Presenting my research project at LTH

March 4, 2020July 5, 2020 / bugejajoseph / Leave a comment

On 4 March 2020, I had the opportunity to present my PhD research project at Lund University. My presentation titled “Security and privacy in smart connected homes” was held in front of a mixed audience, consisting of key industry professionals and well-established academics. Many interesting questions were raised after each presentation. Two questions directed to me were about updates concerning attacks targeting smart speaker systems, and another one whether secure regions within the home area network can be configured to have parts of the home or the entire home offline.

The workshop opening slide by Prof. Per Runeson.

Moving on to the discussion part of the workshop there were different takeaways. One of the main ones was the difficulty of instilling security awareness, especially to the general consumer when purchasing and using IoT products. One can have a lot of security features embedded in his product but if the customer is not aware of those or does not know how to enable them then that is a challenge. Another key point that was shared across multiple presentations and raised as a discussion item, was the huge spike of vulnerabilities being reported, especially during the past 3 years. Here, it is interesting to investigate what is actually being targeted and the causes of that. Perhaps, this is not only related to the digitization of ‘everything’ but as well to the constant reuse of software code, including the heavy reliance on software frameworks (including some operating systems that may have not been properly audited). Organizations should remember that in addition to the tangible benefits you gain from building your software from reusable modular and perhaps opensource components you automatically inherit security vulnerabilities and risks.

My presentation at LTH.

I highly encourage you to attend this quarterly workshop especially if you are into software engineering but even if you are not. Certainly, you can learn about what’s happening from the research side but as well from industry professionals. Besides, it is a good opportunity to network and share ideas with other likeminded people!

Check the workshop agenda: https://www.lth.se/digitalth/events/?event=softwarelth-workshop-internet-of-things-and-security

Strengthen your academic writing skills with this resource

March 4, 2020 / bugejajoseph / Leave a comment

If you are planning on writing a scholarly publication, maybe it is your first research article, you want to make sure that you use the appropriate jargon for that. This is especially if you are a non-native speaker of English. A truly good resource that can help in that is the Academic Phrasebank maintained by The University of Manchester.

This resource provides numerous examples of phraseological “nuts and bolts” for writing organized according to the main sections of a research paper or dissertation. The phrases in this resource have been extracted from authentic academic sources including postgraduate dissertations and phrases from academic articles drawn from a broad spectrum of disciplines.

Consider consulting it for your next manuscript.

Featured on LinkedIn and Facebook

January 23, 2020January 23, 2020 / bugejajoseph / Leave a comment

I am truly surprised and grateful that a photo of myself and my colleague is being featured on the university website and shared among social media, in particular, on LinkedIn and Facebook.

Talking science featuring Dr. Arezoo Sarkheyli-Hägele and myself (post adopted from LinkedIn).

In case you are interested what the text above means, see its translation below:

“Good teachers don’t grow on trees. They grow when they have the opportunity for skills development. As one of the country’s largest teacher training courses, we are involved in shaping the school of the future. The development of employees is a common responsibility that we share with the entire school community.

We offer you who work in the school a wide range of skills-developing training at half-speed, full time and evening. So we contribute to your skills development and to the school being able to both retain its dedicated employees and recruit new ones.”

But, the most important part is that if you want to know more about what Malmö university offers in terms of courses and programs take a look at mau.se/gemensamtansvar

2020 academic semester kickoff

January 20, 2020January 20, 2020 / bugejajoseph / Leave a comment

Today, was the kick-off to the new academic (Spring) semester. I took the opportunity to present an overview of what is expected to be covered in the Information Security course. During this lecture, I also motivated students why it is important to study information security, introduced the course syllabus, and talked about the learning outcomes of the course.

This year, I have about 150 students taking my course. This is a great achievement especially considering that the course is an elective course. Talking to such large groups is always exciting and fun! You can see me below testing the microphone and preparing my laptop before the students start heading to the class. All the lectures are delivered in a classroom setting but all the material including slides, supplementary material, and any assignments are uploaded on the course portal.

Getting ready at Malmö university (2020)

In addition to inviting two external academics as guests, this year, I invited two speakers from the industry. The speakers have many years of experience working with real-life security use cases and are working with international companies TrueSec and Fingerprints.

Learning Swedish is beneficial

January 16, 2020January 16, 2020 / bugejajoseph / Leave a comment

If you are a foreigner living in Sweden you will be perfectly fine and survive well without knowing any Swedish. From my experience, the majority of people have an excellent command of the English language both spoken and written. Also, with tools such as “Google Translate” you can go a long way.

Nonetheless, I personally feel that if you want to better interact with the locals then learning Swedish is certainly of good help. You can try to learn Swedish from textbooks (e.g., Rivstart A1+A2), digital apps (e.g., Duolingo), or a combination, but in my opinion, attending a classroom is suggested. This is especially if you are new to the language and to the country. The other resources can come in handy later or as supplemental material.

In the fall of 2019, I was given the opportunity to attend a Swedish course organized by Malmö university. It was a great course, highly interactive and current. Putting some hard work and clocking some hours working on the essays, I managed to complete the course with success.

Swedish language certificate

My suggestion if you have relocated to a country whether it is on a temporary basis or for a longer-term, I do recommend you take the challenge and learn the language of the country. This will not only improve your resume but will also help you win more friends and integrate better with the locals.

Tip: Keep tabs while waiting for your acceptance notification

January 16, 2020 / bugejajoseph / Leave a comment

It is common that when we submit a paper to a conference we have to wait a bit until we get an acceptance notification. In my research area, it is not unusual to wait for about 3 months to get a thumbs up or a thumbs down. This can be stretched further especially if the conference deadline was extended. During this review time, typically we work on other things, come up with alternative ideas, and maybe take a break. It is also common that in this waiting time we may start noticing already how the paper can get improved. Maybe, you find a more recent related work that tackles the problem in a different way or perhaps simply find arguments that strengthen your proposal. Whatever the case, you want to keep track of those. This is as you might what to consider them when revising your article. How do I do that?

On my Mac, I simply keep track of these using Notes app. I just create a new folder under iCloud and name it as the conference article or an alias of it. In that folder, I create a note, titled “Ideas” and simply throw in any points or stuff to take care of when updating the paper submitted earlier. Then, when the notification of acceptance is due, I simply go through the reviewer comments together with the Ideas note and update the paper accordingly. I store my notes in iCloud because I can easily manage them for example through my smartphone. It often happens that the best ideas come when we are away or while resting from a problem.

So, my point is to encourage you to get organized early on in your research and simply not to leave it to the end to update your article. There are ideas that I am sure you came across while waiting for a notification of acceptance. Best to keep tabs and have notes readily available when you need them.

Information Security – Kick-off Lecture

January 24, 2019January 25, 2019 / bugejajoseph / 1 Comment

Yesterday, on 23rd January 2019, I delivered my first lecture (titled: “Course Overview”) between 8:15 am – 10:00 am part of the Information Security course at Malmö University. This is the third academic year that I am running this exciting course at Bachelor’s level.

Different to the previous years, this time the course material will be published on Canvas (instead of itslearning), officially I am the course responsible, and the amount of students enrolled on this course exceeds 150 students! This is almost double the amount of students I had two years ago! Indeed, this is very satisfying as a tutor to have so many students that recognise the increasing importance of information security!

ed6a47d0-6d51-4445-87c4-dd2b859dcb21 (1)

Lecture at the “Faculty of Odontology” part of Malmö University.

One of the key points, I mentioned is how the sophistication of attacks is increasing especially since the introduction of Internet of Things (IoT) enabled technologies.

A particular instance of this are attacks being carried out remotely, for instance through the help of drones (war-flying). As a demonstration of this in the clip below, researchers exploit a ZigBee vulnerability (by delivering a malicious Over The Air update) forcing smart Hue light bulbs to flash S.O.S in distress.

What attacks should we expect in the future? Certainly, I would expect to see more of the above and increasingly more autonomous attacks potentially targeting SCADA/ICSs and smart cities causing blackouts and more. Possibly such attacks can be permanent and have irreversible consequences.

Joseph Bugeja

Security, Privacy, and Trust

general