Maciej Korczynski, Ph.D.

Post-Doctoral Researcher

Delft University of Technology
Economics of Cybersecurity

Jaffalaan 5, B2.170
2628 BX, Delft,
The Netherlands

e-mail: maciej.korczynski at
Phone: +31 (0)15 2784451
PGP key ID: 848571D0

Short biography I am a post-doctoral researcher at TU Delft and a member of the Economics of Cybersecurity group analyzing large-scale Internet measurement and incident data to identify how providers of Internet services deal with security risks and incidents.

I was a visiting scientist at the Yokohama National University in March 2015.

Between February 2013 and May 2014, I was post-doctoral researcher at Rutgers University and a member of the Fefferman Lab investigating bio-inspired algorithms in distributed anomaly detection systems.

I received my Ph.D. in Computer Science from the University of Joseph Fourier in Grenoble. Between October 2009 and December 2012 I was a member of the Drakkar group at LIG Lab.

Until 2012 I was an active member of the group of the researchers within the COST Action IC0703 "Data Traffic Monitoring and Analysis (TMA)" dedicated to traffic measurement and network attack detection in the Department of Telecommunications in AGH University of Science and Technology.

I received my M.Sc. in Electronics and Telecommunications from the AGH University of Science and Technology in 2009.

In 2009 I was an invited researcher student in Network Management and Optimal Design Laboratory (NETMODE) at National Technical University of Athens (Short Term Scientific Mission within the COST Action IC0703).

Between October 2007 and January 2008 I was an exchange student in Department of Electrical and Communications Engineering (Communications Laboratory) at Aalto University (former Helsinki University of Technology), Helsinki, Finland.

  • [2016.12.13] I'm very happy to announce that we kicked off a new study for ICANN together with SIDN Labs to investigate the abuse of domain names in new and legacy gTLDs. Please check our blog post and the SADAG site for more information.
  • [2016.05.05] I will give a talk about the Clean Netherlands project titled: "Tackling Internet pollution using science and law enforcement" at a cybercrime conference organized by the Cambridge Cloud Cybercrime Centre on Thursday, 14th July 2016.
Scientific interests I am interested in areas related to network security:
  • Network traffic measurement, analysis, and classification
  • Distributed detection and confinement of abnormal activities in network traffic
  • Reputation metrics to improve intermediary incentives for security

Publications Selected Publications:
  • "Who Gets the Boot? Analyzing Victimization by DDoS-as-a-Service", Arman Noroozian, Maciej Korczynski, Carlos Hernandez Ganan, Daisuke Makita, Katsunari Yoshioka, and Michel van Eeten, International Symposium on Research in Attacks, Intrusions and Defenses (RAID'16), pages 368-389, Paris, September 2016 (Acceptance rate: 25,9%)
  • "Two Methods for Detection Malware", Maciej Korczynski, Gilles Berger-Sabbatel, Andrzej Duda 6th INDECT/IEEE International Conference on Multimedia Communications, Services and Security, pages 1-12, Cracow, June 2013
Ph.D. thesis (in English):
Master of Science thesis (in English):
  • "Evaluating Impact of Sampling Methods on Detection of DDoS Attacks Accuracy for Unified Rate Limiting Algorithm", Maciej Korczynski, Cracow, July 2009
Selected Talks:
  • Statistical Analysis of DNS Abuse in generic Top-Level Domains, ICANN meeting (invited speaker), Copenhagen, Denmark, March 14, 2017
  • Measuring Malware and Phishing Rates in .nl and Other TLDs (co-author), Council of European National Top-Level Domain Registries (CENTR), Belgrade, Serbia, October 6, 2016
  • Who gets the Boot? Analyzing Victimization by DDoS-as-a-Service (keynote speaker), Tech Together (ISPConnect & Dutch Hosting Provider Association), Nieuwegein, The Netherlands, September 1, 2016
  • Tackling Internet Pollution Using Science and Law Enforcement (invited speaker), Cambridge Cybercrime Centre: Inaugural Cybercrime Conference, Cambridge, UK, July 14, 2016
  • "Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs" (invited speaker, panelist), The First IAS-YNU Symposium on Information and Physical Security, Yokohama, Japan, March 18, 2015
  • "Badness Metrics for Hosters: Ranking Abuse in the Dutch Market" (co-author), Digital Crimes Consortium, Miami, Florida, USA, March 12, 2015
Projects Past Projects:
  • Nederland Schoon (Clean NL): Project aims to tackle Internet pollution in the Dutch hosting market. A collaboration between Dutch National Police, the Authority for Consumers and Markets (ACM), the Public Prosecutor, and Delft University of Technology. Role: Senior researcher
  • Nature-Inspired Cyber Health: DHS project on bio-inspired distributed decision algorithms for anomaly detection (2013-2015). Role: Senior researcher
  • INDECT: European research project on security of citizens in both real and virtual environments (2009-2014). Role: PhD researcher
  • COST IC0703: European research project on traffic monitoring and analysis (2008-2012). Role: Junior researcher
  • PBZ: National project on next generation services and networks (2007-2010). Role: Junior researcher.

Ongoing Projects:

  • SADAG: Statistical Analysis of DNS Abuse in generic Top-Level Domains (2016-2017). Project in collaboration with SIDN and the Internet Corporation for Assigned Names and Numbers (ICANN). Project coordinator: SIDN Labs. Role co-Principal Investigator, senior researcher
  • REMEDI3S-TLD Phase 2: Reputation Metrics Design to Improve Intermediary Incentives for Security of Top-Level Domains (2016-2017). Project in collaboration with SIDN Labs. Role: Principal Investigator
  • Benchmark System for the Security of the Dutch Hosting Market. Project founded by the Dutch Ministry of Economics (2016-2018). Role: Principal Investigator
  • Crowd-sourcing BCP38 Compliance Measurements (2017). Project in collaboration with NCSC. Role: co-Principal Investigator

Courses I gave the Security of Information Systems course at University of Joseph Fourier in Grenoble and Introduction aux Reseaux de Communications at Grenoble INP during the academic year 2011/2012.

I prepared the course on Understanding International Grand Challenges in Cyber Security at Delft University of Technology during the academic year 2016/2017. In July 2016, I gave a guest lecture entitled "Economics of Cyber Security" at the Risk Management Summer School at TU Delft.