short bio

Olaf M. Maennel

The Internet has revolutionized the way in which we communicate, do business, or learn. Knowledge is now easier to access than ever, and what fascinates my research is the technology that enables this worldwide paradigm change.

Since July 2014 I am a full Professor for Cyber-Security at Tallinn University of Technology in Estonia, and the scientific lead at the Centre of Digital Forensics and Cyber Security. Before that i was with Loughborough University in UK and with the University of Adelaide in Australia. I have been general co-chair of ACM SIGCOMM 2015, ACM IMC 2017, and Global Internet Symposium GI'17. I am co-chairing working group 5.2 at the European Cyber Security Organisation (ECSO) and I serve as EU expert evaluator and vice-chair for Horizon H2020 calls.

My interests are in security, focusing on:

     Olaf Maennel

pgp key

  • network security & network forensics
  • serious games, in particular red-teaming and learning aspects
  • capability profiling and assessment & human-factors of cyber security
  • aviation and maritime system and communication security
  • network measurements (active & passive)
  • WAN-routing & security (BGP, BGPsec, RPKI/ROV, IS-IS)

I obtained my Ph.D. (Dr. rer. nat.) in computer science from the Technical University of Munich, Germany, in the group of Prof Anja Feldmann, PhD in 2005 and my Diploma (MSc) from the Saarland University, Saarbrücken, Germany in 2002.

Cyber Security Research

The term Cyber Security has become a buzzword in the recent years. It's overloaded and doesn't mean much anymore. Many people, including me, try to avoid the word as much as possible. In a university context, however, it's a student magnet. We see a very high demand in 'cyber security education', but it should be clearly understood that 'cyber security' is not a scientific discipline in itself. Instead it combines insights from many other disciplines: for example, from computer science it takes secure software design, or how to build intrusion detection systems, methods for vulnerability testing, and so on; cryptography is rooted in mathematics; psychology helps to understand human factors; aspects of forensic science are used by law enforcement agencies; social sciences, business and economic understanding is essential; operational and strategic risk management models & audits help with reducing the threats in day-to-day operations; and of course legal and political disciplines are required.

For me the term 'cyber security' is simply an expression meaning interdisciplinary. In fact interdisciplinarity and effective communication are the only way we can fight today's problems in 'cyberspace'. It is the combination of knowledge and insights from several great areas of science that is required to secure 'cyberspace'. This is exiting, interesting, but also very challenging.

In our research at Tallinn University of Technology we focus on three main research areas: (1) serious games; (2) critical infrastructure protection; and (3) skill profiling and attributions.

(1) Technical Cyber Defense Exercises are a valuable teaching and learning tool. They are in great demand at any size from the very small up to the leading edge ones, such as Locked Shields organized by the NATO Cooperative Cyber Defence Centre of Excellence. Our group is participating in this exercise and we try to keep it the most innovative and cutting-edge exercise in the world. Personally, I have been a member of "green" (technical organization) and "red-team" (offensive attacking team) for over five years now.

One of the big challenges is scaling such exercises, as the preparations are often done manual or at best semi-automatic. Such an approach is labor intensive, tedious and very error-prone. My research interests in the area of serious games includes the following areas: a) improving scalability and mitigation human-error using automation; b) behavioral analysis during cyber crisis management; and c) measuring and improving learning in such technical exercises.

Overall, the dialog with industry is very important to my research, as it ensures research will not lose it's foundations. High-quality research should build on solid theoretical foundations, but must also deliver real-world impact. During my PhD I have worked with Anja Feldmann and Rüdiger Volk from Deutsche Telekom on a network-wide configuration management system, which is in production use in DT's network since 2004. The system specifies eBGP routing policies on an abstract graph-level, but then compiles it all the way down to the vendor-dependent code and auto-configures their routers.

At the University of Adelaide in South Australia I did my post-doc in the School of Mathematical Science working with Matthew Roughan. I am still continuing collaborations with my friends "down under". At the moment we are extending our configuration management system to be beneficial to the network security area as well, for example to configure and auto-deploy Cyber Defense Exercises.

(2) The 2nd research area is Critical Infrastructure Protection (CIP). This area combines several areas of cyber security. Obtaining situational awareness is a pressing challenge, as well as the best risk management approach. However, my personal interest looks at CIP from an aviation perspective.

(3) As mentioned above, cyber Security is a very different domain from any classical degree program, and for this reason it is very hard to select good students purely based on their past performance; and b) the university faces a scale problem. As Tallinn University of Technology runs a tuition-free program, we receive a huge number of applications from international students. However, determining who is a good cyber security student just by looking at grades on a transcipt does not work in this area. In fact, what defines a "good cyber security student"? The area is so broad, and elite hackers might even be school-dropouts. In the admission process we are conducting Skype-Interviews with most qualified students. The interview process tests on many competencies beyond pure technical and intellectual abilities, but is not sufficient to truly determine who is a good student and who is not. For this reason we are starting now to conduct research in the area of competency profiling. This is a first step to solve our problem, but also hugely valuable for companies, who want to determine the skill profile of its employees or who want to select the best candidate in an interview process. Thinking this research further, we might end-up in a forensic area where attribution can be made based on past skill profiles.

It is this balance between theory and "hands-on" that enables innovation and changes technology.


What drives my research also applies to my teaching. Personally, I believe that traditional universities are at risk of sleepwalking into a crisis, as Massive Open Online Courses (MOOCs) change the higher-education environments drastically. We need to rethink our methods/values and implement innovative teaching into our programs. I have also recently been involved in the restructuring of our postgraduate Internet Computing and Network Security (ICNS) program.

However, the interdisciplinary nature that a cyber security teaching requires provides challenges and opportunities for novel approaches. We are facing students with a very diverse background and very diverse set of skills, and it is almost impossible to teach them purely using traditional methods.
For more information about my view on teaching cyber security in higher-education, please see my teaching statement.

Since April 2012 I am a Fellow of the UK Higher Education Academy (HEA) having completed the HEA accredited "New Lecturers' Course", which is a comprehensive course for new academic faculty in UK.

Loughborough University:

  • Undergraduate courses
  • COF181 Introduction to Programming II
    (2012/13 Sem 2)
  • COC190 Advanced Networking
    (2012/13 Sem 2, 2013/14 Sem 2)

  • MSc-level courses
  • COP455 Network Systems
    (2009/10 Sem 1, 2010/11 Sem 2, 2011/12 Sem 2, 2012/13 Sem 1, 2013/14 Sem 1)
  • COP502 Networks Lab
    (2009/10 Sem 2, 2010/11 Sem 2, 2011/12 Sem 2)
  • COP502 Building Secure Networks
    (2012/13 Sem 1, 2013/14 Sem 1)
  • COP532 Internet Architectures
    (2010/11 Sem 1, 2011/12 Sem 1)
  • COP532 Internet Protocols
    (2012/13 Sem 1, 2013/14 Sem 1)

Tallinn University of Technology:

Current PhD Students

  • Mauno Pihelgas (since July 2014)
  • Kaur Kullman (since July 2015)
  • Toomas Lepik (since July 2015)
  • Sten Mäses (since July 2016)
  • Kristjan Kikerpill (Law-PhD student at University of Tartu. Co-supervising from tech-side since July 2016)
  • Jens Getreu (starting September 2017)

Graduated/completed PhD students:

I have supervised over 45 MSc theses, and done numerous final year projects reviews, PhD progress reviews and been on the committee of 15 PhD defenses.

Professional Activities


Reviewer/Program Committee Member:
  • ACM CCS, 2016 (external reviewer)
  • IEEE Infocom, 2014 (external reviewer)
  • IEEE Infocom, 2012 (external reviewer)
  • Passive and Active Measurement Conference (PAM), 2010 (external reviewer)
  • Assessor for the Lillian Elizabeth Bowmaker Bursary, 2010-2013
  • Passive and Active Measurement Conference (PAM), 2008 (external)
  • Australasian Telecommunication Networks and Applications Conference, 2007
  • Interdomain Routing Workshop (IDRWS), 2004

Organizational Committee Member:
  • WODNAFO 10, Adelaide, Australia 2010
  • Passive and Active Measurement Conference (PAM), 2006
  • Interdomain Routing Workshop (IDRWS), 2004


I am married to Kaie Maennel and we have two sons, Oliver Matthias, and Martin Alexander (password for pictures on request). I hold a commercial pilots license (EASA CPL & Australian PPL), with IR privileges (EASA SEP-SPA IR & CASA PIFR) and have a current EASA Class 1 and CASA Class 2 medical.

Olaf Maennel | skype: olaf_maennel | e-mail: om@maennel.net | 23 Jul 2017