Ruba Abu-Salma

Lecturer (~Asst. Professor) in Computer Science, King’s College London

Ruba Abu-Salma is a Lecturer (Assistant Professor) in Computer Science at King’s College London (KCL). Ruba is affiliated with the Cybersecurity Group and the Human Centered Computing Group in the Department of Informatics. Her research is interdisciplinary. She works at the intersection of cybersecurity, privacy, human-computer interaction (HCI), and public policy. She uses computational and social science research methods to understand and improve people’s security, privacy, and safety decision-making processes, with a focus on vulnerable, marginalized, and/or stigmatized populations. She works closely with communities and charities to design technical, social, and legal interventions that are grounded in equality, justice, and safety for all. Her work has been published at top-tier venues, including IEEE S&P (Oakland), USENIX Security, and ACM CHI. Her work has also been covered by the popular press such as The New York Times, The Register, and CNET.

Before joining KCL in 2021, Ruba was a Postdoctoral Researcher in the Usable Security and Privacy Group at the International Computer Science Institute (ICSI) at the University of California, Berkeley, and in the PRIVATICS Team at INRIA Sophia Antipolis.

Ruba defended her doctoral dissertation in 2019, earning a Ph.D. in Computer Science from University College London (UCL). Her dissertation focused on designing user-centered privacy-enhancing technologies. As a postgraduate student, she was supported by Google, a Marie-Skłodowska Curie Research Fellowship, and a Supporting Usability and Design in Security (SUDS) Fellowship from the Open Technology Fund (OTF). She also performed research at the Cambridge Cybercrime Center, Brave, and Telefónica Research.

Ruba is always on the lookout for talented Ph.D. students to work with her on topics sitting at the intersection of cybersecurity, privacy, HCI, and at-risk/marginalized populations. Interested candidates should email her (at ruba.abu-salma@kcl.ac.uk) their CV, a short research proposal, and any previous publications.

Twitter: @Ruba_AbuSalma

Publications

  1. Noura Abdi, Tess Despres, Ruba Abu-Salma, and Julia Bernd. In-Home Smart Devices: Quantifying Bystander Privacy Experiences and Social Norms in Different Situations. In Annual Symposium on Applications of Contextual Integrity (CI Symposium), New York City, NY, USA, 2022.

  2. Julia Bernd, Ruba Abu-Salma, Junghyun Choy, and Alisa Frik. Balancing Power Dynamics in Smart Homes: Nannies’ Perspectives on How Cameras Reflect and Affect Relationships. In USENIX Symposium on Usable Privacy and Security (SOUPS), Boston, MA, USA, 2022.

  3. Julia Slupska, Selina Cho, Marissa Begonia, Ruba Abu-Salma, Nayanatara Prakash, and Mallika Balakrishnan. “They Look at Vulnerability and Use That to Abuse You”: Participatory Threat Modelling with Migrant Domestic Workers. In Proc. USENIX Security Symposium (USENIX Sec), Boston, MA, USA, 2022.

  4. Sean Oesch, Ruba Abu-Salma, Oumar Souleymane Diallo, Juliane Kramer, James Simmons, Justin Wu, and Scott Ruoti. User Perceptions of Security and Privacy for Group Chat. In ACM Journal of Digital Threats: Research and Practice (DTRAP), 2022.

  5. Borce Stojkovski, Ruba Abu-Salma, Gabriele Lenzini, and Karen Triquet. “Unless one does the research, it may seem as just a useless battery-consuming app” – Field Notes on COVID-19 Contact-Tracing Applications. In ACM Journal of Digital Threats: Research and Practice (DTRAP), 2021.

  6. Omer Akgul, Ruba Abu-Salma, Wei Bai, Michelle Mazurek, Elissa M. Redmiles, and Blase Ur. From “Secure” to “Military-Grade”: Exploring the Effect of App Descriptions on User Perceptions of Secure Messaging. In ACM Workshop on Privacy in the Electronic Society (WPES), Seoul, South Korea, 2021.

  7. Cristiana Santos, Arianna Rossi, Lorena Sanchez Chamorro, Kerstin Bongard-Blanchy, and Ruba Abu-Salma. Cookie Banners, What’s The Purpose? Analyzing Cookie Banner Text Through a Legal Lens. In ACM Workshop on Privacy in the Electronic Society (WPES), Seoul, South Korea, 2021.

  8. Sean Oesch, Ruba Abu-Salma, Oumar Souleymane Diallo, Juliane Kramer, James Simmons, Justin Wu, and Scott Ruoti. Understanding User Perceptions of Security and Privacy for Group Chat: A Survey of Users in the US and UK. In Annual Computer Security Applications Conference (ACSAC), Austin, TX, USA, 2020.

  9. Julia Bernd, Ruba Abu-Salma, and Alisa Frik. Bystanders’ Privacy: The Perspectives of Nannies on Smart Home Surveillance. In USENIX Workshop on Free and Open Communications on the Internet (FOCI), Boston, MA, USA, 2020.

  10. George Chalhoub, Ivan Flechais, Norbert Nthala, and Ruba Abu-Salma. Innovation Inaction or In Action? The Role of User Experience in the Security and Privacy Design of Smart Home Cameras. In Symposium on Usable Privacy and Security (SOUPS), Boston, MA, USA, 2020.

  11. Ruba Abu-Salma. Designing User-Centered Privacy-Enhancing Technologies. Department of Computer Science, University College London (UCL), London, UK, 2020. (Ph.D. thesis)

  12. Ruba Abu-Salma and Benjamin Livshits. Evaluating the End-User Experience of Private Browsing Mode. In ACM Conference on Human Factors in Computing Systems (CHI), Honolulu, HI, USA, 2020.

  13. George Chalhoub, Ivan Flechais, Norbert Nthala, Ruba Abu-Salma, and Elie Tom. Factoring User Experience into the Security and Privacy Design of Smart Home Cameras. In Extended Abstracts of ACM Conference on Human Factors in Computing Systems (CHI EA) (Late-Breaking Works), Honolulu, HI, USA, 2020.

  14. Ruba Abu-Salma. Designing for the Elderly: Understanding the Role of Age on the Adoption and Use of Secure Communication Tools. In MobileHCI Workshop on Mobile Privacy and Security for an Ageing Population, Barcelona, Spain, 2018.

  15. Ruba Abu-Salma, Elissa M. Redmiles, Blase Ur, and Miranda Wei. Exploring User Mental Models of End-to-End Encrypted Communication Tools. In USENIX Workshop on Free and Open Communications on the Internet (FOCI), Baltimore, MD, USA, 2018. [CNET] [La Vanguardia]

  16. Ingolf Becker, Alice Hutchings, Ruba Abu-Salma, Ross Anderson, Nicholas Bohm, Steven J. Murdoch, M. Angela Sasse, and Gianluca Stringhini. International Comparison of Bank Fraud Reimbursement: Customer Perceptions and Contractual Terms. In Journal of Cybersecurity, 2017.

  17. Juan Ponce-Mauries, Kat Krol, Simon Parkin, Ruba Abu-Salma, and M. Angela Sasse. Dead on Arrival: Recovering from Fatal Flaws in Email Encryption Tools. In USENIX Workshop on Learning from Authoritative Security Experiment Results (LASER), Arlington, VA, USA, 2017.

  18. Ruba Abu-Salma, M. Angela Sasse, Joseph Bonneau, Anastasia Danilova, Alena Naiakshina, and Matthew Smith. Obstacles to the Adoption of Secure Communication Tools. In IEEE Symposium on Security and Privacy (Oakland), San Jose, CA, USA, 2017. INVITED PAPER: IEEE Security and Privacy Magazine [EFF] [The New York Times]

  19. Steve Dodier-Lazaro, Ruba Abu-Salma, Ingolf Becker, and M. Angela Sasse. From Paternalistic to User-Centred Security: Putting Users First with Value-Sensitive Design. In CHI Workshop on Values in Computing, Denver, CO, USA, 2017.

  20. Ruba Abu-Salma, Kat Krol, Simon Parkin, Victoria Koh, Kevin Kwan, Jazib Mahboob, Zahra Traboulsi, and M. Angela Sasse. The Security Blanket of the Chat World: An Analytic Evaluation and a User Study of Telegram. In European Workshop on Usable Security (EuroUSEC), Paris, France, 2017. INVITED PAPER: Journal of Cybersecurity

  21. Ingolf Becker, Alice Hutchings, Ruba Abu-Salma, Ross Anderson, Nicholas Bohm, Steven J. Murdoch, M. Angela Sasse, and Gianluca Stringhini. International Comparison of Bank Fraud Reimbursement: Customer Perceptions and Contractual Terms. In Workshop on the Economics of Information Security (WEIS), Berkeley, CA, USA, 2016. [The Register]

  22. Steven J. Murdoch, Ingolf Becker, Ruba Abu-Salma, Ross Anderson, Nicholas Bohm, Alice Hutchings, M. Angela Sasse, and Gianluca Stringhini. Are Payment Banking Contracts Unfair? In Conference on Financial Cryptography and Data Security, Rockley, Christ Church, Barbados, 2016.

  23. Fadi Aloul, Imran Zualkernan, Ruba Abu-Salma, Hamed Al-Ali, and May Al-Merri. iBump: A Smartphone Application to Detect Car Accidents. In Elsevier Journal of Computers and Electrical Engineering (JCEE), 2015.

Talks

  1. INVITED: “They Look at Vulnerability and Use That to Abuse You”: Participatory Threat Modelling with Migrant Domestic Workers. Information Security Group (ISG) Research Seminar, Royal Holloway, University of London (RHUL), UK (Nov. 3, 2022).

  2. Is Digital Privacy About Power? UK Cybersecurity Ph.D. Winter School, University of Surrey, UK (January 10, 2022).

  3. Designing User-Centered Privacy-Enhancing Technologies. Cybersecurity (CYS) Seminar, Dept. of Informatics, King’s College London (KCL), UK (June 03, 2021).

  4. Bystanders’ Privacy: The Perspectives of Nannies on Smart Home Surveillance. International Computer Science Institute (ICSI), University of California, Berkeley, CA, USA (Apr. 23, 2020).

  5. Evaluating the End-User Experience of Private Browsing Mode. 38th ACM Conference on Human Factors in Computing Systems (CHI), Honolulu, HI, USA (Apr. 27, 2020).

  6. INVITED: Users Do Not Bite: Exploring the Adoption and Use of Encrypted Communication Tools. Interdisciplinary Centre for Security, Reliability, and Trust (SnT), University of Luxembourg, Luxembourg (Mar. 04, 2020).

  7. INVITED: Users Do Not Bite: Exploring the Adoption and Use of Encrypted Communication Tools. Department of Electrical Engineering and Computer Science (EECS), University of California, Berkeley, CA, USA (Nov. 22, 2019).

  8. INVITED: Evaluating the End-User Experience of Private Browsing Mode. French National Institute for Research in Computer Science and Automation (Inria), Sophia Antipolis, France (Nov. 21, 2019).

  9. INVITED: From Paternalistic to User-Centered Security. Symantec Research Labs, Sophia Antipolis, France (June 19, 2019).

  10. INVITED: Secure Messaging: Adoption and Appropriate Use. Dyson School of Design Engineering, Imperial College London, UK (Apr. 02, 2019).

  11. INVITED: Introduction to Computer Security. Decoded London, UK (Nov. 06, 2018).

  12. Evaluating the End-User Experience of Private Browsing Mode. Brave Software, London, UK (Sept. 10, 2018).

  13. Exploring User Mental Models of End-to-End Encrypted Communication Tools. 8th USENIX Workshop on Free and Open Communications on the Internet (FOCI), Baltimore, MD, USA, (Aug. 14, 2018).

  14. INVITED: Exploring User Mental Models of End-to-End Encrypted Communication Tools. Oxford Internet Institute, University of Oxford, UK (July 05, 2018).

  15. INVITED: How User Needs, Practices, and Perceptions Influence the Adoption and Use of Secure Communication Tools. Cybersecurity Seminar, Dept. of Computer Science, University of Oxford, UK (May 18, 2018).

  16. INVITED: How User Needs, Practices, and Perceptions Influence the Adoption and Use of Secure Communication Tools. Information Security Seminar, Dept. of Computer Science, Lancaster University, UK (May 11, 2018).

  17. INVITED: Introduction to Computer Security and Privacy. Westminster School, London, UK (May 04, 2018). – joint talk with Alexandros Mittos

  18. INVITED: Introduction to Computer Security. Monzo London, UK (Mar. 08, 2018).

  19. Dead on Arrival: Recovering from Fatal Flaws in Email Encryption Tools. 5th USENIX Workshop on Learning from Authoritative Security Experiment Results (LASER), Arlington, VA, USA (Oct. 19, 2017).

  20. Obstacles to the Adoption of Secure Communication Tools. 38th IEEE Symposium on Security and Privacy (Oakland), San Jose, CA, USA (May 22, 2017).

  21. INVITED: Obstacles to the Adoption of Secure Communication Tools. Security and Privacy Seminar, School of Computer Science, University of Birmingham, UK (May 11, 2017).

  22. INVITED: The Security Blanket of the Chat World: An Analytic Evaluation and a User Study of Telegram. Security and Privacy Seminar, School of Computer Science, University of Birmingham, UK (May 11, 2017).

  23. INVITED: Obstacles to the Adoption of Secure Communication Tools. Information Security (InfoSec) Seminar, Dept. of Computer Science, University College London (UCL), UK (May 04, 2017).

  24. Obstacles to the Adoption of Secure Communication Tools. 7th International Workshop on Cryptography, Robustness, and Provably Secure Schemes for Female Young Researchers (CrossFyre), Pierre and Marie Curie University (UPMC), Paris, France (Apr. 30, 2017).

  25. The Security Blanket of the Chat World: An Analytic Evaluation and a User Study of Telegram. 2nd European Workshop on Usable Security (EuroUSEC), Paris, France (Apr. 29, 2017).

  26. Usable and Secure Group Chat. 2nd IEEE European Symposium on Security and Privacy (EuroS&P), Paris, France (Apr. 27, 2017).

  27. INVITED: Misconceptions about Secure Messaging. Women-in-Engineering Community Meeting, Facebook London, UK (July 27, 2016).

  28. Misconceptions about Secure Messaging. 6th International Workshop on Cryptography, Robustness, and Provably Secure Schemes for Female Young Researchers (CrossFyre), Technical University of Darmstadt, Germany (July 21, 2016).

  29. Secure and Private Chat for Everyone. 10th International IFIP Summer School on Privacy and Identity Management (Time for a Revolution?), University of Edinburgh, UK (Aug. 19, 2015).

  30. PUP: Pretty Usable Privacy. London Hopper Colloquium Research Competition, British Computer Society (BCS), London, UK (May 20, 2015) (Finalist Prize).

  31. INVITED: Differentially Private Statistics. Genetics, Evolution and Environmental (GEE) Departmental Seminar, University College London (UCL), UK (Dec. 9, 2014).

Panels

  1. INVITED: Obfuscating Ownership: Privacy and Sousveillance (OOPS). University of Hertfordshire, UK (Dec. 10, 2018).

  2. Cryptogame: Pirates and Guardians of the Galaxy. Mozilla Festival (MozFest), London, UK (Oct. 27, 2018).

  3. INVITED: Supporting Usability and Design in Security. Open Technology Fund (OTF) Summit, Valencia, Spain (Nov. 14, 2017).

Teaching

• 7CCSMSEN: Security Engineering (M.Sc. in Cybersecurity), Dept. of Informatics, King’s College London (KCL), UK (Fall 2022).

• 7CCSMSEN: Security Engineering (M.Sc. in Cybersecurity), Dept. of Informatics, King’s College London (KCL), UK (Fall 2021).

• EXTERNAL: COMP0056: People and Security (M.Sc. in Information Security), Dept. of Computer Science, University College London (UCL), UK (Fall 2020).

Academic Service

Organizing Committee Member

o UKRI National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online (REPHRAIN): 2022, 2023. (Research Ethics Board Member)

o KCL/Ofcom Workshop on the Opportunities and Challenges of the UK Online Safety Bill: 2022. (Organizer)

o USENIX Symposium on Usable Privacy and Security (SOUPS): 2022. (Academic Mentor)

o PETs Workshop on Interdependent and Multi-Party Privacy: 2022. (Co-Organizer)

o USENIX Symposium on Usable Privacy and Security (SOUPS): 2021. (Junior Mentoring Co-Chair)

o IEEE European Symposium on Security and Privacy (EuroS&P): 2018. (Publicity Chair)

o Workshop on Cryptography, Robustness, and Provably Secure Schemes for Female Young Researchers (CrossFyre): 2017. (Program Co-Chair)

o UCL Computer Science Mini Conference: 2016. (Program Co-Chair)

Technical Program Committee Member / Associate Chair

o ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW): 2023.

o USENIX Security Symposium (USENIX SEC): 2021, 2022.

o European Symposium on Research in Computer Security (ESORICS): 2021, 2022.

o IEEE European Symposium on Security and Privacy (EuroS&P): 2021.

o Workshop on Privacy in the Electronic Society (WPES): 2020.

o Privacy-Enhancing Technologies Symposium (PETS/PoPETs): 2019, 2020, 2021, 2023. (Editorial Board)

o European Workshop on Usable Security (EuroUSEC): 2019.

o IEEE Symposium on Security and Privacy (Oakland): 2019. (Student PC)

o Grace Hopper Celebration (GHC) of Women in Computing (Security and Privacy Track): 2018.

Poster Jury Member

o IEEE Symposium on Security and Privacy (Oakland): 2019.

o USENIX Symposium on Usable Privacy and Security (SOUPS): 2018, 2019.

Invited External Reviewer

o Behaviour & Information Technology: 2022.

o IEEE Internet Computing: 2022.

o Journal of Human-Computer Studies: 2021.

o ACM Conference on Computer and Communications Security (CCS): 2021.

o ACM Transactions on Privacy and Security (TOPS): 2020.

o European Symposium on Research in Computer Security (ESORICS): 2020.

o IEEE Symposium on Security and Privacy (Oakland): 2020.

o ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW): 2018.

o ACM Conference on Human Factors in Computing Systems (CHI): 2016, 2019-2022.

o ACM Symposium on Virtual Reality Software and Technology (VRST): 2018.

o Journal of Computer Security: 2017, 2018.

o Privacy-Enhancing Technologies Symposium (PETS/PoPETs): 2018.

o European Workshop on Usable Security (EuroUSEC): 2016.

o IEEE Security and Privacy Magazine: 2016.

o Workshop on Privacy in the Electronic Society (WPES): 2016.

o Workshop on Socio-Technical Aspects in Security and Trust (STAST): 2016.

o International Conference on Financial Cryptography and Data Security: 2015.

o USENIX Security Symposium: 2015.