DNS abuse & domain intelligence
Measuring malicious registrations, compromised websites, TLD and registrar-level abuse, WHOIS/RDAP signals, TLS certificates, and hosting infrastructure.
Cybersecurity · Internet measurement · DNS abuse
Maciej Korczyński
I am a Professor of Computer Science at Grenoble INP–Ensimag, a member of the Drakkar team at the Grenoble Computer Science Laboratory, and a Junior member of the Institut Universitaire de France (IUF), Innovation Chair. My research focuses on cybersecurity and Internet measurement. My work turns large-scale Internet measurements into actionable intelligence for defending the DNS, disrupting phishing infrastructure, and improving the security incentives of Internet intermediaries.
About
Research that bridges measurement, operations, and policy
I received my Ph.D. in Computer Science from Université Grenoble Alpes and my HDR in 2021 with the dissertation Traffic Measurements and Data Analysis for DNS Security. Before joining Ensimag, I was a postdoctoral researcher at Rutgers University and TU Delft, where I worked on distributed anomaly detection and the economics of cybersecurity.
Since 2017, I have been affiliated with Grenoble INP–Ensimag and LIG/Drakkar. I became Professor of Computer Science in 2024. I also co-founded KOR Labs Cybersecurity, a university spin-off focused on operational threat intelligence and coordinated mitigation of Internet abuse.
Research
Themes
I work at the intersection of cybersecurity, Internet measurement, data science, and Internet governance.
Phishing and cybercrime infrastructure
Building datasets and methods to detect, classify, and mitigate phishing campaigns, botnet domains, URL-shortener abuse, and deceptive brand infrastructure.
Internet-scale protocol security
Studying DNSSEC validation, dynamic DNS updates, source address validation, email anti-spoofing, IPFS abuse, and resilient blocklist/whitelist construction.
Human-governed AI for defence
Designing adaptive, auditable AI-assisted cyber-defence workflows that combine autonomous agents with human oversight and operational constraints.
Innovation & transfer
From empirical research to deployed defences
IUF Innovation Chair, 2026–2031
My IUF project, Human-Governed Autonomous AI Agents for Adaptive Cyber Defence, investigates how autonomous AI agents can support cyber-defence while remaining accountable, human-governed, and aligned with operational reality.
KOR Labs Cybersecurity
KOR Labs is a university spin-off co-founded in 2021 with Andrzej Duda. It develops real-time cyber-threat intelligence for registries, CERTs, enterprises, and the broader Internet community.
INFERMAL
The INFERMAL project studies why attackers prefer certain domain-registration ecosystems and how policies, prices, proactive checks, and reactive practices can reduce phishing-domain abuse.
Operational communities
I represent Université Grenoble Alpes at Europol’s Advisory Group on Research & Development and participate in Internet infrastructure and anti-abuse communities where research results can inform operational practice.
Latest papers
Securing the Missing Link: Encrypted Recursive-to-Authoritative DNS in the Wild
Yevheniya Nosyk, Simon Fernandez, Andrzej Duda, Maciej Korczyński, ACM Internet Measurement Conference (IMC 2026).
Evaluating design decisions and bias resistance for passive DNS-based domain rankings
Victor Le Pochat, Simon Fernandez, Samaneh Tajalizadehkhoob, Lieven Desmet, Andrzej Duda, Wouter Joosen, Maciej Korczyński, IEEE Transactions on Network and Service Management (2026)
The Illusion of DDR Deployment
Yevheniya Nosyk, Andrzej Duda, Maciej Korczyński, ACM/IRTF Applied Networking Research Workshop (ANRW 2026).
Netting Phish in the IPFS Ocean: Real-Time Monitoring and Characterization of Decentralized Phishing Campaigns
Anas Kastantin, Leonhard Balduf, Onur Ascigil, Saidu Sokoto, Björn Scheuermann, Andrzej Duda, Michał Król, Maciej Korczyński, The Web Conference (WWW 2026): 2626–2636.
Exposing the Roots of DNS Abuse: A Data-Driven Analysis of Key Factors Behind Phishing Domain Registrations
Yevheniya Nosyk, Maciej Korczyński, Carlos Gañán, Sourena Maroofi, Jan Bayer, Zul Odgerel, Samaneh Tajalizadehkhoob, Andrzej Duda, ACM Conference on Computer and Communications Security (CCS 2025): 618–632.
Short Path to Phishing: Identifying Misused URL Shortening Services in the Wild
Zul Odgerel, Yevheniya Nosyk, Jan Bayer, Sourena Maroofi, Louis Bedeschi, Andrzej Duda, Maciej Korczyński, Symposium on Electronic Crime Research (eCrime 2025): 1–13.
LogoTrust: Leveraging BIMI to Build a Validated Dataset of Brands, Domain Names, and Logos
Youssef Abyaa, Olivier Hureau, Andrzej Duda, Maciej Korczyński, Workshop on Traffic Measurements for Cybersecurity (WTMC 2025).
Full publication list
Conferences
- Netting Phish in the IPFS Ocean: Real-Time Monitoring and Characterization of Decentralized Phishing Campaigns, Anas Kastantin, Leonhard Balduf, Onur Ascigil, Saidu Sokoto, Björn Scheuermann, Andrzej Duda, Michał Król, Maciej Korczyński, The Web Conference (WWW 2026): 2626–2636.
- Securing the Missing Link: Encrypted Recursive-to-Authoritative DNS in the Wild, Yevheniya Nosyk, Simon Fernandez, Andrzej Duda, Maciej Korczyński, ACM Internet Measurement Conference (IMC 2026).
- Exposing the Roots of DNS Abuse: A Data-Driven Analysis of Key Factors Behind Phishing Domain Registrations, Yevheniya Nosyk, Maciej Korczyński, Carlos Gañán, Sourena Maroofi, Jan Bayer, Zul Odgerel, Samaneh Tajalizadehkhoob, Andrzej Duda, ACM Conference on Computer and Communications Security (CCS 2025): 618–632.
- Short Path to Phishing: Identifying Misused URL Shortening Services in the Wild, Zul Odgerel, Yevheniya Nosyk, Jan Bayer, Sourena Maroofi, Louis Bedeschi, Andrzej Duda, Maciej Korczyński, Symposium on Electronic Crime Research (eCrime 2025): 1–13.
- Characterizing and Mitigating Phishing Attacks at ccTLD Scale, Giovane C. M. Moura, Thomas Daniels, Maarten Bosteels, Sebastian Castro, Moritz Müller, Thymen Wabeke, Thijs van den Hout, Maciej Korczyński, Georgios Smaragdakis, ACM Conference on Computer and Communications Security (CCS 2024): 2147–2161.
- Stress Testing the DMARC Reporting System: Compliance with Standards and Ways of Improvement, Olivier Hureau, Andrzej Duda, Maciej Korczyński, ACM International Conference on emerging Networking EXperiments and Technologies (CoNEXT 2024): 1–9.
- Looking at the Blue Skies of Bluesky, Leonhard Balduf, Saidu Sokoto, Onur Ascigil, Gareth Tyson, Björn Scheuermann, Maciej Korczyński, Ignacio Castro, Michał Król, ACM Internet Measurement Conference (IMC 2024): 76–91.
- Zeros Are Heroes: NSEC3 Parameter Settings in the Wild, Cordian Alexander Daniluk, Yevheniya Nosyk, Andrzej Duda, Maciej Korczyński, ACM Internet Measurement Conference (IMC 2024): 415–422.
- Shielding Brands: An In-Depth Analysis of Defensive Domain Registration Practices Against Cyber-Squatting, Ben Chukwuemeka Benjamin, Jan Bayer, Simon Fernández, Andrzej Duda, Maciej Korczyński, Network Traffic Measurement and Analysis Conference (TMA 2024): 1–11.
- Evaluating the Impact of Design Decisions on Passive DNS-Based Domain Rankings, Victor Le Pochat, Simon Fernandez, Tom Van Goethem, Samaneh Tajalizadehkhoob, Lieven Desmet, Andrzej Duda, Wouter Joosen, Maciej Korczyński, Network Traffic Measurement and Analysis Conference (TMA 2024): 1–11. TMA 2024 Community Contribution Award.
- Guardians of the Galaxy: Content Moderation in the InterPlanetary File System, Saidu Sokoto, Leonhard Balduf, Dennis Trautwein, Yiluo Wei, Gareth Tyson, Ignacio Castro, Onur Ascigil, George Pavlou, Maciej Korczyński, Björn Scheuermann, Michał Król, USENIX Security Symposium 2024.
- Spoofed Emails: An Analysis of the Issues Hindering a Larger Deployment of DMARC, Olivier Hureau, Jan Bayer, Andrzej Duda, Maciej Korczyński, Passive and Active Measurement Conference (PAM 2024). Nominated for the Best Paper Award.
- WHOIS Right? An Analysis of WHOIS and RDAP Consistency, Simon Fernandez, Olivier Hureau, Andrzej Duda, Maciej Korczyński, Passive and Active Measurement Conference (PAM 2024). Best Community Dataset Award.
- Building a Resilient Domain Whitelist to Enhance Phishing Blocklist Accuracy, Jan Bayer, Sourena Maroofi, Olivier Hureau, Andrzej Duda, Maciej Korczyński, Symposium on Electronic Crime Research (eCrime 2023).
- Extended DNS Errors: Unlocking the Full Potential of DNS Troubleshooting, Yevheniya Nosyk, Maciej Korczyński, Andrzej Duda, ACM Internet Measurement Conference (IMC 2023). Applied Networking Research Prize 2024.
- The Cloud Strikes Back: Investigating the Decentralization of IPFS, Leonhard Balduf, Maciej Korczyński, Onur Ascigil, Navin V. Keizer, George Pavlou, Björn Scheuermann, Michał Król, ACM Internet Measurement Conference (IMC 2023). Nominated for the Best Paper Award.
- Guardians of DNS Integrity: A Remote Method for Identifying DNSSEC Validators Across the Internet, Yevheniya Nosyk, Maciej Korczyński, Andrzej Duda, IEEE TrustCom 2023.
- Don’t Get Hijacked: Prevalence, Mitigation, and Impact of Non-Secure DNS Dynamic Updates, Yevheniya Nosyk, Maciej Korczyński, Carlos H. Gañán, Michał Król, Qasim Lone, Andrzej Duda, IEEE TrustCom 2023.
- Hazardous Echoes: The DNS Resolvers that Should Be Put on Mute, Ramin Yazdani, Yevheniya Nosyk, Ralph Holz, Maciej Korczyński, Mattijs Jonker, Anna Sperotto, Network Traffic Measurement and Analysis Conference (TMA 2023).
- Intercept and Inject: DNS Response Manipulation in the Wild, Yevheniya Nosyk, Qasim Lone, Yury Zhauniarovich, Carlos Hernandez Gañán, Emile Aben, Giovane C. M. Moura, Samaneh Tajalizadehkhoob, Andrzej Duda, Maciej Korczyński, Passive and Active Measurement Conference (PAM 2023).
- Operational Domain Name Classification: From Automatic Ground Truth Generation to Adaptation to Missing Values, Jan Bayer, Ben Chukwuemeka Benjamin, Sourena Maroofi, Thymen Wabeke, Cristian Hesselman, Andrzej Duda, Maciej Korczyński, Passive and Active Measurement Conference (PAM 2023).
- Deployment of Source Address Validation by Network Operators: A Randomized Control Trial, Qasim Lone, Alisa Frik, Matthew Luckie, Maciej Korczyński, Michel van Eeten, Carlos Gañán, IEEE Symposium on Security and Privacy (IEEE S&P 2022): 2361–2378.
- Early Detection of Spam Domains with Passive DNS and SPF, Simon Fernandez, Maciej Korczyński, Andrzej Duda, Passive and Active Measurement Conference (PAM 2022).
- Routing Loops as Mega Amplifiers for DNS-based DDoS Attacks, Yevheniya Nosyk, Maciej Korczyński, Andrzej Duda, Passive and Active Measurement Conference (PAM 2022).
- Semantic Identifiers and DNS Names for IoT, Simon Fernandez, Michele Amoretti, Fabrizio Restori, Maciej Korczyński, Andrzej Duda, IEEE International Conference on Computer Communications and Networks (ICCCN 2021).
- Are You Human? Resilience of Phishing Detection to Evasion Techniques Based on Human Verification, Sourena Maroofi, Maciej Korczyński, Andrzej Duda, ACM Internet Measurement Conference (IMC 2020).
- COMAR: Classification of Compromised versus Maliciously Registered Domains, Sourena Maroofi, Maciej Korczyński, Cristian Hesselman, Benoît Ampeau, Andrzej Duda, IEEE European Symposium on Security and Privacy (EuroS&P 2020).
- From Defensive Registration to Subdomain Protection: Evaluation of Email Anti-Spoofing Schemes for High-Profile Domains, Sourena Maroofi, Maciej Korczyński, Andrzej Duda, Network Traffic Measurement and Analysis Conference (TMA 2020). Best Paper Award.
- Don’t Forget to Lock the Front Door! Inferring the Deployment of Source Address Validation of Inbound Traffic, Maciej Korczyński, Yevheniya Nosyk, Qasim Lone, Marcin Skwarek, Baptiste Jonglez, Andrzej Duda, Passive and Active Measurement Conference (PAM 2020).
- A Practical Approach for Taking Down Avalanche Botnets Under Real-World Constraints, Victor Le Pochat, Tim Van Hamme, Sourena Maroofi, Tom Van Goethem, Davy Preuveneers, Andrzej Duda, Wouter Joosen, Maciej Korczyński, Network and Distributed System Security Symposium (NDSS 2020).
- Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation, Victor Le Pochat, Tom Van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczyński, Wouter Joosen, Network and Distributed System Security Symposium (NDSS 2019). ACSAC 2022 Impactful Dataset Award.
- Clusters in the Expanse: Understanding and Unbiasing IPv6 Hitlists, Oliver Gasser, Quirin Scheitle, Pawel Foremski, Qasim Lone, Maciej Korczyński, Stephen D. Strowes, Luuk Hendriks, Georg Carle, ACM Internet Measurement Conference (IMC 2018): 364–378.
- Using Crowdsourcing Marketplaces for Network Measurements: The Case of Spoofer, Qasim Lone, Matthew Luckie, Maciej Korczyński, Hadi Asghari, Mobin Javed, Michel van Eeten, Network Traffic Measurement and Analysis Conference (TMA 2018).
- Cybercrime After the Sunrise: A Statistical Analysis of DNS Abuse in New gTLDs, Maciej Korczyński, Maarten Wullink, Samaneh Tajalizadehkhoob, Giovane C. M. Moura, Arman Noroozian, Drew Bagley, Cristian Hesselman, ACM Asia Conference on Computer and Communications Security (AsiaCCS 2018).
- In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements, Oliver Gasser, Benno H. Hof, Maximilian Helm, Maciej Korczyński, Ralph Holz, Georg Carle, Passive and Active Measurement Conference (PAM 2018). Best Paper Award.
- Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting, Samaneh Tajalizadehkhoob, Tom van Goethem, Maciej Korczyński, Arman Noroozian, Rainer Böhme, Tyler Moore, Wouter Joosen, Michel van Eeten, ACM Conference on Computer and Communications Security (CCS 2017).
- Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs, Maciej Korczyński, Samaneh Tajalizadehkhoob, Arman Noroozian, Maarten Wullink, Cristian Hesselman, Michel van Eeten, IEEE European Symposium on Security and Privacy (EuroS&P 2017).
- Using Loops Observed in Traceroute to Infer Ability to Spoof, Qasim Lone, Matthew Luckie, Maciej Korczyński, Michel van Eeten, Passive and Active Measurement Conference (PAM 2017).
- Zone Poisoning: The How and Where of Non-Secure DNS Dynamic Updates, Maciej Korczyński, Michał Król, Michel van Eeten, ACM Internet Measurement Conference (IMC 2016): 271–278.
- Who Gets the Boot? Analyzing Victimization by DDoS-as-a-Service, Arman Noroozian, Maciej Korczyński, Carlos Hernandez Gañán, Daisuke Makita, Katsunari Yoshioka, Michel van Eeten, International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2016).
- Stopping Amplified DNS DDoS Attacks Through Query Rate Sharing Between DNS Resolvers, Saurabh Verma, Ali Hamieh, Jun Ho Huh, Henrik Holm, Siva Raj Rajagopalan, Maciej Korczyński, Nina H. Fefferman, International Conference on Availability, Reliability and Security.
- Apples, Oranges and Hosting Providers: Heterogeneity and Security in the Hosting Market, Samaneh Tajalizadehkhoob, Maciej Korczyński, Arman Noroozian, Carlos Hernandez Gañán, Michel van Eeten, IEEE/IFIP Network Operations and Management Symposium (NOMS 2016).
- DIAMoND: Distributed Intrusion/Anomaly Monitoring for Nonparametric Detection, Maciej Korczyński, Ali Hamieh, Jun Ho Huh, Henrik Holm, S. Raj Rajagopalan, Nina H. Fefferman, IEEE International Conference on Computer Communications and Networks (ICCCN 2015).
- Markov Chain Fingerprinting to Classify Encrypted Traffic, Maciej Korczyński, Andrzej Duda, IEEE International Conference on Computer Communications (INFOCOM 2014): 781–789.
- Two Methods for Detection Malware, Maciej Korczyński, Gilles Berger-Sabbatel, Andrzej Duda, International Conference on Multimedia Communications, Services and Security (MCSS 2013).
- Classifying Service Flows in the Encrypted Skype Traffic, Maciej Korczyński, Andrzej Duda, IEEE International Conference on Communications (ICC 2012): 1064–1068.
- An Accurate Sampling Scheme for Detecting SYN Flooding Attacks and Portscans, Maciej Korczyński, Lucjan Janowski, Andrzej Duda, IEEE International Conference on Communications (ICC 2011).
- Architecture of a Platform for Malware Analysis and Confinement, Gilles Berger-Sabbatel, Maciej Korczyński, Andrzej Duda, International Conference on Multimedia Communications, Services and Security (MCSS 2010).
Journal articles
- Evaluating design decisions and bias resistance for passive DNS-based domain rankings, Victor Le Pochat, Simon Fernandez, Samaneh Tajalizadehkhoob, Lieven Desmet, Andrzej Duda, Wouter Joosen, Maciej Korczyński, IEEE Transactions on Network and Service Management, Early Access.
- The Closed Resolver Project: Measuring the Deployment of Inbound Source Address Validation, Yevheniya Nosyk, Maciej Korczyński, Qasim Lone, Marcin Skwarek, Baptiste Jonglez, Andrzej Duda, IEEE/ACM Transactions on Networking.
- Adoption of Email Anti-Spoofing Schemes: A Large Scale Analysis, Sourena Maroofi, Maciej Korczyński, Arnold Hölzel, Andrzej Duda, IEEE Transactions on Network and Service Management.
- Rotten Apples or Bad Harvest? What We Are Measuring When We Are Measuring Abuse, Samaneh Tajalizadehkhoob, Rainer Böhme, Carlos Gañán, Maciej Korczyński, Michel van Eeten, ACM Transactions on Internet Technology.
- Anomaly Detection Through Information Sharing Under Different Topologies, Lazaros K. Gallos, Maciej Korczyński, Nina H. Fefferman, EURASIP Journal on Information Security.
- Hive Oversight for Network Intrusion Early Warning Using DIAMoND: A Bee-Inspired Method for Fully Distributed Cyber Defense, Maciej Korczyński, Ali Hamieh, Jun Ho Huh, Henrik Holm, S. Raj Rajagopalan, Nina H. Fefferman, IEEE Communications Magazine.
Book chapters
- Security Reputation Metrics, Maciej Korczyński, Arman Noroozian, Encyclopedia of Cryptography, Security and Privacy, Springer.
- Source Address Validation, Maciej Korczyński, Yevheniya Nosyk, Encyclopedia of Cryptography, Security and Privacy, Springer.
- DIAMoND: Distributed Intrusion/Anomaly Monitoring for Nonparametric Detection, Maciej Korczyński, Ali Hamieh, Jun Ho Huh, Henrik Holm, S. Raj Rajagopalan, Nina H. Fefferman, Advances in Computer Communications and Networks, River Publishers.
Workshops and reports
- The Illusion of DDR Deployment, Yevheniya Nosyk, Andrzej Duda, Maciej Korczyński, ACM/IRTF Applied Networking Research Workshop (ANRW 2026).
- LogoTrust: Leveraging BIMI to Build a Validated Dataset of Brands, Domain Names, and Logos, Youssef Abyaa, Olivier Hureau, Andrzej Duda, Maciej Korczyński, Workshop on Traffic Measurements for Cybersecurity (WTMC 2025).
- Bypassing Audio reCAPTCHA with Automatic Speech Recognition Models, Paul Aubry, Juliette Devoivre, Damien Carron, Simon Fernandez, Andrzej Duda, Maciej Korczyński, IEEE EuroS&P Workshops 2025: 1–5.
- Day in the Life of RIPE Atlas: Operational Insights and Applications in Network Measurements, Yevheniya Nosyk, Malte Tashiro, Qasim Lone, Robert Kisteleki, Andrzej Duda, Maciej Korczyński, Technical report.
- INFERMAL: Inferential Analysis of Maliciously Registered Domains, Yevheniya Nosyk, Maciej Korczyński, Carlos Gañán, Sourena Maroofi, Jan Bayer, Zul Odgerel, Samaneh Tajalizadehkhoob, Andrzej Duda, ICANN OCTO commissioned report.
- Exploring the Dark Side of AI: Advanced Phishing Attack Design and Deployment Using ChatGPT, Nils Begou, Jeremy Vinoy, Andrzej Duda, Maciej Korczyński, IEEE CNS Cyber Resilience Workshop 2023.
- Unveiling the Weak Links: Exploring DNS Infrastructure Vulnerabilities and Fortifying Defenses, Yevheniya Nosyk, Olivier Hureau, Simon Fernandez, Andrzej Duda, Maciej Korczyński, Workshop on Traffic Measurements for Cybersecurity (WTMC 2023).
- Study on Domain Name System (DNS) Abuse: Technical Report, Jan Bayer, Yevheniya Nosyk, Olivier Hureau, Simon Fernandez, Ivett Paulovics, Andrzej Duda, Maciej Korczyński, Publications Office of the European Union.
- Inferring the Deployment of Inbound Source Address Validation Using DNS Resolvers, Maciej Korczyński, Yevheniya Nosyk, Qasim Lone, Marcin Skwarek, Baptiste Jonglez, Andrzej Duda, ACM/IRTF Applied Networking Research Workshop (ANRW 2020).
- SAVing the Internet: Explaining the Adoption of Source Address Validation by Internet Service Providers, Qasim Lone, Maciej Korczyński, Carlos Gañán, Michel van Eeten, Workshop on the Economics of Information Security (WEIS 2020).
- Feasibility of Large-Scale Vulnerability Notifications after GDPR, Wissem Soussi, Maciej Korczyński, Sourena Maroofi, Andrzej Duda, Workshop on Traffic Measurements for Cybersecurity (WTMC 2020).
- Characterizing Vulnerability of DNS AXFR Transfers with Global-Scale Scanning, Marcin Skwarek, Maciej Korczyński, Wojciech Mazurczyk, Andrzej Duda, Workshop on Traffic Measurements for Cybersecurity (WTMC 2019).
- MLSEC: Benchmarking Shallow and Deep Machine Learning Models for Network Security, Pedro Casas, Gonzalo Marín, Germán Capdehourat, Maciej Korczyński, Workshop on Traffic Measurements for Cybersecurity (WTMC 2019).
- No Domain Left Behind: Is Let’s Encrypt Democratizing Encryption?, Maarten Aertsen, Maciej Korczyński, Giovane C. M. Moura, Samaneh Tajalizadehkhoob, Jan van den Berg, ACM/IRTF/ISOC Applied Networking Research Workshop (ANRW 2017).
- Make Notifications Great Again: Learning How to Notify in the Age of Large-Scale Vulnerability Scanning, Orcun Cetin, Carlos Gañán, Maciej Korczyński, Michel van Eeten, Workshop on the Economics of Information Security (WEIS 2017).
- Inferring Security Performance of Providers from Noisy and Heterogeneous Abuse Datasets, Arman Noroozian, Michael Ciere, Maciej Korczyński, Samaneh Tajalizadehkhoob, Michel van Eeten, Workshop on the Economics of Information Security (WEIS 2017).
- Developing Security Reputation Metrics for Hosting Providers, Arman Noroozian, Maciej Korczyński, Samaneh Tajalizadehkhoob, Michel van Eeten, USENIX Workshop on Cyber Security Experimentation and Test (CSET 2015).
Teaching
Cybersecurity education at Ensimag
I teach and coordinate courses in cybersecurity, network security, security engineering, advanced networks and security, and information security. My courses combine fundamentals with hands-on labs, realistic case studies, paper discussions, and research-oriented projects.
- Introduction to Cybersecurity — Master 1 RSC
- Network Security — Master 2 RIE/RSC
- Ingénierie de la sécurité — Master 2 RIE/RSC
- Réseaux avancés et sécurité — Ensimag 3A
- Information Security — MoSIG Master 2
Students & supervision
Open research directions
PhD and MSc projects
I am interested in strong students who want to work on DNS abuse, phishing infrastructure, Internet measurements, graph learning, and AI-assisted cyber defence.
Research culture
Projects typically combine measurement, careful dataset construction, reproducible analysis, responsible disclosure, and engagement with operational communities.
News
Recent updates
Co-organizing WTMC 2026 — submissions encouraged.
I am co-organizing the 11th International Workshop on Traffic Measurements for Cybersecurity, held with ACM CCS 2026 in The Hague. The paper submission deadline is July 13, 2026 (AoE).
New DNS encryption papers at ANRW and IMC 2026.
Congratulations to Yevheniya Nosyk and co-authors. Recent work includes The Illusion of DDR Deployment at ANRW 2026 and Securing the Missing Link at IMC 2026.
Selected as a Junior member of the Institut Universitaire de France, Innovation Chair.
The IUF appointment supports the 2026–2031 project on human-governed autonomous AI agents for adaptive cyber defence.
WWW 2026 paper on phishing in IPFS.
Congratulations to Anas Kastantin and co-authors. Netting Phish in the IPFS Ocean studies real-time monitoring and characterization of decentralized phishing campaigns.
Speaking at the FIRST Technical Colloquium in Paris.
I presented research from the INFERMAL project on malicious domain registrations and the factors that shape phishing abuse.
eCrime 2025 paper on URL-shortener abuse.
Congratulations to Zul Odgerel and co-authors. Short Path to Phishing studies misused URL shortening services in the wild.
ACM CCS 2025 paper on the roots of DNS abuse.
Congratulations to Yevheniya Nosyk and co-authors. Exposing the Roots of DNS Abuse studies factors behind phishing-domain registrations and their implications for anti-abuse practices.
INFERMAL results presented to the Internet infrastructure community.
I presented INFERMAL at CENTR Jamboree and in an ICANN webinar, continuing the discussion on evidence-based anti-abuse policy.
Appointed Professor of Computer Science at Grenoble INP–Ensimag.
I continue my work with the Drakkar team at LIG on Internet measurement, domain abuse, and operational cybersecurity.
Research distinction for passive-DNS domain rankings.
Congratulations to Victor Le Pochat and co-authors. The TMA 2024 paper on passive-DNS-based domain rankings received the Community Contribution Award and was extended for IEEE TNSM.
PAM 2024 papers on WHOIS/RDAP and DMARC.
Congratulations to Simon Fernandez and Olivier Hureau. Our WHOIS/RDAP paper received the PAM Best Community Dataset Award, and the DMARC paper was nominated for the PAM Best Paper Award.
Applied Networking Research Prize for Extended DNS Errors.
Congratulations to Yevheniya Nosyk. Our ACM IMC 2023 paper on Extended DNS Errors received the Applied Networking Research Prize in 2024.
Contact
Get in touch
Email: maciej [dot] korczynski [at] univ-grenoble-alpes [dot] fr
Office: IMAG building, 700 avenue Centrale, Saint-Martin-d’Hères, France
Affiliations: Grenoble INP–Ensimag · Université Grenoble Alpes · LIG / Drakkar · KOR Labs Cybersecurity
PGP key ID: 1BDA32F6