Like all chair members, you reach me at surname@this domain.
Email policy
I receive a lot of email per day. Therefore, unluckily I cannot read all of them. If you do not receive an answer within 2 days, please feel free to recontact me as it is likely that I did not see your email.
Professor for Cybersecurity at IMT Atlantique | Chairholder CyberCNI.fr | VP German Chapter of the ACM | Cybersecurity Expert | Speaker at IMT Atlantique
Marc-Oliver Pahl is Professor at the Technical University IMT Atlantique at the campus Rennes, Brittany, France. He heads the Chair of Cybersecurity in Critical Networked Infrastructures (Cyber CNI) with currently 9 PhD students, 4 PostDocs, and 11 associated professors. He also supervises PhD students at Technical University of Munich.
Marc-Oliver is an adjunct professor of Carleton University in Canada. Marc-Oliver’s research focus is on a holistic approach to cybersecurity. He is an experienced teacher and an eLearning pioneer, holding several teaching awards.
Marc-Oliver holds a Diploma from University of Tübingen and a PhD from Technical University of Munich.
Marc-Oliver is Vice President of the German Chapter of the Association for Computing Machinery (ACM) (https://germany.acm.org/). He heads the Future Education activities of the German-French Academy for the Industry of the Future (https://future-industry.org/).
Marc-Oliver’s research focus is on a holistic approach to cybersecurity. He works on security-by-design, anomaly detection, human-in-the-loop, and automation. His goal is making cybersecurity manageable, resulting in highly resilient and reliable systems. Marc-Oliver publishes regularly in the network and service management and security communities.
My research domain is cybersecurity. I follow a holistic multi-disciplinary approach, including the areas security-by-design, continuous monitoring and data analytics for anomaly detection, (semi-) automated defence for increasing resilience, and human-in-the-loop with multi-modal 3D interfaces.
@misc{loth2024blessing,
title = {Blessing or curse? A survey on the Impact of Generative AI on Fake News},
author = {Alexander Loth and Martin Kappes and Marc-Oliver Pahl},
year = {2024},
date = {2024-01-01},
keywords = {L2I},
pubstate = {published},
tppubtype = {misc}
}
In: Guernic, Gurvan (Ed.): Proceedings of the 29th Computer & Electronics Security Application Rendezvous co-located with the 7th European Cyber Week (ECW 2022), Rennes, France, November 15-16, 2022., pp. 35–46, CEUR-WS.org, 2023.
@inproceedings{ceur-ws3329barbeau,
title = {Resilience via Blackbox Self-Piloting Plants},
author = {Michel Barbeau and Joaquin Garcia-Alfaro and Christian L\"{u}bben and Marc-Oliver Pahl and Lars W\"{u}strich},
editor = {Gurvan Guernic},
url = {https://ceur-ws.org/Vol-3329/paper-02.pdf},
year = {2023},
date = {2023-01-01},
booktitle = {Proceedings of the 29th Computer \& Electronics Security Application Rendezvous co-located with the 7th European Cyber Week (ECW 2022), Rennes, France, November 15-16, 2022.},
volume = {3329},
pages = {35--46},
publisher = {CEUR-WS.org},
series = {CEUR Workshop Proceedings},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{wustrich2023network,
title = {Network Profiles for Detecting Application-Characteristic Behavior Using Linux eBPF},
author = {Lars W\"{u}strich and Markus Schacherbauer and Markus Budeus and Dominik Freiherr von K\"{u}n\ssberg and Sebastian Gallenm\"{u}ller and Marc-Oliver Pahl and Georg Carle},
year = {2023},
date = {2023-01-01},
booktitle = {Proceedings of the 1st Workshop on eBPF and Kernel Extensions},
pages = {8\textendash14},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{pop2023performance,
title = {Performance Comparison of UDP and TCP for Different CoAP Load Profiles},
author = {David Pop and Erkin Kirdan and Marc-Oliver Pahl},
year = {2023},
date = {2023-01-01},
booktitle = {NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium},
pages = {1\textendash6},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{Lavaur2022.tnsm,
title = {The Evolution of Federated Learning-based Intrusion Detection and Mitigation: a Survey},
author = {Leo Lavaur and Marc-Oliver Pahl and Yann Busnel and Fabien Autrel},
url = {https://ieeexplore.ieee.org/document/9780571},
doi = {10.1109/TNSM.2022.3177512},
year = {2022},
date = {2022-05-24},
urldate = {2022-05-24},
journal = {IEEE Transactions on Network and Service Management},
publisher = {IEEE},
series = {Special Issue on Network Security Management},
abstract = {In 2016, Google introduced the concept of Federated Learning (FL), enabling collaborative Machine Learning (ML). FL does not share local data but ML models, offering applications in diverse domains. This paper focuses on the application of FL to Intrusion Detection Systems (IDSs). There, common criteria to compare existing solutions are missing. In particular, this survey shows: (i) how FL-based IDSs are used in different domains; (ii) what differences exist between architectures; (iii) the state of the art of FL-based IDS.
With a structured literature survey, this work identifies the relevant state of the art in FL\textendashbased intrusion detection from its creation in 2016 until 2021. It provides a reference architecture and a taxonomy to serve as guidelines to compare and design FL- based IDSs. Both are validated with the existing works. Finally, it identifies research directions for the application of FL to intrusion detection systems.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
In 2016, Google introduced the concept of Federated Learning (FL), enabling collaborative Machine Learning (ML). FL does not share local data but ML models, offering applications in diverse domains. This paper focuses on the application of FL to Intrusion Detection Systems (IDSs). There, common criteria to compare existing solutions are missing. In particular, this survey shows: (i) how FL-based IDSs are used in different domains; (ii) what differences exist between architectures; (iii) the state of the art of FL-based IDS.
With a structured literature survey, this work identifies the relevant state of the art in FL–based intrusion detection from its creation in 2016 until 2021. It provides a reference architecture and a taxonomy to serve as guidelines to compare and design FL- based IDSs. Both are validated with the existing works. Finally, it identifies research directions for the application of FL to intrusion detection systems.
@inproceedings{220803,
title = {Optimal Access Control Deployment in Network Function Virtualization},
author = {Manel Smine and David Espes and Marc-Oliver Pahl},
url = {http://XXXXX/220803.pdf},
year = {2022},
date = {2022-04-01},
booktitle = {NOMS 2022 - Full and short papers ()},
abstract = {Network function virtualization (NFV) yields numerous advantages, specifically the ability to provide a cost-efficient alternative to hardware-based functionalities on software platforms to break the vendor lock-in problem. However, these advantages come at the cost of several security issues. These threats can be leveraged by controlling the information that flows between the different components that compose NFV services. We propose an approach allowing an optimal deployment of access control policies on NFV services. The proposed approach allows to find the best possible trade-offs between the impact in terms of latency resulting from the deployment of the access control policy and the used resources. In contrast to existing approaches, our solution prevents an insider adversary who compromises one or more unknown VNF(s) to go around the access control policy. We experimentally evaluate the return solutions according to the size of the NFV service, the size of the policy to be deployed and the number of physical servers that host the VNF service.},
keywords = {Accounting, Configuration, Network virtualization; FCAPS: Fault, Performance and Security Management; Cybersystems, Security and Reliability in Network Softwarization and Management; Network security; Policybased management},
pubstate = {published},
tppubtype = {inproceedings}
}
Network function virtualization (NFV) yields numerous advantages, specifically the ability to provide a cost-efficient alternative to hardware-based functionalities on software platforms to break the vendor lock-in problem. However, these advantages come at the cost of several security issues. These threats can be leveraged by controlling the information that flows between the different components that compose NFV services. We propose an approach allowing an optimal deployment of access control policies on NFV services. The proposed approach allows to find the best possible trade-offs between the impact in terms of latency resulting from the deployment of the access control policy and the used resources. In contrast to existing approaches, our solution prevents an insider adversary who compromises one or more unknown VNF(s) to go around the access control policy. We experimentally evaluate the return solutions according to the size of the NFV service, the size of the policy to be deployed and the number of physical servers that host the VNF service.
@inproceedings{222179,
title = {Resource tradeoffs for TLS-secured MQTT-based IoT Management},
author = {Valentin Dimov and Erkin Kirdan and Marc-Oliver Pahl},
url = {http://XXXXX/222179.pdf},
year = {2022},
date = {2022-04-01},
booktitle = {NOMS 2022 Workshops - Manage-IoT 2022 ()},
abstract = {Transport Layer Security (TLS) is an established Internet security standard. TLS offers a variety of configuration options that affect resource consumption. For deployments of constrained devices in the Internet of Things (IoT), it is crucial to optimize TLSs resource consumption. This study examines how the TLS cryptographic algorithms, so-called cipher suites, affect an MQTT applications resource consumption. MQTT is a popular protocol for IoT. We construct a model application using the Mosquitto MQTT broker and client library. We measure the consumption of CPU cycles, memory, and network bandwidth with the IANA-recommended TLS 1.2 and TLS 1.3 cipher suites. We test and compare different variants for the key exchange, server authentication, client authentication, and symmetric encryption algorithms, as well as recommended elliptic curves for elliptic curve cryptography (ECC) algorithms. We identify ECDHE key exchange with the x25519 curve and mutual PSK authentication as the best handshake performance. Ed25519 provides the best performance among the certificate authentication options. The effect of choosing a faster symmetric cipher on CPU costs depends on message size. Changing symmetric ciphers does not affect the performance for 100 B messages, but more differences are observed for 10 kB messages. Overall, the findings show that resource consumption can be optimized by choosing the cipher suite and adjusting the length and rate of MQTT messages. Optimized resource consumption enables reliable management of MQTT-based IoT.},
keywords = {Case Studies, Testbeds and Practical Experiences; Internet of Things (IoT); Applications and case studies; Sensor networks},
pubstate = {published},
tppubtype = {inproceedings}
}
Transport Layer Security (TLS) is an established Internet security standard. TLS offers a variety of configuration options that affect resource consumption. For deployments of constrained devices in the Internet of Things (IoT), it is crucial to optimize TLSs resource consumption. This study examines how the TLS cryptographic algorithms, so-called cipher suites, affect an MQTT applications resource consumption. MQTT is a popular protocol for IoT. We construct a model application using the Mosquitto MQTT broker and client library. We measure the consumption of CPU cycles, memory, and network bandwidth with the IANA-recommended TLS 1.2 and TLS 1.3 cipher suites. We test and compare different variants for the key exchange, server authentication, client authentication, and symmetric encryption algorithms, as well as recommended elliptic curves for elliptic curve cryptography (ECC) algorithms. We identify ECDHE key exchange with the x25519 curve and mutual PSK authentication as the best handshake performance. Ed25519 provides the best performance among the certificate authentication options. The effect of choosing a faster symmetric cipher on CPU costs depends on message size. Changing symmetric ciphers does not affect the performance for 100 B messages, but more differences are observed for 10 kB messages. Overall, the findings show that resource consumption can be optimized by choosing the cipher suite and adjusting the length and rate of MQTT messages. Optimized resource consumption enables reliable management of MQTT-based IoT.
@inproceedings{222206,
title = {Continuous Microservice Re-Placement in the IoT},
author = {Christian L\"{u}bben and Simon Sch\"{a}ffner and Marc-Oliver Pahl},
url = {http://XXXXX/222206.pdf},
year = {2022},
date = {2022-04-01},
booktitle = {NOMS 2022 Workshops - Manage-IoT 2022 ()},
abstract = {The Internet of Things (IoT) consists of constraint devices. There is a continuous increase in processing power and a recent trend towards microservice architectures. Both make it possible to place IoT microservices on the distributed edge nodes of an IoT site. The identification of a suitable placement of services creates an open challenge. The IoT sets special demands due to its heterogeneous, and often constraint resources. This paper presents a service placement strategy that is adapted to the IoT. It assesses the differences between the IoT and previous service placement problem domains. The results show that the presented service placement strategy outperforms existing ones from other domains. This particularly holds for the optimization of the overall system performance.},
keywords = {Internet of Things (IoT)},
pubstate = {published},
tppubtype = {inproceedings}
}
The Internet of Things (IoT) consists of constraint devices. There is a continuous increase in processing power and a recent trend towards microservice architectures. Both make it possible to place IoT microservices on the distributed edge nodes of an IoT site. The identification of a suitable placement of services creates an open challenge. The IoT sets special demands due to its heterogeneous, and often constraint resources. This paper presents a service placement strategy that is adapted to the IoT. It assesses the differences between the IoT and previous service placement problem domains. The results show that the presented service placement strategy outperforms existing ones from other domains. This particularly holds for the optimization of the overall system performance.
@inproceedings{221053,
title = {Autonomous convergence mechanisms for collaborative crowd-sourced data-modeling},
author = {Christian L\"{u}bben and Marc-Oliver Pahl},
url = {http://XXXXX/221053.pdf},
year = {2022},
date = {2022-04-01},
booktitle = {NOMS 2022 - Full and short papers ()},
abstract = {Interoperability remains a central challenge of the Internet of Things (IoT). Standardized data representation can solve this problem. Data model convergence prevents redundancy and fosters reuse. The growth of the IoT demands a high number of data models. Collaborative approaches allow the creation of numerous data models. The question to investigate is: Can assisted distributed model creation improve model convergence? This paper presents an approach to unify IoT data models during creation. It analyzes existing models to find similarities to a new model candidate. Similar models shall be reused or extended to prevent information redundancy. Challenges are the accuracy of the similarity analysis and scalability. The evaluation shows linear scalability and high accuracy using a data set containing 1200 automatically converted data models from today's most relevant IoT data modeling initiatives: Project Haystack, IoTSchema, and BrickSchema.},
keywords = {Internet of Things (IoT); Data service management; IT service management; Distributed management},
pubstate = {published},
tppubtype = {inproceedings}
}
Interoperability remains a central challenge of the Internet of Things (IoT). Standardized data representation can solve this problem. Data model convergence prevents redundancy and fosters reuse. The growth of the IoT demands a high number of data models. Collaborative approaches allow the creation of numerous data models. The question to investigate is: Can assisted distributed model creation improve model convergence? This paper presents an approach to unify IoT data models during creation. It analyzes existing models to find similarities to a new model candidate. Similar models shall be reused or extended to prevent information redundancy. Challenges are the accuracy of the similarity analysis and scalability. The evaluation shows linear scalability and high accuracy using a data set containing 1200 automatically converted data models from today's most relevant IoT data modeling initiatives: Project Haystack, IoTSchema, and BrickSchema.
@inproceedings{wustrich2022ac,
title = {AC/DCIM: Acoustic Channels for Data Center Infrastructure Monitoring},
author = {Lars W\"{u}strich and Sebastian Gallenm\"{u}ller and Marc-Oliver Pahl and Georg Carle},
year = {2022},
date = {2022-01-01},
booktitle = {NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium},
pages = {1\textendash5},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{lavaur2022evolution,
title = {The evolution of federated learning-based intrusion detection and mitigation: a survey},
author = {L\'{e}o Lavaur and Marc-Oliver Pahl and Yann Busnel and Fabien Autrel},
year = {2022},
date = {2022-01-01},
journal = {IEEE Transactions on Network and Service Management},
volume = {19},
number = {3},
pages = {2309\textendash2332},
publisher = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
@article{mattos20222022,
title = {2022 6th Cyber Security in Networking Conference (CSNet)},
author = {Diogo MF Mattos and Marc Oliver Pahl and Carol Fung and Marcelo G Rubinstein},
year = {2022},
date = {2022-01-01},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
@inproceedings{varga2022proceedings,
title = {Proceedings of the 18th IEEE/IFIP Network Operations and Management Symposium (NOMS 2022)},
author = {Pal Varga and Lisandro Zambenedetti Granville and Alex Galis and Noura Limam and Prosper Chemouil and J\'{e}r\^{o}me Fran\c{c}ois and Marc-Oliver Pahl},
year = {2022},
date = {2022-01-01},
booktitle = {NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{lavaur2022federated,
title = {Federated Learning as enabler for Collaborative Security between not Fully-Trusting Distributed Parties},
author = {L\'{e}o Lavaur and Benjamin Cost\'{e} and Marc-Oliver Pahl and Yann Busnel and Fabien Autrel},
year = {2022},
date = {2022-01-01},
booktitle = {C\&ESAR 2022-29th Computer \& Electronics Security Application Rendezvous},
pages = {1\textendash16},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@workshop{KabilVR4Sec21,
title = {Training and Data Analysis use cases for Cybersecurity through Mixed Reality Applications},
author = {Alexandre Kabil and Thierry Duval and Marc-Oliver Pahl},
year = {2021},
date = {2021-08-06},
urldate = {2021-08-06},
abstract = {In this paper, we will discuss our point of view of the use of
Mixed Environments for Cybersecurity, especially for training
and data analysis purposes. We will argue that Collaborative
Mixed Environments could merge training and analysis approaches by providing users several points of view on cyber
situations.},
howpublished = {VR4Sec: 1st International Workshop on Security for XR and XR for Security},
keywords = {},
pubstate = {published},
tppubtype = {workshop}
}
In this paper, we will discuss our point of view of the use of
Mixed Environments for Cybersecurity, especially for training
and data analysis purposes. We will argue that Collaborative
Mixed Environments could merge training and analysis approaches by providing users several points of view on cyber
situations.
@workshop{Delcombel2021,
title = {CyberCopter: a 3D helical visualisation for periodic signals of cyber attacks},
author = {Nicolas Delcombel and Alexandre Kabil and Thierry Duval and Marc-Oliver Pahl},
year = {2021},
date = {2021-08-06},
urldate = {2021-08-06},
abstract = {this paper aims to asses the usefulness of 3D interactive interfaces to display periodic signals in a network. Past research has shown that 2D data visualization simplifies alerts classification. Including those drawn by periodicity based Intrusion Detection Systems. However, 2D visualisations have limitations such as screen space availability. This is why we created CyberCopter, a prototype that uses a 3D helical representation
to highlight periodic patterns in a dataset. We tested CyberCopter usability and efficiency in a fraud detection scenario. It scored 77 at the SUS questionnaire which demonstrates an acceptable usability},
howpublished = {VR4Sec: 1st International Workshop on Security for XR and XR for Security},
keywords = {Cybersecurity, Security, Virtual reality, Visual analytics, Visualization, Visualization application domains},
pubstate = {published},
tppubtype = {workshop}
}
this paper aims to asses the usefulness of 3D interactive interfaces to display periodic signals in a network. Past research has shown that 2D data visualization simplifies alerts classification. Including those drawn by periodicity based Intrusion Detection Systems. However, 2D visualisations have limitations such as screen space availability. This is why we created CyberCopter, a prototype that uses a 3D helical representation
to highlight periodic patterns in a dataset. We tested CyberCopter usability and efficiency in a fraud detection scenario. It scored 77 at the SUS questionnaire which demonstrates an acceptable usability
@inproceedings{Lavaur2021.gtsslr,
title = {Federated Security Approaches for IT and OT},
author = {Leo Lavaur and Marc-Oliver Pahl and Yann Busnel and Fabien Autrel},
year = {2021},
date = {2021-05-11},
urldate = {2021-05-11},
pages = {2},
abstract = {The Internet of Things has begun to spread over a variety of domains, including industry and finance. It represents an increasing threat for both IT and OT. The lack of collaboration results in the same attacks targeting different organizations one after the other. Often employed as an answer to this problem, cyber threat-intelligence sharing induces its own set of challenges: trust, privacy, and traceability.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
The Internet of Things has begun to spread over a variety of domains, including industry and finance. It represents an increasing threat for both IT and OT. The lack of collaboration results in the same attacks targeting different organizations one after the other. Often employed as an answer to this problem, cyber threat-intelligence sharing induces its own set of challenges: trust, privacy, and traceability.
@inproceedings{213227,
title = {Cyber-Physical Anomaly Detection for ICS},
author = {Lars Wuestrich and Lukas Schr\"{o}der and Marc-Oliver Pahl},
url = {http://xxxxx/213227.pdf},
year = {2021},
date = {2021-05-01},
booktitle = {IFIP/IEEE International Symposium on Integrated Network Management co-located with IM},
abstract = {Industrial Control Systems (ICS) are complex systems made up of many components with different tasks. For a safe and secure operation, each device needs to carry out its tasks correctly. To monitor a system and ensure the correct behavior of systems anomaly detection systems are used. Models of expected behavior often rely only on cyber or physical features for anomaly detection. We propose an anomaly detection system that combines both types of features to create a dynamic fingerprint of an ICS. We present how such a system can be designed and which challenges need to be overcome for a successful implementation.},
keywords = {and Dependability, Data and device security, Other aspects relevant to manage IoT systems., resilience, Security and Privacy, Survivability, Validation and Verification of data and functional},
pubstate = {published},
tppubtype = {inproceedings}
}
Industrial Control Systems (ICS) are complex systems made up of many components with different tasks. For a safe and secure operation, each device needs to carry out its tasks correctly. To monitor a system and ensure the correct behavior of systems anomaly detection systems are used. Models of expected behavior often rely only on cyber or physical features for anomaly detection. We propose an anomaly detection system that combines both types of features to create a dynamic fingerprint of an ICS. We present how such a system can be designed and which challenges need to be overcome for a successful implementation.
@inproceedings{delcombel2021cybercopter,
title = {CyberCopter: a 3D helical visualisation for periodic signals of cyber attacks},
author = {Nicolas Delcombel and Alexandre Kabil and Thierry Duval and Marc-Oliver Pahl},
year = {2021},
date = {2021-01-01},
booktitle = {VR4Sec 2021 (Security for XR and XR for Security)},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{muhlbauer2021feature,
title = {Feature-based comparison of open source OPC-UA implementations},
author = {Nikolas M\"{u}hlbauer and Erkin Kirdan and Marc-Oliver Pahl and Karl Waedt},
year = {2021},
date = {2021-01-01},
publisher = {Gesellschaft f\"{u}r Informatik, Bonn},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
A priority-based domain type enforcement for exception management Proceedings Article
In: Foundations and Practice of Security: 13th International Symposium, FPS 2020, Montreal, QC, Canada, December 1–3, 2020, Revised Selected Papers 13, pp. 65–81, Springer International Publishing 2021.
@inproceedings{smine2021priority,
title = {A priority-based domain type enforcement for exception management},
author = {Manel Smine and David Espes and Nora Cuppens-Boulahia and Fr\'{e}d\'{e}ric Cuppens and Marc-Oliver Pahl},
year = {2021},
date = {2021-01-01},
booktitle = {Foundations and Practice of Security: 13th International Symposium, FPS 2020, Montreal, QC, Canada, December 1\textendash3, 2020, Revised Selected Papers 13},
pages = {65\textendash81},
organization = {Springer International Publishing},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@article{paiho2021towards,
title = {Towards cross-commodity energy-sharing communities\textendashA review of the market, regulatory, and technical situation},
author = {Satu Paiho and Jussi Kiljander and Roope Sarala and Hanne Siikavirta and Olli Kilkki and Arpit Bajpai and Markus Duchon and Marc-Oliver Pahl and Lars W\"{u}strich and Christian L\"{u}bben and others},
year = {2021},
date = {2021-01-01},
journal = {Renewable and Sustainable Energy Reviews},
volume = {151},
pages = {111568},
publisher = {Pergamon},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
@inproceedings{kabil2021training,
title = {Training and Data Analysis use cases for Cybersecurity through Mixed Reality Applications},
author = {Alexandre Kabil and Thierry Duval and Marc-Oliver Pahl},
year = {2021},
date = {2021-01-01},
booktitle = {VR4Sec 2021 (Security for XR and XR for Security)},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{lavaur2021federated,
title = {Federated security approaches for IT and OT},
author = {L\'{e}o Lavaur and Marc-Oliver Pahl and Yann Busnel and Fabien Autrel},
year = {2021},
date = {2021-01-01},
booktitle = {SSLR 2021-Journ\'{e}e th\'{e}matique du GT sur la S\'{e}curit\'{e} des Syst\`{e}mes, Logiciels et R\'{e}seaux},
pages = {1\textendash2},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
A Priority-Based Domain Type Enforcement for Exception Management Proceedings Article
In: Foundations and Practice of Security: 13th International Symposium, FPS 2020, Montreal, QC, Canada, December 1--3, 2020, Revised Selected Papers, pp. 65, Springer Nature 2021.
@inproceedings{pahl2021priority,
title = {A Priority-Based Domain Type Enforcement for Exception Management},
author = {Manel Smine and David Espes and Nora Cuppens-Boulahia and Fr\'{e}d\'{e}ric Cuppens and Marc-Oliver Pahl},
year = {2021},
date = {2021-01-01},
booktitle = {Foundations and Practice of Security: 13th International Symposium, FPS 2020, Montreal, QC, Canada, December 1--3, 2020, Revised Selected Papers},
volume = {12637},
pages = {65},
organization = {Springer Nature},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{9565553,
title = {Detecting and Preventing Faked Mixed Reality},
author = {Fabian Kilger and Alexandre Kabil and Volker Tippmann and Gudrun Klinker and Marc-Oliver Pahl},
doi = {10.1109/MIPR51284.2021.00074},
year = {2021},
date = {2021-01-01},
booktitle = {2021 IEEE 4th International Conference on Multimedia Information Processing and Retrieval (MIPR)},
pages = {399-405},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{muhlbauer2020open,
title = {Open-source OPC UA security and scalability},
author = {Nikolas M\"{u}hlbauer and Erkin Kirdan and Marc-Oliver Pahl and Georg Carle},
year = {2020},
date = {2020-01-01},
booktitle = {2020 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)},
volume = {1},
pages = {262\textendash269},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
@inproceedings{wustrich2020extensible,
title = {An extensible IoT Security Taxonomy},
author = {Lars W\"{u}strich and Marc-Oliver Pahl and Stefan Liebald},
doi = {10.1109/ISCC50000.2020.9219584},
year = {2020},
date = {2020-01-01},
booktitle = {IEEE ISCC 2020},
abstract = {Security is essential in the Internet of Things (IoT). IoT threat classifications are often non-intuitive to use. Identifying relevant properties of an attack is difficult and requires reading details of the attack. We therefore propose a simple-to-use naming scheme for IoT threat classification. It is based on the affected layers and the affected security goals. We evaluate the usefulness of the chosen approach by applying it to common IoT threats.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Security is essential in the Internet of Things (IoT). IoT threat classifications are often non-intuitive to use. Identifying relevant properties of an attack is difficult and requires reading details of the attack. We therefore propose a simple-to-use naming scheme for IoT threat classification. It is based on the affected layers and the affected security goals. We evaluate the usefulness of the chosen approach by applying it to common IoT threats.
@article{Lubben2020,
title = {Using Deep Learning to Replace Domain Knowledge},
author = {Christian Lubben and Marc Oliver Pahl and Mohammad Irfan Khan},
doi = {10.1109/ISCC50000.2020.9219567},
issn = {15301346},
year = {2020},
date = {2020-01-01},
journal = {Proceedings - IEEE Symposium on Computers and Communications},
volume = {2020-July},
abstract = {Complex problems like the prediction of future behavior of a system are usually solved by using domain knowledge. This knowledge comes with a certain expense which can be monetary costs or efforts to generate it. We want to decrease this cost while using state of the art machine learning and prediction methods. Our aim is to replace the domain knowledge and create a black-box solution that offers automatic reasoning and accurate predictions. Our guiding example is packet scheduling optimization in Vehicle to Vehicle (V2V) communication. Within the evaluation, we compare the prediction quality of a labour-intense whitebox approach with the presented fully-automated blackbox approach. To ease the measurement process we propose a framework design which allows easy exchange of predictors. The results show the successful design of our framework as well as superior accuracy of the black box approach.},
keywords = {ANN, deep learning, network traffic prediction, V2V, V2X},
pubstate = {published},
tppubtype = {article}
}
Complex problems like the prediction of future behavior of a system are usually solved by using domain knowledge. This knowledge comes with a certain expense which can be monetary costs or efforts to generate it. We want to decrease this cost while using state of the art machine learning and prediction methods. Our aim is to replace the domain knowledge and create a black-box solution that offers automatic reasoning and accurate predictions. Our guiding example is packet scheduling optimization in Vehicle to Vehicle (V2V) communication. Within the evaluation, we compare the prediction quality of a labour-intense whitebox approach with the presented fully-automated blackbox approach. To ease the measurement process we propose a framework design which allows easy exchange of predictors. The results show the successful design of our framework as well as superior accuracy of the black box approach.
I am continuously supervising students since 2008. I supervised more than 150 Master- and Bachelor theses, 5 PhD theses at Tu Munich, and 6 PhD theses at IMT Atlantique.
I am teaching continuously at universities since 2003. I received multiple awards for my teaching including the 2013 Ernst Otto Fischer teaching award for excellent teaching and the 2020 supervisory award for excellent PhD supervision, both from Technical University of Munich.
Lighthouse activities are:
The conception, creation, and operation of the biggest computer networks and distributed systems hands-on class series in Germany, the iLab, more at https://ilab.ilabxp.com/
The following table gives an overview on my teaching activities:
My major teaching activities besides supervising students.
Current Positions
Full Professor (2019-) Directeur de Recherches Grande Ecole (Technical University) Institut Mines Télécom (IMT) Atlantique (prior Ecole nationale supérieure des télécommunications de Bretagne) / Department SRCD / Chaire Cyber CNI, Rennes, France
Chairholder of the Chaire Cybersecurity for Critical Networked Infrastructures (Cyber CNI) (1/2020-)
– 8 professors
– 1 engineer
– 3 post-docs
– 11 PhDs
– 5industrypartners(Airbus,Amossys,BNPParibas,EDF, Nokia Bell Labs)
Previously Co-Director of the multi-institute research team(UMR6285) LAB-STICC/IRIS (Sécurité et Résilience des Systèmes d’Information) (1/2020-2/2021) – 14 professors – 1 research position – 1 technician – 11 post-docs – 22 PhDs
Member of the Steering Committee of the German-French Academy for the industry of the future (GFA) (2019-)
Coordinator“FutureEducation” of the German-French Academy for the Industry of the Future (GFA) (2017-)
Adjunct Professor, Carleton University, Canada (2019-)
Vice-President, German Chapter of the ACM (2020-)
Previous Academic Position
2014-2020 Head of the IoT Smartspace Research Team at the Chair for Network Architectures and Services at Technical University of Munich, Germany – 5 PhD students and more than 200 Master, Bachelor and Diploma students under my supervision. – ProLehre Media and Didactics / External lecturer
2016-2017 Advisor of the Board of the Munich Center for Internet Research (MCIR), preparation of the transition to the current Bavarian Institute of Digital Transformation (BIDT)
2008-2014 Researcher and Lecturer at the Technical University of Munich
2005 External consultant for the interactive learning DVD “Netzwerktechnik” and Trainer at German “Berufsschulen”
Awards
Supervisory Award for excellent PhD supervision (Technical University of Munich, Germany, 2020)
Ernst Otto Fischer Lehrpreis (outstanding teaching award) (Technical University of Munich, Germany, 2013)
Excellent teaching award (Technical University of Munich, 2018)
Excellent teaching award (Technical University of Munich, 2016)
Excellent teaching award (Technical University of Munich, 2015)
Excellent teaching award (Technical University of Munich, 2014)
Fellowship of the Klaus Tschira Foundation for the Heidel- berg Laureate Forum (2016)
Education
2018 Zertifikat Hochschullehre der Bayerischen Universitäten – Vertiefungsstufe (highest teaching certificate of Bavaria)
2014 PhD (Summa cum Laude), Technical University of Munich, “Distributed Smart Space Orchestration,” Focus on Internet of Things, Advisors: Prof. Dr.-Ing. Georg Carle, Munich; Prof. Gudrun Klinker, PhD, Munich
2008 Diploma (1.0 (best possible grade)), Eberhard Karls Universität Tübingen, “spy360.net — Webcampanoramen bis 360 Grad in HDR,” Focus on Image Processing, Advisors: Prof. Dr. Andreas Schilling, Tübingen; Prof. Dr. Dr. h.c. Wolfgang Straßer, Tübingen
Languages
German (mother tongue): fluent
English (working language): fluent
French (working language): fluent
Latin (“Großes Latinum”)
Memberships
Association for Computing Machinery (ACM)
German Chapter of the ACM (GChACM) – Vice-President (2020-2023; 2 terms)
Institute of Electrical and Electronics Engineers (IEEE) – IEEE-IES Technical Committee on Factory Automation
German Society for Informatics (GI)
Deutscher Hochschullehrerverband (DHV)
Invited Talks
“, “ AI for industry summer school, 2021
Young Security Conference (YSC) 2021
“CollaborativeRemoteSituationalCybersecurityAwareness,” SNCF Cyber Fusion Center, 2021
“A holistic Approach to Cybersecurity, “ New Brunswick Cybersummit, 2021
“When data is the new oil, it is our role to prevent the blowout!, “ AI for industry summer school, 2020
“When COVID-19 brings out the fundamentals of Artificial Intelligence, ” Atos Popup College, 2020
“When Data is the New Oil, Security is the Blowout Preventer, ” IDSA VIRTUAL EXPO “Scaling in Europe with Data Sovereignty – a French Perspective”, 2020
“IoT Smart Environment Research Vision, ” IMT Atlantique Séminaire au Vert, Département SRCD, Carnac, France, 2019 ̈
“Ziemlich beste Freunde? Uber die Vereinbarkeit von Digitaler Transformation und Privatsphäre” (Pretty much best friends? On the compatibility of digital transformation and privacy), German Informatics Society, Munich, Germany, 2019
“Privacy or why should I care? Security and Privacy aspects of Autonomous Driving,” Autonomous Vehicle Safety and Security meetup, Munich, Germany, 2019
“Cross-layer optimization for time- and security-critical IoT applications,” Huawei, San Jose, USA, 2019
“Composing the (Industrial) Internet of Things(IIoT),”Siemens CKI Forum, Munich, Germany, 2019
“Taming the Internet of Things: DS2OS – a secure data- centric service-oriented approach,” Arctic University (Randi Karlson), Tromsø, Norway, 2019
“Securing the Internet of Things – Because it is Your Data!,” Data61/ CSIRO (Ingo Weber), Sydney, Australia, 2018
“The Future of Teaching? How Combining Online and Of- fline Learning can become the Key,” University of Sydney (Ralph Holz), Sydney, Australia, 2018
“Securing the Internet of Things,” keynote at the AdHoc Now conference (Nicolas Montavont), St. Malo, France, 2018
“The iLab Concept – Making Teaching better, at Scale,” Ja- cobs University Bremen (Jürgen Schönwälder), Bremen, Ger- many, 2018
“Smart Space Orchestration – How to make the Internet of Things smart?”, Eurecom (Jérome Härri), Sophia Antipolis, France, 2016
“Datenzentrierte Modulare Gebäudeautomatisierung im Internet der Dinge,” (Datacentric Modular Building Automation in the Internet of Things), keynote at the IT4ENERGY-Workshop 2015 – Dezentrale Energiesysteme in der Gebäude- und Wohnungswirtschaft (Armin Wolf), Berlin, Germany, 2015
“ServiceorientierteArchitektureninBaaS,”(Service-Oriented Architectures in BaaS), keynote at the IT4ENERGY-Workshop 2014 – Gebäudewirtschaft und Energienetze (Thomas Luckenbach), Berlin, Germany, 2014
“The iLab experience – a blended learning hands-on course concept,” keynote at the EU Tempus Event for the Modernisation of Higher Education (Helmut Seidl), Munich, Germany, 2013
Raised Funding
I am constantly mounting projects with a volume for my groups of over 2 000 000 EUR (in overall projects of several 10 MEUR) until 2021. I am experienced in the national and international public and private funding acquisition sectors. From the beginning, I am often in leading roles in projects. The funding covers research and teaching activities.
Project Coordination
2018-2021 BMBF/ Business Finland (DE, FI) Decentralized Cross-commodity Energy Management (DECENT): Overall coordinator DE consortium, PI TUM
2013-2016 BMBF / ITEA (DE, ES, TR) Building as a Service (BaaS): Technical Coordinator, PI TUM
2008-2011 BMBF / CELTIC (DE, FR, SE) Autonomic Home Networking (Authone): Technical Project Lead TUM
Lead author of numerous national and international proposals that unluckily did not get funded.
Community Service
Publication co-chair, ACM/ IEEE/ IFIP Network Operations and Service Managment (NOMS) 2022
Experience Session Co-Chair of the IFIP/IEEE International Symposium on Integrated Network Management (IM) 2021
Workshop Co-Chair ACM/ IEEE/ IFIP Network Operations and Service Managment (NOMS) 2020
Student Travel Grant Chair ACM/ IEEE/ IFIP International Conference on Network and Service Management (CNSM) 2019
Associate Editor ACM International Journal of Network Ma- nagement (IJNM) (2018-)
Guest Editor Special Issue Wiley’s Internet Technology Let- ters (with Michel Barbeau (Carlton University, Canada; Joaquin, IMT Sud Paris, France) 2019
General Co-Chair of the IFIP / IEEE Decentralized Orchestration and Management of Distributed Heterogeneous Things (DOMINOS) Workshop 2018, 2019
TPC Co-Chair Global Information Infrastructure and Net- working Symposium (GIIS) 2019, IEEE International Conference on Ad Hoc Networks and Wireless (Adhoc-Now) 2018
Panel Co-Chair of the IFIP/IEEE International Symposium on Integrated Network Management (IM) 2019
Demo Co-Chair IFIP / IEEE Cloudification of the Internet of Things (CIoT) 2018
Organizer IFIP / IEEE HOT topics in Network and Service Management (HOTNSM) 2019
Organizer IFIP / IEEE Distributed Orchestration and Management of Distributed Heterogeneous Things (DOMINOS) 2018
My review activity
I am in the OC of multiple conferences, mainly in the network service and management community.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.OkPrivacy policy
