Interactive Event on Digital Ethics

April 24, 2021April 24, 2021 / bugejajoseph / Leave a comment

On Friday, 23th April, I attended an interactive event on the topic of digital ethics. This event was organised by RISE in collaboration with industry. Together, we explored and discussed the topic of data privacy, integrity, trust, and transparency in AI. Many interesting discussions followed in Zoom breakout rooms, especially after the presentation from “Sjyst data!” project.

We talked about the generic development and implementation of AI for emerging systems, and related ethical implications. An interesting point was raised about the passive collection of MAC addresses and whether these are considered personal data by the GDPR. On that note, over Zoom chat, someone also mentioned foot traffic data and the processing of that, especially during the pandemic of Covid-19. Data, even though, may appear to mean nothing particular or worrying to us at some point, when aggregated and linked with other data sources, it can paint a detailed profile about us.

Here is a screenshot showing the event hosts: Nina Bozic (senior researcher) and Katarina Pietrzak (educational strategist) along with RISE experts and guests.

I am looking forward to the next one!

Successfully Defended my PhD Dissertation

February 13, 2021 / bugejajoseph / Leave a comment

I am pleased to announce, that on Thursday, 11th February, I successfully defended my PhD dissertation in Computer Science, titled On Privacy and Security in Smart Connected Homes. This was a journey that has been incredible and exciting, to say the least. It took close to 6 years, including taking 12 PhD courses, writing 10 main publications, authoring and co-authoring 6 other supplementary publications, traveling to 8 different countries, and hundreds of hours of writing. A heartfelt thanks to all the people who have been part of my journey, especially to my academic advisors – Dr. Andreas Jacobsson and Prof. Paul Davidsson.

Book Cover

Here is a link to access my doctoral defence presentation.

Hosting Virtual Classes using Zoom and Discord

January 23, 2021 / bugejajoseph / Leave a comment

On Monday, 18 January, I delivered my first lecture for 2021 in my cybersecurity course at Malmö University. This year, is my 5th year running this course, and I have about 120 students registered for the course. This is a good turnout, and I am happy that many students are keen to learn about cybersecurity. Unlike previous years, the full course, including all its deliverables are going to be held online. So, anyone provided with the link to the lecture and an Internet connection can access the lecture live, potentially from anywhere without the need to commute to university.

When it comes to lectures, I am using Zoom as the main software program to share my slides and interact with students. One of the cool features of Zoom, which is similar to that of a traditional classroom, is its whiteboard. Effectively, Zoom allows the host to share a digital whiteboard that can be used in a similar way to a physical whiteboard but supporting more options. When using Zoom’s whiteboard, I commonly connect my tablet to the meeting and start sketching out using a digital pen. It can be quite challenging to draw a diagram using only a computer mouse.

Sharing the whiteboard on Zoom.

Another nice feature of Zoom, that I started using recently, particularly for managing a workshop, is called “breakout rooms.” This function allows the meeting host to split the participants into smaller groups so that participants can discuss separately in different rooms without disturbing others. I have seen the use of “breakout rooms” in many virtual conferences I have participated in recently. The partitioning into groups can be done automatically or manually, or otherwise, the host can allow participants to select and enter breakout sessions as they please.

As a complement to “breakout rooms” in Zoom, I am also using Discord for supporting students, especially in their lab practicals. Discord is a VoIP, instant messaging, and digital distribution platform, particularly popular with gamers. In our case, we found Discord to be fast and reliable for handling voice and video simultaneously. Its straightforward participation system also makes it ideal for assisting students in their practicals.

In case you want to learn more about my experience with digital teaching, please feel free to get in touch or leave a comment below.

Lecturing about security and blockchain in a Masters course

November 25, 2020November 25, 2020 / bugejajoseph / Leave a comment

On 24 November, I was invited to deliver a guest lecture to Masters students in Computer Science at Malmö University. The lecture’s main topic was IoT security and the application of blockchain as a security-enhancing technology. It was fun doing this 2-hour lecture over Zoom, and especially I was pleased to see some former students attending my lecture.

When introducing blockchain, I focused on a use-case where this technology is used for securing drone communication. In particular, I referenced the paper titled “Towards data assurance and resilience in IoT using blockchain” which uses some of the properties of blockchain for providing instant and permanent data integrity, trusted accountability, and a resilient backend for drones. Blockchain has several uses including also in smart homes (e.g., as discussed in the paper titled “Blockchain for IoT Security and Privacy: The Case Study of a Smart Home”) and in many other domains.

Recently, I also co-authored a paper with some of my colleagues where we explored the use of blockchain for countering adversarial attacks in incremental learning.

Is Your Home Becoming A Spy?

October 9, 2020 / bugejajoseph / 1 Comment

On 9th October, I had the opportunity to present my paper at the IoT 2020 conference. I talked about smart connected homes to conference attendees participating in the security track. The presentation was pre-recorded and played to an online audience over Zoom. It was in the format of a 12 mins presentation followed by 8 mins QA.

My presentation slot at IoT 2020.

The theme that I covered was about covert surveillance facilitated through commercial smart home systems retrofitted in homes around the globe. In the study, we organized 81 systems by their data-collection capabilities with the intention of better understanding their privacy implications. Also, we identified research directions and suggested ways that allow users more control, transparency, and ethical uses over their personal data.

You can take a look at the presentation slides here. Also, please free to email me in case you need more information about my work.

Online Lecture about IoT Security

October 4, 2020October 4, 2020 / bugejajoseph / Leave a comment

On 01 October, I was invited to deliver an online lecture about the topic of securing the Internet of Things (IoT) to Lund University Bachelors students. I have been researching security and privacy on a full-time time basis for the past five years and working on information security for well over a decade.

My lecture consisted of a two-hour presentation, where I focused on some key attacks targeting consumer and industrial IoT applications. Denial-of-service attacks, routing attacks, and service attacks of which we have been talking about for many years have become even more serious. For instance, think about Mirai, the botnet which broke out in 2016, and other malware targeting unsecured IoT devices such as webcams. This is partly happening due to the interconnectedness of the devices, but especially due to a lack of inbuilt security measures. In this regard, Vint Cerf, one of the computer scientists hailed as a founding father of the Internet, said in an ACM panel in 2017:

“The biggest worry I have is that people building [IoT] devices will grab a piece of open source software or operating system and just jam it into the device and send it out into the wild without giving adequate thought and effort to securing the system and providing convenient user access to those devices.”

Although plugging any device to the Internet is becoming the trend especially with the rise of the IoT, I believe that companies should put in more effort into securing their devices prior to releasing them to the consumer market. Unfortunately, it is still common to run simple attacks, such as SQL injections, on IoT devices, and finding them vulnerable to that.

The Current State of IoT Security and a Glimpse Into The Future

March 12, 2020March 12, 2020 / bugejajoseph / Leave a comment

On Tuesday 10th March, I was invited to give a guest lecture about IoT security in Blekinge Tekniska Högskola (BTH) in Karlskrona, Sweden. Karlskrona is approximately 3 hours away from Malmö.

During my lecture, I gave realistic examples of attacks that targeted IoT systems. For instance, attacks targeting consumer drones, electric cars, and IP cameras. I also discussed the technical, procedural, and human challenges involved in securing IoT and some safeguards.

Blekinge Tekniska Högskola.

In the future, I will work to automate IoT security. Similar to smart devices acting autonomously to perceive and act on their environment, IoT security should evolve towards greater autonomy in detecting threats and reacting to attacks. This evolution relates to the autoimmunity of smart devices allowing for the prevention and containment of attacks in hostile environments.

You can access a condensed version of my lecture here.

2020 academic semester kickoff

January 20, 2020January 20, 2020 / bugejajoseph / Leave a comment

Today, was the kick-off to the new academic (Spring) semester. I took the opportunity to present an overview of what is expected to be covered in the Information Security course. During this lecture, I also motivated students why it is important to study information security, introduced the course syllabus, and talked about the learning outcomes of the course.

This year, I have about 150 students taking my course. This is a great achievement especially considering that the course is an elective course. Talking to such large groups is always exciting and fun! You can see me below testing the microphone and preparing my laptop before the students start heading to the class. All the lectures are delivered in a classroom setting but all the material including slides, supplementary material, and any assignments are uploaded on the course portal.

Getting ready at Malmö university (2020)

In addition to inviting two external academics as guests, this year, I invited two speakers from the industry. The speakers have many years of experience working with real-life security use cases and are working with international companies TrueSec and Fingerprints.

On the Future of Cybercrime

June 26, 2018June 26, 2018 / bugejajoseph / 1 Comment

As computers get faster cybercrime will get faster. As computers permeate more of our society cybercrime will enter those same areas. As computers become more autonomous – with AI and machine learning – crime will become more autonomous. Cybercrime will enter as well areas such as driverless cars, implanted medical devices, and more.

Image result for cybercrime !img

So you look at something like ransomware which is basically a ransom crime (that is old!). Project that onto computers and as a consequence of that you have to pay to get your data back. Project that onto a car. You wake up in the morning you go out to your car and instead of being able to turn it on there’s a note saying you pay a hundred dollars to unlock your car. That’s coming so just watch where the computers go and you see where the crime goes.

The above text is an abstract extracted from the YouTube clip: https://www.youtube.com/watch?v=G2VzjeAOksc. More information related to this can be found in the documentary titled: “Dark Web: Fighting Cybercrime”.

Joseph Bugeja

Security, Privacy, and Trust

cybersecurity