Maciej Korczynski, PhD | Grenoble Institute of Technology

Maciej Korczynski, Ph.D.

Associate Professor
Grenoble Alpes University
LIG, Grenoble Computer Science Laboratory
Drakkar group

IMAG building
700 avenue Centrale, office 411
38401 Saint-Martin d'Heres
France

e-mail: maciej (dot) korczynski (at) univ-grenoble-alpes (dot) fr
Phone: +33 457 421 692
PGP key ID: 1BDA32F6

Short biography	I am Associate Professor of computer network security at Grenoble INP-Ensimag and a member of the Drakkar group at LIG Lab. I received my HDR (Habilitation) in Computer Science from the Grenoble Alpes University in 2021. Previously, I was a post-doctoral researcher at TU Delft and a member of the Economics of Cybersecurity group analyzing large-scale Internet measurement and incident data to identify how providers of Internet services deal with security risks and incidents. Between February 2013 and May 2014, I was a post-doctoral researcher at Rutgers University and a member of the Fefferman Lab investigating bio-inspired algorithms in distributed anomaly detection systems. I received my Ph.D. in Computer Science from the Grenoble Alpes University. Between October 2009 and December 2012 I was a member of the Drakkar group at LIG Lab.
Scientific interests	I am interested in areas related to cybersecurity: Security of DNS infrastructure and domain name abuse Large-scale network traffic measurement, analysis, and classification Secure protocols and communication mechanisms Distributed detection and confinement of abnormal activities in network traffic Reputation metrics to improve intermediary incentives for security
News	[2024.01.10] Congratulations to Yevheniya! Our paper titled "Extended DNS Errors: Unlocking the Full Potential of DNS Troubleshooting" that was presented at ACM IMC 2023 has been awarded the Applied Networking Research Prize in 2024! [2023.11.22] We invite applications for a PhD Student position in the area of network secuity. The Ph.D. program is part of the Joint Base for Cyber Intelligence and Detection project, a French initiative led by Thales in collaboration with public and private sector stakeholders. [2023.10.10] I will give a talk entitled "Building a Resilient Domain Whitelist to Enhance Phishing Blocklist Accuracy" at ICANN Tech Day on October 23, 2023. [2022.02.07] I will give a talk entitled "Compromised versus Maliciously Registered Domains" at the ICANN Plenary Session: Evolving the DNS Abuse Conversation on March 9, 2022. [2022.02.01] I will be giving several presentations on the Technical Report of the Domain Name System Abuse Project commissioned by the European Commission at the ICANN Contracted Party House DNS Abuse Subgroup Meeting (April 12, 2022), High-Level Group on Internet Governance Multi-stakeholder Open Session (March 11, 2022), ICANN73 GAC Public Safety Working Group (March 8, 2022), Names and Numbers SIG at M3AAWG Conference Call (March 2, 2022), DNS Abuse SIG-FIRST Conference Call (March 1, 2022), and ICANN73 Business Constituency (February 17, 2022). [2021-05-20] We will give a talk about the COMAR project titled: "Classification of Compromised versus Maliciously Registered Domains" at the 2021 ICANN DNS Symposium (virtual) on May 26th 2021. [2021-04-22] Together with colleagues from AFNIC and SIDN Labs, we wrote a blog post entitled Distinguishing exploited from malicious domain names using COMAR: Key findings and future directions. [2020.11.06] I co-organize the 6th International Workshop on Traffic Measurements for Cybersecurity (WTMC 2021) co-located with the IEEE S&P 2021 (Virtual event). Paper submission deadline: January 15, 2021. [2020.10.29] We wrote two blog posts describing our method for inferring the deployment of inbound Source Address Validation using DNS resolvers (Closed Resolver Project) for APNIC and RIPE NCC. [2020.06.08] Our research paper titled "From Defensive Registration to Subdomain Protection: Evaluation of Email Anti-Spoofing Schemes for High-Profile Domains" received the Best Paper Award at the Network Traffic Measurement and Analysis Conference 2020. [2019.12.12] I co-organize the International Workshop on Traffic Measurements for Cybersecurity (WTMC 2020) co-located with the IEEE Euro S&P 2020 in Genova, Italy. Paper submission (firm deadline): May 11, 2020. [2019.11.02] Apply for an internship position in the Drakkar research group at LIG lab, France. [2019.07.12] I will give a keynote speech titled: "Internet-wide Measurements to Prevent and Combat Cybercrime" at the 8th International Workshop on Cyber Crime at ARES on August 28, 2019 in Canterbury, UK. [2019.06.23] We invite applications for a PhD Student position in the area of measurements for cybersecurity and Domain Name System (DNS) abuse. Application deadline: 31.07.2019 [2019.06.13] I will give a talk titled: "Internet-wide Measurements for Cybersecurity: The Case of DNS Zone Poisoning" at the French Cyber Defence and Strategy conference organized by the Cercle National des Armees on Tuesday, 2nd July 2019. [2019.03.25] We're happy to announce that we are organizing a workshop on DNS security at LIG Lab on April 4, 2019! Dr. Paul Vixie (Farsight Security) will give a keynote speech titled Benefits and Hazards of "Public" vs "Private" vs "Local" DNS [2018.11.10] We are happy to announce we will be hosting a meeting of the Scientific Council of AFNIC at LIG Lab on November 22, 2018! [2018.11.02] Apply for an internship position in the Drakkar research group at LIG lab, France. [2018.10.12] I co-organize the IEEE S&P 4th International Workshop on Traffic Measurements for Cybersecurity (WTMC 2019). Submission deadline: January 7, 2019. Consider submitting your paper! [2018.10.02] SIDN Labs, Afnic Labs, and Grenoble Alps University started a new research project called "Classification of compromised versus maliciously registered domains" (COMAR) on 1 October 2018. You can find our blog post here. [2018.10.02] Our colleague Oliver Gasser (TU Munich) will give a talk titled "Clusters in the Expanse: Understanding and Unbiasing IPv6 Hitlists" at the upcoming RIPE meeting. You can find more information on our blog post. [2018.07.02] Mehmet Tahir Sandikkaya will be joining the Drakkar team as a visiting researcher to work on the security of IoT devices. Welcome, Tahir! [2018.03.26] The publication "In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements" has been awarded the Best Paper Award at the Passive and Active Measurement Conference (PAM'18)! [2018.02.11] Our ACM CCS paper titled "Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting" was nominated along with 4 other paper for the best Dutch cybersecurity research paper in 2018. [2017.12.22] I co-organize the ACM SIGCOMM 2018 3rd International Workshop on Traffic Measurements for Cybersecurity (WTMC 2018). Submission deadline (final extension): April 8, 2018 [2017.11.01] We invite applications for a PhD Student position in the area of measurements for cybersecurity and Domain Name System (DNS) abuse. Application deadline: 31.12.2017 [2017.09.05] Together with my colleague Maarten Wullink (SIDN) we would like to invite everyone to join the webinar entitled: "The Statistical Analysis of DNS Abuse in gTLDs", on 13 and 14 September 2017, organized and hosted by ICANN. [2017.08.20] I'm very happy to announce that starting from September 2017 I will be appointed at ENSIMAG and will join the Drakkar research group lead by Prof. Andrzej Duda at LIG Lab (Grenoble Computer Science Laboratory). [2017.08.04] We have delivered the SADAG final report to ICANN. Between August 9 and September 27, 2017, ICANN invites public comments from the community on the data, methodology, and results of our report. [2016.12.15] Our paper No domain left behind: is Let's Encrypt democratizing encryption? was covered by Reddit and Schneier on Security. [2016.12.13] I'm very happy to announce that we kicked off a new study for ICANN together with SIDN Labs to investigate the abuse of domain names in new and legacy gTLDs. Please check our blog post and the SADAG site for more information. [2016.09.29] I co-organize the International Workshop on Traffic Measurements for Cybersecurity (WTMC 2017) co-located with the IEEE S&P 2017 in San Jose, CA. Deadline: January 15, 2017. [2016.06.07] I am co-guest editing a Feature Topic on Traffic Measurements for Cyber Security for IEEE Communications Magazine. Consider submitting your paper! Deadline: October 1, 2016. [2016.05.05] I will give a talk about the Clean Netherlands project titled: "Tackling Internet pollution using science and law enforcement" at a cybercrime conference organized by the Cambridge Cloud Cybercrime Centre on Thursday, 14th July 2016. [2015.11.05] The EconSec group is co-organizing the International Workshop on Traffic Measurements for Cybersecurity (WTMC 2016) co-located with the 11th ACM Asia Conference on Computer and Communications Security (AsiaCCS 2016) on May 30th, 2016. Consider submitting your paper! Deadline (extended): 08.02.2016.
Publications	Selected Publications (see also my google scholar and dblp pages): "Spoofed Emails: An Analysis of the Issues Hindering a Larger Deployment of DMARC", Olivier Hureau, Jan Bayer, Andrzej Duda, Maciej Korczynski, Passive and Active Measurement Conference (PAM), Virtual Event, 2024 "WHOIS Right? An Analysis of WHOIS and RDAP Consistency", Simon Fernandez, Olivier Hureau, Andrzej Duda, Maciej Korczynski, Passive and Active Measurement Conference (PAM), Virtual Event, 2024 "Building a Resilient Domain Whitelist to Enhance Phishing Blocklist Accuracy", Jan Bayer, Sourena Maroofi, Olivier Hureau, Andrzej Duda, Maciej Korczynski, Symposium on Electronic Crime Research (eCrime), Spain, 2023 "Extended DNS Errors: Unlocking the Full Potential of DNS Troubleshooting", Yevheniya Nosyk, Maciej Korczynski, Andrzej Duda, ACM SIGCOMM Internet Measurement Conference (IMC), Canada, 2023 "The Cloud Strikes Back: Investigating the Decentralization of IPFS", Leonhard Balduf, Maciej Korczynski, Onur Ascigil, Navin V. Keizer, George Pavlou, Bjorn Scheuermann, Michal Krol, ACM SIGCOMM Internet Measurement Conference (IMC), Canada, 2023 "Guardians of DNS Integrity: A Remote Method for Identifying DNSSEC Validators Across the Internet", Yevheniya Nosyk, Maciej Korczynski, Andrzej Duda, Proc. of IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), UK, 2023 "Don't Get Hijacked: Prevalence, Mitigation, and Impact of Non-Secure DNS Dynamic Updates", Yevheniya Nosyk, Maciej Korczynski, Carlos H. Ganan, Michal Krol, Qasim Lone, Andrzej Duda, Proc. of IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), UK, 2023 "The Closed Resolver Project: Measuring the Deployment of Inbound Source Address Validation", Yevheniya Nosyk, Maciej Korczynski, Qasim Lone, Marcin Skwarek, Baptiste Jonglez, Andrzej Duda, IEEE/ACM ransactions on Networking (TON), 2023 "Exploring the Dark Side of AI: Advanced Phishing Attack Design and Deployment Using ChatGPT", Nils Begou, Jeremy Vinoy, Andrzej Duda, Maciej Korczynski, Proc. of IEEE Conference on Communications and Network Security (CNS), Orlando, USA, 2023 "Unveiling the Weak Links: Exploring DNS Infrastructure Vulnerabilities and Fortifying Defenses", Yevheniya Nosyk, Olivier Hureau, Simon Fernandez, Andrzej Duda, Maciej Korczynski, IEEE EuroS&P Workshop on Traffic Measurements for Cybersecurity (WTMC), Netherlands, 2023 "Hazardous Echoes: The DNS Resolvers that Should Be Put on Mute", Ramin Yazdani, Yevheniya Nosyk, Ralph Holz, Maciej Korczynski, Mattijs Jonker, Anna Sperotto, Network Traffic Measurement and Analysis Conference (TMA), Italy, 2023 "Intercept and Inject: DNS Response Manipulation in the Wild", Yevheniya Nosyk, Qasim Lone, Yury Zhauniarovich, Carlos Hernandez Ganan, Emile Aben, Giovane C. M. Moura, Samaneh Tajalizadehkhoob, Andrzej Duda, Maciej Korczynski, Passive and Active Measurement Conference (PAM), Virtual Event, 2023 "Operational Domain Name Classification: From Automatic Ground Truth Generation to Adaptation to Missing Values", Jan Bayer, Ben Chukwuemeka Benjamin, Sourena Maroofi, Thymen Wabeke, Cristian Hesselman, Andrzej Duda, Maciej Korczynski, Passive and Active Measurement Conference (PAM), Virtual Event, 2023 "Deployment of Source Address Validation by Network Operators: A Randomized Control Trial", Qasim Lone, Alisa Frik, Matthew Luckie, Maciej Korczynski, Michel van Eeten, Carlos Ganan, 43rd IEEE Symposium on Security and Privacy (IEEE S&P), San Francisco, 2022 "Routing Loops as Mega Amplifiers for DNS-based DDoS Attacks", Yevheniya Nosyk, Maciej Korczynski, Andrzej Duda, Passive and Active Measurement Conference (PAM 2022), the Netherlands "Early Detection of Spam Domains with Passive DNS and SPF", Simon Fernandez, Maciej Korczynski, Andrzej Duda, Passive and Active Measurement Conference (PAM 2022), the Netherlands "Study on Domain Name System (DNS) abuse : technical report" Jan Bayer, Yevheniya Nosyk, Olivier Hureau, Simon Fernandez, Ivett Paulovics, Andrzej Duda, Maciej Korczynski, Publications Office of the European Union, 2022 "Security Reputation Metrics", Maciej Korczynski, Arman Noroozian, Encyclopedia of Cryptography, Security and Privacy, Springer, 2021 "Source Address Validation", Maciej Korczynski, Yevheniya Nosyk, Encyclopedia of Cryptography, Security and Privacy, Springer, 2021 "Semantic Identifiers and DNS Names for IoT", Simon Fernandez, Michele Amoretti, Fabrizio Restori, Maciej Korczynski, Andrzej Duda, IEEE International Conference on Computer Communications and Networks (ICCCN'21), Greece "Adoption of Email Anti-Spoofing Schemes: A Large Scale Analysis", Sourena Maroofi, Maciej Korczynski, Arnold Holzel, and Andrzej Duda, IEEE Transactions on Network and Service Management, 2021 "Are You Human? Resilience of Phishing Detection to Evasion Techniques Based on Human Verification", Sourena Maroofi, Maciej Korczynski, and Andrzej Duda, ACM IMC 2020, Pittsburgh, PA, USA, October 2020 (Acceptance rate: 24,5%) "Inferring the Deployment of Inbound Source Address Validation Using DNS Resolvers", Maciej Korczynski, Yevheniya Nosyk, Qasim Lone, Marcin Skwarek, Baptiste Jonglez, Andrzej Duda, ACM/IRTF Applied Networking Research Workshop (ANRW 2020), Spain, July, 2020 "SAVing the Internet: Explaining the Adoption of Source Address Validation by Internet Service Providers", Qasim Lone, Maciej Korczynski, Carlos Ganan, Michel van Eeten, WEIS 2020, Brussels, Belgium, December 2020 (Acceptance rate: 34,9%) "COMAR: Classification of Compromised versus Maliciously Registered Domains", Sourena Maroofi, Maciej Korczynski, Cristian Hesselman, Benoit Ampeau and Andrzej Duda, IEEE European Symposium on Security and Privacy (EuroS&P 2020), Genova, Italy, September 2020 (Acceptance rate: 14,6%) "Feasibility of Large-Scale Vulnerability Notifications after GDPR", Wissem Soussi, Maciej Korczynski, Sourena Maroofi, Andrzej Duda, IEEE EuroS&P Workshop on Traffic Measurements for Cybersecurity (WTMC 2020), Genova, Italy, September 2020 "From Defensive Registration to Subdomain Protection: Evaluation of Email Anti-Spoofing Schemes for High-Profile Domains", Sourena Maroofi, Maciej Korczynski and Andrzej Duda, Network Traffic Measurement and Analysis Conference (TMA 2020), Berlin, Germany, June 2020 (Best Paper Award) "Don't Forget to Lock the Front Door! Inferring the Deployment of Source Address Validation of Inbound Traffic", Maciej Korczynski, Yevheniya Nosyk, Qasim Lone, Marcin Skwarek, Baptiste Jonglez and Andrzej Duda, Passive and Active Measurement Conference (PAM 2020), Eugene, Oregon, March 2020 (Acceptance rate: 29.2%) "A Practical Approach for Taking Down Avalanche Botnets Under Real-World Constraints", Victor Le Pochat, Tim Van hamme, Sourena Maroofi, Tom Van Goethem, Davy Preuveneers, Andrzej Duda, Wouter Joosen and Maciej Korczynski, Network and Distributed System Security Symposium (NDSS 2020), San Diego, California, February 2020 (Acceptance rate: 17.4%) "Characterizing Vulnerability of DNS AXFR Transfers with Global-Scale Scanning", Marcin Skwarek, Maciej Korczynski, Wojciech Mazurczyk and Andrzej Duda, IEEE S&P Workshop on Traffic Measurements for Cybersecurity (WTMC 2019), San Francisco, California, May 2019 "MLSEC - Benchmarking Shallow and Deep Machine Learning Models for Network Security", Pedro Casas, Gonzalo Marin, German Capdehourat, Maciej Korczynski, IEEE S&P Workshop on Traffic Measurements for Cybersecurity (WTMC 2019), San Francisco, California, May 2019 "Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation", V. Le Pochat, T. Van Goethem, S. Tajalizadehkhoob, M. Korczynski, W. Joosen, Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, February 2019 (Acceptance rate: 17%) "Clusters in the Expanse: Understanding and Unbiasing IPv6 Hitlists", Oliver Gasser, Quirin Scheitle, Pawel Foremski, Qasim Lone, Maciej Korczynski, Stephen D. Strowes, Luuk Hendriks, Georg Carle, ACM SIGCOMM Internet Measurement Conference (IMC'18), Boston, USA, November 2018 (Acceptance rate: 24,7%) "Using Crowdsourcing Marketplaces for Network Measurements: The Case of Spoofer", Qasim Lone, Matthew Luckie, Maciej Korczynski, Hadi Asghari, Mobin Javed, Michel van Eeten, Network Traffic Measurement and Analysis Conference (TMA 2018), Vienna, Austria, June 2018 (Acceptance rate: 33,3%) "Cybercrime After the Sunrise: A Statistical Analysis of DNS Abuse in New gTLDs", Maciej Korczynski, Maarten Wullink, Samaneh Tajalizadehkhoob, Giovane C.M. Moura, Arman Noroozian, Drew Bagley, Cristian Hesselman, ACM Asia Conference on Computer and Communications Security (AsiaCCS 2018), Incheon, Korea, June 2018 (Acceptance rate: 20%) "In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements", O. Gasser, B. Hof, M. Helm, M. Korczynski, R. Holz, G. Carle, Passive and Active Measurement Conference (PAM 2018), Berlin, March 2018 (Best Paper Award) "Rotten Apples or Bad Harvest? What We Are Measuring When We Are Measuring Abuse", Samaneh Tajalizadehkhoob, Rainer Bohme, Carlos Ganan, Maciej Korczynski, and Michel van Eeten, in ACM Transactions on Internet Technology (ACM TOIT), Volume 18 Issue 4, September 2018 "Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting", Samaneh Tajalizadehkhoob, Tom van Goethem, Maciej Korczynski, Arman Noroozian, Rainer Bohme, Tyler Moore, Wouter Joosen, Michel van Eeten, in Proceedings of ACM Conference on Computer and Communications Security (ACM CCS), October 2017 (Acceptance rate: 18,1%) "No domain left behind: is Let's Encrypt democratizing encryption?", Maarten Aertsen, Maciej Korczynski, Giovane C. M. Moura, Samaneh Tajalizadehkhoob, and Jan van den Berg, in Proceedings of Applied Networking Research Workshop 2017 (ANRW'17), Prague, Czech Republic, July 2017 "Make Notifications Great Again: Learning How to Notify in the Age of Large-Scale Vulnerability Scanning", Orcun Cetin, Carlos Ganan, Maciej Korczynski and Michel van Eeten, WEIS 2017, La Jolla, CA, June 2017 (Acceptance rate: 31,4%) "Inferring Security Performance of Providers from Noisy and Heterogenous Abuse Datasets", Arman Noroozian, Michael Ciere, Maciej Korczynski, Samaneh Tajalizadehkhoob and Michel van Eeten, WEIS 2017, La Jolla, CA, June 2017 (Acceptance rate: 31,4%) "Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs", Maciej Korczynski, Samaneh Tajalizadehkhoob, Arman Noroozian, Maarten Wullink, Cristian Hesselman, and Michel van Eeten, IEEE European Symposium on Security and Privacy (Euro S&P 2017), Paris, April 2017 (Acceptance rate: 19,6%) "Using Loops Observed in Traceroute to Infer Ability to Spoof", Qasim Lone, Matthew Luckie, Maciej Korczynski, and Michel van Eeten, Passive and Active Measurement Conference (PAM 2017), pages 229-241, Sydney, March 2017 (Acceptance rate: 23%) "Anomaly Detection Through Information Sharing Under Different Topologies", Lazaros K. Gallos, Maciej Korczynski, and Nina H. Fefferman, EURASIP Journal on Information Security (2017), pages 1-10, February 2017 "Zone Poisoning: The How and Where of Non-Secure DNS Dynamic Updates", Maciej Korczynski, Michal Krol, and Michel van Eeten, ACM SIGCOMM Internet Measurement Conference (IMC'16), pages 271-278, Santa Monica, November 2016 (Acceptance rate: 25,3%) "Who Gets the Boot? Analyzing Victimization by DDoS-as-a-Service", Arman Noroozian, Maciej Korczynski, Carlos Hernandez Ganan, Daisuke Makita, Katsunari Yoshioka, and Michel van Eeten, International Symposium on Research in Attacks, Intrusions and Defenses (RAID'16), pages 368-389, Paris, September 2016 (Acceptance rate: 25,9%) "Stopping Amplified DNS DDoS Attacks Through Query Rate Sharing Between DNS Resolvers", Saurabh Verma, Ali Hamieh, Jun Ho Huh, Henrik Holm, Siva Raj Rajagopalan, Maciej Korczynski, and Nina H. Fefferman, International Conference on Availability, Reliability and Security (ARES'16), pages 1-10, Salzburg, September 2016 (Acceptance rate: 24,4%) "Hive Oversight for Network Intrusion Early Warning Using DIAMoND: A Bee-Inspired Method for Fully Distributed Cyber Defense", Maciej Korczynski, Ali Hamieh, Jun Ho Huh, Henrik Holm, S. Raj Rajagopalan, and Nina H. Fefferman, (extended version of ICCCN'15) IEEE Communications Magazine (CM), pages 60-67, June 2016 "Apples, Oranges and Hosting Providers: Heterogeneity and Security in the Hosting Market", Samaneh Tajalizadehkhoob, Maciej Korczynski, Arman Noroozian, Carlos Hernandez Ganan, and Michel van Eeten, IEEE/IFIP Network Operations and Management Symposium (NOMS'16), pages 1-9, Istanbul, April 2016 (Acceptance rate: 25.3%) "Developing Security Reputation Metrics for Hosting Providers", Arman Noroozian, Maciej Korczynski, Samaneh Tajalizadehkhoob, and Michel van Eeten, USENIX Workshop on Cyber Security Experimentation and Test (USENIX CSET'15), pages 1-8, Washington, D.C., August 2015 (Acceptance rate: 30.76%) "DIAMoND: Distributed Intrusion/Anomaly Monitoring for Nonparametric Detection", Maciej Korczynski, Ali Hamieh, Jun Ho Huh, Henrik Holm, S. Raj Rajagopalan, and Nina H. Fefferman, IEEE International Conference on Computer Communications and Networks (ICCCN'15), pages 1-8, Las Vegas, August 2015 (Acceptance rate: 25%) "Markov Chain Fingerprinting to Classify Encrypted Traffic", Maciej Korczynski, Andrzej Duda IEEE International Conference on Computer Communications (INFOCOM'14), pages 1-9, Toronto, April 2014 (Acceptance rate: 19.4%) "Two Methods for Detection Malware", Maciej Korczynski, Gilles Berger-Sabbatel, Andrzej Duda 6th INDECT/IEEE International Conference on Multimedia Communications, Services and Security, pages 1-12, Cracow, June 2013 "Classifying Service Flows in the Encrypted Skype Traffic", Maciej Korczynski, Andrzej Duda, IEEE International Conference on Communications (ICC'12), pages 1064-1068, Ottawa, June 2012 "An Accurate Sampling Scheme for Detecting SYN Flooding Attacks and Portscans", Maciej Korczynski, Lucjan Janowski, Andrzej Duda, IEEE International Conference on Communications (ICC'11) , pages 1-5, Kyoto, June 2011 "Architecture of a Platform for Malware Analysis and Confinement", Gilles Berger-Sabbatel, Maciej Korczynski, Andrzej Duda, 3rd INDECT/IEEE International Conference on Multimedia Communications, Services and Security, Cracow, May 2010
	HDR thesis: "Traffic Measurements and Data Analysis for DNS Security", Maciej Korczynski, Grenoble, December 2021 Ph.D. thesis: "Classifying Application Flows and Intrusion Detection in Internet Traffic", Maciej Korczynski, Grenoble, November 2012
	Master of Science thesis (in English): "Evaluating Impact of Sampling Methods on Detection of DDoS Attacks Accuracy for Unified Rate Limiting Algorithm", Maciej Korczynski, Cracow, July 2009 Selected Talks: "Zone poisonng and General Data Protection Regulation" (speaker), ICANN 63 meeting, Barcelona, Spain, October 22, 2018 Trends in Abuse: New and Legacy gTLDs (speaker), 41st M3AAWG General Meeting, Toronto, Canada, September 5, 2017 Statistical Analysis of DNS Abuse in gTLDs (SADAG) (invited speaker), ICANN 59 meeting, Johannesburg, South Africa, June 27, 2017 Zone Poisoning: The How and Where of Non-Secure DNS Dynamic Updates (speaker), DNS-OARC 2017 Spring Workshop, Madrid, Spain, May 15, 2017 Statistical Analysis of DNS Abuse in generic Top-Level Domains, ICANN meeting (invited speaker), Copenhagen, Denmark, March 14, 2017 Measuring Malware and Phishing Rates in .nl and Other TLDs (co-author), Council of European National Top-Level Domain Registries (CENTR), Belgrade, Serbia, October 6, 2016 Who gets the Boot? Analyzing Victimization by DDoS-as-a-Service (keynote speaker), Tech Together (ISPConnect & Dutch Hosting Provider Association), Nieuwegein, The Netherlands, September 1, 2016 Tackling Internet Pollution Using Science and Law Enforcement (invited speaker), Cambridge Cybercrime Centre: Inaugural Cybercrime Conference, Cambridge, UK, July 14, 2016 "Reputation metrics for TLDs and hosting providers" pdf (speaker), ICANN meeting, Tech Day, Dublin, Ireland, October 19, 2015 "Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs" pdf (invited speaker), Dutch Hosting Provider Association TechDay, The Hague, The Netherlands, May 21, 2015 "Clean Netherlands: Tackling Internet Pollution Using Science and Law Enforcement" pdf (speaker), International NCSC (National Cyber Security Centre) One Conference 2015, The Hague, The Netherlands, April 13-14, 2015 "Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs" (invited speaker, panelist), The First IAS-YNU Symposium on Information and Physical Security, Yokohama, Japan, March 18, 2015 "Badness Metrics for Hosters: Ranking Abuse in the Dutch Market" (co-author), Digital Crimes Consortium, Miami, Florida, USA, March 12, 2015 "Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs" (speaker), DNS-OARC 2014 Fall Workshop, Los Angeles, California, USA, October 11-13, 2014
Projects	Ongoing Projects: PrevDDoS: Preventing DDoS Attacks. Project funded by the IDEX Universite Grenoble Alpes Initiatives de Recherche Strategiques (IRS) (2019-2021). Role: Principal Investigator COMAR: Classification of compromised versus maliciously registered domains (2018-2021). Project funded by SIDN and AFNIC. Role Principal Investigator DINS: DNS Naming and Services for Secure Seamless IoT. Project funded by the Agence Nationale de la Recherche (ANR). Project in collaboration with AFNIC, ACKLIO, Bouygues Telecom, and IMT Atlantique (2020-2023). Role: Senior researcher Past Projects: SADAG: Statistical Analysis of DNS Abuse in generic Top-Level Domains (2016-2017). Project in collaboration with SIDN and the Internet Corporation for Assigned Names and Numbers (ICANN). Project coordinator: SIDN Labs. Role co-Principal Investigator, senior researcher REMEDI3S-TLD Phase 2: Reputation Metrics Design to Improve Intermediary Incentives for Security of Top-Level Domains (2016-2017). Project in collaboration with SIDN Labs. Role: Principal Investigator Benchmark System for the Security of the Dutch Hosting Market. Project funded by the Dutch Ministry of Economics (2016-2018). Role: Principal Investigator Crowd-sourcing BCP38 Compliance Measurements (2017). Project in collaboration with NCSC. Role: co-Principal Investigator REMEDI3S-TLD: Reputation Metrics Design to Improve Intermediary Incentives for Security of Top-Level Domains. Project in collaboration with SIDN Labs and National Cyber-Security Centrum (2014-2016). Role: Senior researcher Nederland Schoon (Clean NL): Project aims to tackle Internet pollution in the Dutch hosting market. A collaboration between the Dutch National Police, the Authority for Consumers and Markets (ACM), the Public Prosecutor, and Delft University of Technology. Role: Senior researcher Nature-Inspired Cyber Health: DHS project on bio-inspired distributed decision algorithms for anomaly detection (2013-2015). Role: Senior researcher INDECT: European research project on the security of citizens in both real and virtual environments (2009-2014). Role: PhD researcher COST IC0703: European research project on traffic monitoring and analysis (2008-2012). Role: Junior researcher PBZ: National project on next-generation services and networks (2007-2010). Role: Junior researcher.
Courses	I teach "Introduction a la securite", "Ingenierie de la securite", "Securite des reseaux", and "Reseaux: Complements et Applications (partie DNS)" courses at Grenoble INP - Ensimag (Master RIE, academic years 2018/2019, 2019/2020). I taught the "Reseaux: Telecommunications" and "Reseaux: Complements et Applications" courses at Grenoble INP - Ensimag in 2017/2018. I prepared the course on Understanding International Grand Challenges in Cyber Security at Delft University of Technology during the academic year 2016/2017. In July 2016, I gave a guest lecture on Economics of Cyber Security at the Risk Management Summer School at TU Delft. I gave the Security of Information Systems course at the University of Joseph Fourier in Grenoble and Introduction aux Reseaux de Communications at Grenoble INP during the academic year 2011/2012.