 18th IEEE Global Internet Symposium (GI 2015), in conjunction with IEEE INFOCOM 2015, Hong Kong, April 27-May 1, 2015
- Internet Measurement Conference (IMC), Vancouver, November, 2014
- AFIN 2014, Lisbon, Portugal, November, 2014
- ISI'14, Delhi, India, September, 2014
- WNM 2014, Edmonton, Canada, September, 2014
- Multi Conference on Computer Science and Information Systems (MCCSIS 2014), Lisbon, Portugal, July 15-19, 2014
- 3rd International Conference Theory and Practice in Modern Computing 2014, Lisbon, Portugal, July 15-17, 2014
- ICCGI 2014, Seville, June 22-26, 2014
- ACCESS 2014, Seville, June 22-26, 2014
- Future Computing 2014, Venice, May 25-29, 2014
- 17th IEEE Global Internet Symposium (GI 2014), Toronto, Canada, May 2, 2014
- Traffic Monitoring and Analysis Workshop (TMA 2014), London, UK, April 14, 2014
- PESARO 2014, Nice, France, February 23-27, 2014
- CoNext Student Workshop, Santa Barbara, California, December, 2013
- 7th IEEE Workshop on Network Measurements, Sydney, Australia, October, 2013
- ACM SIGCOMM TPC, Hong Kong, China, August, 2013
- AFIN 2013, Barcelona, August, 2013
- ICCGI 2013, Nice, July 21-26, 2013
- ACCESS 2013, Nice, July 21-26, 2013
- IADIS Theory and Practice in Modern Computing, Prague, Czech Republic, July 22-24, 2013
- PESARO 2013, Venice, Italy, April 22-26, 2013
- Traffic Monitoring and Analysis Workshop (TMA 2013), Turin, Italy, April 19 2013
- 16th IEEE International Global Internet Symposium (GI 2013), Turin, Italy, April 19, 2013
- Passive and Active Measurement Conference (PAM), Hong Kong, China, March 18-20, 2013
- Second Workshop on Rigorous Protocol Engineering (WRiPE), Austin, TX, USA, October, 2012
- SIGCOMM 2012 Posters/Demos TPC, Helsinki, August, 2012
- AFIN 2012, Rome, August, 2012
- ACCESS 2012, Venice, June 24-29, 2012
- IADIS Theory and Practice in Modern Computing, Lisbon, Portugal, July 17-19, 2012
- USENIX HOT-ICE, San Jose, April, 2012
- Passive & Active Measurement Conference (PAM), Vienna, March, 2012
- CCNC MCEN Workshop, Las Vegas, January, 2012
- Internet Measurement Conference (IMC), Berlin, November, 2011
- The Third International Conference on Advances in Future Internet - AFIN, Nice, August, 2011
- IADIS International Conference Telecommunications, Networks and Systems, Rome, July, 2011
- Third COST TMA International Workshop on Traffic Monitoring and Analysis, Vienna, April, 2011
- Conference on emerging Networking EXperiments and Technologies (CoNEXT), Philadelphia, November, 2010
- Internet Measurement Conference (IMC), Melbourne, November, 2010
- Asian Internet Engineering Conference (aintec2019), 2019 (external reviewer)
- ACM CCS, 2016 (external reviewer)
- IEEE Infocom, 2014 (external reviewer)
- IEEE Infocom, 2012 (external reviewer)
- Passive and Active Measurement Conference (PAM), 2010 (external reviewer)
- Assessor for the Lillian Elizabeth Bowmaker Bursary, 2010-2013
- Passive and Active Measurement Conference (PAM), 2008 (external)
- Australasian Telecommunication Networks and Applications Conference, 2007
- Interdomain Routing Workshop (IDRWS), 2004
Organizational Committee Member:
- WODNAFO 10, Adelaide, Australia 2010
- Passive and Active Measurement Conference (PAM), 2006
- Interdomain Routing Workshop (IDRWS), 2004
I am married to Kaie Maennel and we have two sons, Oliver Matthias, and Martin Alexander (password for pictures on request). I hold a commercial pilots license (EASA CPL & Australian PPL; FAA PPL), with IR privileges (EASA SEP-SPA IR & CASA PIFR; FAA IR).
|Olaf Maennel | skype: olaf_maennel | e-mail: firstname.lastname@example.org | 07 Jan 2019 ||