Olaf M. Maennel

The Internet and AI have revolutionised the way in which we communicate, do business, or learn. Knowledge is now easier to access than ever, and what fascinates my research is the technology that enables this worldwide paradigm change.

Since February 2023 I am with Adelaide University in Australia. Before that I have been a full Professor for Cyber-Security at the Centre of Digital Forensics and Cyber Security at Tallinn University of Technology in Estonia. I joined TalTech in July 2014, got tenure in 2017. Before that I was with Loughborough University in UK and a post-doc at the University of Adelaide in Australia. I have been general co-chair of ACM SIGCOMM 2015, ACM IMC 2017, and Global Internet Symposium GI'17. I serve as EU expert evaluator and vice-chair for Horizon calls, and am a member of the National Industry Innovation Network (NIIN) advisory board.

PGP key

My interests are in security, focusing on:

Network security & network measurements (active & passive)
Security education: cyber defence exercises / cyber ranges (CyberLab)
Critical infrastructure resilience (in maritime, aviation, autonomous vehicles)
Adversarial AI & AI system security (model poisoning, influence operations)

I obtained my Ph.D. (Dr. rer. nat.) in computer science from the Technical University of Munich, Germany, in the group of Prof Anja Feldmann, PhD in 2005 and my Diploma (MSc) from the Saarland University, Saarbrücken, Germany in 2002.

Cyber Security Research

The term Cybersecurity has become a buzzword in the recent years. It's overloaded and doesn't mean much. However, there is one aspect that is important to understand, addressing our "cyber" problems requires us to combine the knowledge and insights from many other disciplines. For example, from computer science it takes secure software design, or how to build intrusion detection systems, methods for vulnerability testing, and so on; cryptography is rooted in mathematics; psychology helps to understand human factors (why people click on malicious links); aspects of forensic science are used by law enforcement agencies; social sciences, business and economic understanding is essential; operational and strategic risk management models & audits help with reducing the threats in day-to-day operations; and of course legal and political disciplines are required.

For me the term 'cyber security' is simply an expression meaning interdisciplinary. Interdisciplinarity and effective communication are the only way we can fight today's problems in 'cyberspace'—and those problems are growing. The rapid evolution of AI is creating entirely new attack surfaces: models can be poisoned, AI-generated code introduces subtle vulnerabilities at scale, and autonomous systems become targets for adversarial manipulation. At the same time, AI amplifies the capabilities of both defenders and attackers. Securing 'cyberspace' now requires combining knowledge from computer science, engineering, psychology, law, and AI safety. This is exciting, urgent, and deeply challenging.

CyberLab

At Adelaide University, I am working on the CyberLab—a system-of-systems approach to cyber range where students co-design and operate a digital twin of interconnected critical infrastructure. The CyberLab models cascading failures across sectors, integrates adversary emulation, security operations, and AI-enabled defences. It serves as both an educational platform and a cyber security research experimentation environment. For more details, see maennel.ai/cyberlab.

Teaching

AI is transforming cyber security—and with it, the skills our graduates need. The digital divide is no longer about access to technology—it is about the gap between people who master AI and people who are mastered by it. A graduate who merely forwards AI output adds no value. But a graduate who works with AI, who recognises its limitations, who detects when it is wrong, and who applies critical judgment—that graduate will be indispensable.

My teaching philosophy focuses on developing these capabilities through experiential learning: the CyberLab (a system-of-systems cyber range), NATO-inspired exercises, hands-on labs, and international research collaboration. For my full teaching statement and course history, see the teaching page.

Current PhD Students

Bradley Morgan (since February 2023, with Yuval Yarom, Paul Montague, Chitchanok Chuengsatiansup)
Bhavani Sunila (with Francoise Sailhan, Kaie Maennel)
Sara Pelinku (with Kave Salamatian, Kaie Maennel)
Chuhan Wang
Ziyang Ye

Graduated PhD Students

Ashley Flavel (co-supervised with Matt Roughan and Nigel Bean; Ph.D. successfully defended in 2009.)
Debbie Perouli (official external supervisor at Purdue University, internal supervisor was Sonia Fahmy, successfully defended 18 Feb 2013. Now prof at Marquette)
Nejc Skoberne (internally supervised by Mojca Ciglaric, successfully defended 23 Dec 2013.)
Sten Mäses, successfully defended 16 Dec 2020. Now at Clarified Security.
Mauno Pihelgas, successfully defended 11 Aug 2021. Works at Dynatrace.
Kaur Kullman, successfully defended 25 April 2023.
Andrew Roberts, successfully defended 25 June 2025
Gabor Visky, successfully defended 22 Oct 2025

I have supervised 76 MSc theses and over 32 MSc theses by course work, and done numerous final year projects reviews, and been on the committee of 23 PhD defenses.

Professional Activities

General-Chair, Treasurer, TPC-Chair

ACM SIGCOMM, Sydney, Australia (Treasurer)
Central European Cybersecurity Conference 2019, Munich, Germany, November 14–15, 2019 (TPC-co-chair)
Interdisciplinary Cyber Research (ICR) workshop, Tallinn, Estonia, June 29, 2019 (general co-chair jointly with Anna-Maria Osula)
Interdisciplinary Cyber Research (ICR) workshop, Tallinn, Estonia, June 9, 2018 (general co-chair jointly with Anna-Maria Osula)
ACM Internet Measurement Conference 2017, London, England, Nov 1–3, 2017 (general co-chair jointly with Steve Uhlig)
Interdisciplinary Cyber Research (ICR) workshop, Tallinn, Estonia, July 8, 2017 (general co-chair jointly with Anna-Maria Osula)
20th IEEE Global Internet Symposium, Atlanta, GA, USA, May 1–4, 2017 (co-TPC chair)
Interdisciplinary Cyber Research (ICR) workshop, Tallinn, Estonia, July 2, 2016 (general co-chair jointly with Anna-Maria Osula)
ACM SIGCOMM, London, UK, August 17–21, 2015 (general co-chair jointly with Steve Uhlig, 608 attendee conference)
Interdisciplinary Cyber Research (ICR) workshop, Tallinn, Estonia, July 18, 2015 (general co-chair jointly with Anna-Maria Osula)
NPsec, 2013 (general co-chair jointly with Jun Li)
CoNext Student Workshop, 2010 (co-chair jointly with Brighten Godfrey and Chuanxiong Guo)

Reviewer / Program Committee Member

Journal Reviewer: IEEE/ACM Transactions on Networking (ToN) (since 2008), Computer Networks Journal (COMNET) (since 2008), IEEE Network Magazine (since 2012), IEEE Transactions on Games (since 2018), Transactions on Dependable and Secure Computing (2019), Guest Editor: Security & Privacy in Cloud Computing.

2026

Passive and Active Measurement Conference (PAM 2026), 23–25 March 2026, virtual
32nd International Conference on Telecommunications (ICT 2026), 20–22 May 2026, Thessaloniki, Greece
34th IEEE International Conference on Network Protocols (ICNP 2026), 5–8 October 2026

2025

IEEE International Conference on Computer Communications (INFOCOM 2025), 5–8 May 2025, London, UK
33rd IEEE International Conference on Network Protocols (ICNP 2025), 22–25 October 2025
Passive and Active Measurement Conference (PAM 2025), 10–12 March 2025, virtual

2024

IEEE International Conference on Computer Communications (INFOCOM 2024), 20–23 May 2024, Vancouver, Canada
32nd IEEE International Conference on Network Protocols (ICNP 2024), Charleroi, Belgium, 28–31 October 2024
Passive and Active Measurement Conference (PAM 2024), 11–13 March 2024
14th Global Information Infrastructure and Networking Symposium (GIIS'24)
IEEE Wireless Communications and Networking Conference (WCNC 2024) — Track 4
IFIP Networking 2024

2023

31st IEEE International Conference on Network Protocols (ICNP 2023), Reykjavik, Iceland, 10–13 October 2023
5th International Conference on Machine Learning for Networking (MLN 2022), Paris, France, 28–30 November 2022
15th International Conference on Cyber Conflict (CyCon 2023)
International Conference on Cyber Warfare and Security (ICCWS)
European Interdisciplinary Cybersecurity Conference (EICC 2023)

2022

30th IEEE International Conference on Network Protocols (ICNP 2022), Lexington, Kentucky, USA, 30 October–2 November 2022
Passive and Active Measurement Conference (PAM 2022), 28–30 March 2022
27th Nordic Conference on Secure IT Systems (NordSec 2022)
European Interdisciplinary Cybersecurity Conference (EICC 2022)
14th International Conference on Cyber Conflict (CyCon 2022)
53rd ACM Technical Symposium on Computer Science Education (SIGCSE TS 2022)
2nd IFSA Winter Conference on Automation, Robotics & Communications for Industry 4.0 (ARCI' 2022)

2021

4th International Conference on Machine Learning for Networking (MLN'2021)
EuroS&P Workshops 2021
26th Nordic Conference on Secure IT Systems (NordSec 2021)
16th International Conference on Availability, Reliability and Security (ARES 2021)
11th International Conference on Model and Data Engineering (MEDI 2021)
European Interdisciplinary Cybersecurity Conference (EICC 2021)
13th International Conference on Cyber Conflict (CyCon 2021)
Next Generation Government Symposium (NGGS '21)
52nd ACM Technical Symposium on Computer Science Education (SIGCSE TS 2021)

2020

3rd International Conference on Machine Learning for Networking (MLN'2020)
25th Nordic Conference on Secure IT Systems (NordSec 2020)
15th International Conference on Availability, Reliability and Security (ARES 2020)
European Interdisciplinary Cybersecurity Conference (EICC 2020)
25th Annual Conference on Innovation and Technology in Computer Science Education (ITiCSE 2020)
12th International Conference on Cyber Conflict (CyCon 2020)
Information Security Methodology, Replication Studies and Information Security Education (JUCS ISMRE 2020)
Workshop on Cyber Range Technologies and Applications (CACOE 2020)
14th International Baltic Conference on Databases and Information Systems (Baltic DB&IS 2020), Tallinn, Estonia, 16–19 June 2020
51st ACM Technical Symposium on Computer Science Education (SIGCSE 2020)
IEEE ICC 2020 NGNI Symposium, Dublin, Ireland, 7–11 June 2020
International Conference on Smart Education and Applied Social Sciences, Oxford University, UK, 25–26 March 2020
IFIP Networking Conference (NETWORKING 2020), Paris, France, 22–26 June 2020
14th International Baltic Conference on Databases and Information Systems (Baltic DB&IS 2020), Tallinn, Estonia, 16–19 June 2020

2019

3rd International Conference Europe Middle East & North Africa Information Systems and Technologies to support Learning (EMENA-ISTL 2019), Fez, Morocco, 21–23 November 2019
NordSec 2019, Aalborg, Denmark, 18–20 November 2019
27th IEEE International Conference on Network Protocols (ICNP 2019), Chicago, USA, 7–10 October 2019
ACM Internet Measurement Conference (IMC 2019), Amsterdam, Netherlands, 21–23 October 2019
2nd International Conference on Machine Learning for Networking (MLN'19), Paris, France, 2–5 December 2019
14th IFAC/IFIP/IFORS/IEA Symposium on Analysis, Design, and Evaluation of Human-Machine Systems (HMS 2019), Tallinn, Estonia, 16–19 September 2019
INTERNET 2019, Venice, Italy, 24–28 June 2019
ICCGI 2019, Venice, Italy, 24–28 June 2019
SECURWARE 2019, Nice, France, 27–31 October 2019
Workshop on Cyber Range Technologies and Applications (CACOE), Stockholm, Sweden, 20 June 2019
CyCon 2019, Tallinn, Estonia, 28–31 May 2019
IEEE ICC'19 — NGNI Symposium, Shanghai, China, 20–24 May 2019
IFIP Networking 2019, Warsaw, Poland, 20–22 May 2019
FUTURE COMPUTING 2019, Rome, Italy, 5–9 May 2019
22nd IEEE Global Internet Symposium (GI 2019), Paris, France, 29 April–2 May 2019
PESARO 2019, Valencia, Spain, 24–28 March 2019
SIGCSE 2019 Poster Reviewer, Minneapolis, USA, 27 February–2 March 2019
3rd International Workshop on Big Data Analytic for Cybercrime Investigation and Prevention (BDACCIP 2019), Los Angeles, USA, 9–12 December 2019

2018

Central European Cybersecurity Conference (CECC 2018), Ljubljana, Slovenia, 15–16 November 2018
NordSec 2018, Oslo, Norway, 28–30 November 2018
2nd International Conference EMENA-ISTL 2018, Fez, Morocco, 25–27 October 2018
IFIP Networking 2018, Zurich, Switzerland, 14–16 May 2018
2nd International Workshop on Big Data Analytic for Cybercrime Investigation and Prevention (BDACCIP 2018), Seattle, USA, 10–13 December 2018
INTERNET 2018, Rome, Italy
ICCGI 2018, Rome, Italy
AFIN 2018, Venice, Italy, 16–20 September 2018
7th International Conference on Theory and Practice in Modern Computing (TPMC 2018), Madrid, Spain, 18–20 July 2018
21st IEEE Global Internet Symposium (GI 2018), Honolulu, HI, USA, 15–19 April 2018

2017

ACM SIGCOMM 2017, Los Angeles, CA, USA, August 2017
NordSec 2017, Tartu, Estonia, 8–10 November 2017
1st International Workshop on Big Data Analytic for Cybercrime Investigation and Prevention (BDACCIP 2017), Boston, MA, USA, 11–14 December 2017
IFIP Networking 2017, Stockholm, Sweden, 13–15 June 2017
6th International Conference on Theory and Practice in Modern Computing (TPMC 2017), Lisbon, Portugal, 21–23 July 2017

2016

AFIN 2016, Nice, France, 24–28 July 2016
5th International Conference on Theory and Practice in Modern Computing (TPMC 2016), Funchal, Madeira, Portugal, 2–4 July 2016
IFIP Networking 2016, Vienna, Austria, 17–19 May 2016
19th IEEE Global Internet Symposium (GI 2016), San Francisco, CA, USA, 10–15 April 2016
Future Computing 2016, Rome, Italy, 20–24 March 2016

2015

NPsec 2015, San Francisco, 10 November 2015
9th IEEE Workshop on Network Measurements (WNM'15), Clearwater Beach, Florida, USA, 26–29 October 2015
AFIN 2015, Venice, Italy, August 2015
Multi Conference on Computer Science and Information Systems (MCCSIS 2015), Las Palmas de Gran Canaria, Spain, 21–24 July 2015
4th International Conference on Theory and Practice in Modern Computing (TPMC 2015), Las Palmas de Gran Canaria, Spain, 21–24 July 2015
18th IEEE Global Internet Symposium (GI 2015), Hong Kong, 27 April–1 May 2015

2014

ACM Internet Measurement Conference (IMC 2014), Vancouver, November 2014
AFIN 2014, Lisbon, Portugal, November 2014
ISI'14, Delhi, India, September 2014
WNM 2014, Edmonton, Canada, September 2014
Multi Conference on Computer Science and Information Systems (MCCSIS 2014), Lisbon, Portugal, 15–19 July 2014
3rd International Conference on Theory and Practice in Modern Computing (TPMC 2014), Lisbon, Portugal, 15–17 July 2014
ICCGI 2014, Seville, 22–26 June 2014
ACCESS 2014, Seville, 22–26 June 2014
Future Computing 2014, Venice, 25–29 May 2014
17th IEEE Global Internet Symposium (GI 2014), Toronto, Canada, 2 May 2014
Traffic Monitoring and Analysis Workshop (TMA 2014), London, UK, 14 April 2014
PESARO 2014, Nice, France, 23–27 February 2014

2013

CoNext Student Workshop, Santa Barbara, California, December 2013
7th IEEE Workshop on Network Measurements (WNM 2013), Sydney, Australia, October 2013
ACM SIGCOMM 2013 TPC, Hong Kong, China, August 2013
AFIN 2013, Barcelona, August 2013
ICCGI 2013, Nice, 21–26 July 2013
ACCESS 2013, Nice, 21–26 July 2013
IADIS Theory and Practice in Modern Computing, Prague, Czech Republic, 22–24 July 2013
PESARO 2013, Venice, Italy, 22–26 April 2013
Traffic Monitoring and Analysis Workshop (TMA 2013), Turin, Italy, 19 April 2013
16th IEEE International Global Internet Symposium (GI 2013), Turin, Italy, 19 April 2013
Passive and Active Measurement Conference (PAM 2013), Hong Kong, China, 18–20 March 2013

2012

2nd Workshop on Rigorous Protocol Engineering (WRiPE 2012), Austin, TX, USA, October 2012
SIGCOMM 2012 Posters/Demos TPC, Helsinki, August 2012
AFIN 2012, Rome, August 2012
ACCESS 2012, Venice, 24–29 June 2012
IADIS Theory and Practice in Modern Computing, Lisbon, Portugal, 17–19 July 2012
USENIX HOT-ICE, San Jose, April 2012
Passive & Active Measurement Conference (PAM 2012), Vienna, March 2012
CCNC MCEN Workshop, Las Vegas, January 2012

2011

ACM Internet Measurement Conference (IMC 2011), Berlin, November 2011
3rd International Conference on Advances in Future Internet (AFIN 2011), Nice, August 2011
IADIS International Conference Telecommunications, Networks and Systems, Rome, July 2011
3rd COST TMA International Workshop on Traffic Monitoring and Analysis, Vienna, April 2011

2010

Conference on emerging Networking EXperiments and Technologies (CoNEXT 2010), Philadelphia, November 2010
ACM Internet Measurement Conference (IMC 2010), Melbourne, November 2010

External reviewer: Asian Internet Engineering Conference (aintec) 2019, ACM CCS 2016, IEEE INFOCOM 2014 & 2012, PAM 2010 & 2008, Australasian Telecommunication Networks and Applications Conference 2007, Interdomain Routing Workshop (IDRWS) 2004. Assessor: Lillian Elizabeth Bowmaker Bursary, 2010–2013.

Organizational Committee Member

WODNAFO 10, Adelaide, Australia 2010
Passive and Active Measurement Conference (PAM), 2006
Interdomain Routing Workshop (IDRWS), 2004