Stefan Rass (40) hails from Klagenfurt. We spoke with him about why he is attracted to the more shadowy areas of digitization and how he hopes his students will inspire him.

What is your area research? What does "Secure Systems" mean?
Stefan Rass: My research approach is along the lines of "model-based security", meaning I focus on modeling attack scenarios and then, based on the models, I identify how the attack can be made as "expensive" as possible for the attacker. I believe that security is not a situation in which cyber attacking is possible, but rather the point at which the cost of an attack exceeds the expected benefits, ultimately rendering the attack "no longer worthwhile".

What do you find particularly fascinating about this area?
Stefan Rass: Security is a cross-disciplinary subject area that incorporates many aspects from many different fields. When conducting research, I am lucky that I know many different methods, can apply them, and can even develop new ones. Attackers are becoming increasingly creative in their methods and this ensures that there is never a dull moment.

Just how important is cyber security nowadays?
Stefan Rass: We rely on machines and algorithms more than ever before, be it electronic money transactions, electronic health management, or smart homes. Each new advancement, however, means more potential threats and hazards, especially when we become fully dependent on the infrastructure functioning the way we expect it to. I think advancements in digitization are important because it makes our lives easier in many ways and I intend to make sure my research in cyber security can ensure these systems continue working. These systems can almost be considered life-sustaining for us and must be maintained for the long term. In many areas today, we would be practically adrift without electricity, electronics, telecommunications and many other things.

Why did you choose the JKU?
Stefan Rass: The JKU is well-known and the professional environment, both in breadth and depth, is invaluable, particularly for research in cyber security. In addition, during each of my visits to Linz, I liked both the city and everyone I met at the JKU. This personal aspect combined with the professional opportunities and the university’s outstanding reputation was the reason I chose to come to the JKU.

Why should students take your classes?
Stefan Rass: I like interacting with students and they ask the best questions ever! When you are an expert in a certain area, you can sometimes forget to question basic facts that are often considered a "given". A new student will often ask a simple question like, "why is it like this and not the other way?". As an educator, I am expected to have the answers to these kinds of questions, and often I do. However, it is not unusual to then ponder certain questions and ask myself: "…why can't it be done a different way?" More than once, this kind of thinking has resulted in a new, interesting research idea. Students inspire me and I hope I can return the enthusiasm on the topic. If that works, then it’s a win-win for everyone!

What are you currently working on?
Stefan Rass: I am working on models for non-cooperative behavior which, in the simplest case, means the relationship between the attacker and defender but can also mean modeling component interaction within a larger system, i.e. in the event in which system components fail, are hacked, or something like that. A second project revolves around both applying and securing AI in order to simulate the dynamics of an attack and ultimately prevent counteract attacks.

Researchers also need down time. Do you have any hobbies?
Stefan Rass: I enjoy getting out into the fresh air, jogging, and I would also like to get back to playing the piano. I also like to read a lot, although I have to admit I prefer thrillers and crime novels.

What else do you want to do or achieve in your life?
Stefan Rass: I have a few deep, underlying questions I would like to find answers to, particularly in the area of cyber security. I would like to see my children grow up in a well-secured future, not only in terms of digitalization. I would like to continue exploring both the real and theoretical world. Geographically, I know where I would one day like to go - such as experiencing a white night or seeing the northern lights - but scientifically, I am more drawn to the darker side, and you never know what you’ll find there.

About Stefan Rass

Stefan Rass earned a double Master's degree in mathematics and computer science at the University of Klagenfurt (AAU) in 2005, a PhD in mathematics in 2009, and a post-doc in 2014 in applied computer science and system security. He taught algorithms and data structures, system security, theoretical computer science, complexity theory, and cryptography at AAU. His research interests include decision theory and game theory with applications in cybersecurity, as well as complexity theory, statistics, and information-theoretic security. He has written numerous papers on applied security and quantum cryptography, security infrastructures, robot security, and game-theory security models. He is co-author of the book "Cryptography for Security and Privacy in Cloud Computing", published by Artech House, and co-author of the book "Cyber-Security in Critical Infrastructures: A Game-Theoretic Approach", published by Springer. He has actively taken part in several nationally and internationally funded research projects, is a contributing researcher for many EU projects, and provides consulting services to industrial companies.