Ruba Abu-Salma

Ph.D. Student at University College London (UCL)

I am a Ph.D. student in Computer Science (Information Security Research Group) at University College London (UCL), supervised by Prof. M. Angela Sasse and Dr. Steven J. Murdoch. I research computer security, privacy, and Human-Computer Interaction (HCI). More specifically, my research takes a user-centered approach to the design and use of secure communication tools. I study how users perceive secure communications, and what influences their decision to adopt, or not adopt, a secure tool. I am supported by a SUDS (Supporting Usability and Design in Security) Fellowship from the Open Technology Fund (OTF) and Simply Secure, as well as a Marie Skłodowska-Curie (MSCA-RISE) Research Fellowship. My Ph.D. research is also funded by Google.

I obtained an M.Sc. (with Distinction) in Information Security from UCL in 2014. Before joining UCL, I earned a B.Sc. (1st Hons) in Computer Engineering from the American University of Sharjah in 2013.

E-mail: r[dot]abu-salma[at]cs[dot]ucl[dot]ac[dot]uk

Find me on Twitter: Ruba_AbuSalma.

Publications

  1. Ruba Abu-Salma and Benjamin Livshits. Evaluating the End-User Experience of Private Browsing Mode. arXiv:1811.08460v1, 2018.

  2. Ruba Abu-Salma. Designing for the Elderly: Understanding the Role of Age on the Adoption and Use of Secure Communication Tools. In Proceedings of the 2nd MobileHCI Workshop on Mobile Privacy and Security for an Ageing Population, Barcelona, Spain, 2018.

  3. Ruba Abu-Salma, Elissa M. Redmiles, Blase Ur, and Miranda Wei. Exploring User Mental Models of End-to-End Encrypted Communication Tools. In Proceedings of the 8th USENIX Workshop on Free and Open Communications on the Internet (FOCI), Baltimore, MD, USA, 2018. [CNET] [La Vanguardia]

  4. Ingolf Becker, Alice Hutchings, Ruba Abu-Salma, Ross Anderson, Nicholas Bohm, Steven J. Murdoch, M. Angela Sasse, and Gianluca Stringhini. International Comparison of Bank Fraud Reimbursement: Customer Perceptions and Contractual Terms. In Journal of Cybersecurity, 2017.

  5. Juan Ponce-Mauries, Kat Krol, Simon Parkin, Ruba Abu-Salma, and M. Angela Sasse. Dead on Arrival: Recovering from Fatal Flaws in Email Encryption Tools. In Proceedings of the 5th USENIX Workshop on Learning from Authoritative Security Experiment Results (LASER), Arlington, VA, USA, 2017.

  6. Ruba Abu-Salma, M. Angela Sasse, Joseph Bonneau, Anastasia Danilova, Alena Naiakshina, and Matthew Smith. Obstacles to the Adoption of Secure Communication Tools. In Proceedings of the 38th IEEE Symposium on Security and Privacy (Oakland), San Jose, CA, USA, 2017. INVITED PAPER: IEEE Security and Privacy Magazine (Special Issue) [Boing Boing] [EFF]

  7. Steve Dodier-Lazaro, Ruba Abu-Salma, Ingolf Becker, and M. Angela Sasse. From Paternalistic to User-Centred Security: Putting Users First with Value-Sensitive Design. In Proceedings of the 3rd CHI Workshop on Values in Computing, Denver, CO, USA, 2017.

  8. Ruba Abu-Salma, Kat Krol, Simon Parkin, Victoria Koh, Kevin Kwan, Jazib Mahboob, Zahra Traboulsi, and M. Angela Sasse. The Security Blanket of the Chat World: A Usability Evaluation and User Study of Telegram. In Proceedings of the 2nd European Workshop on Usable Security (EuroUSEC), Paris, France, 2017. INVITED PAPER: Journal of Cybersecurity: Usable Security and Privacy (Special Issue)

  9. Ingolf Becker, Alice Hutchings, Ruba Abu-Salma, Ross Anderson, Nicholas Bohm, Steven J. Murdoch, M. Angela Sasse, and Gianluca Stringhini. International Comparison of Bank Fraud Reimbursement: Customer Perceptions and Contractual Terms. In Proceedings of the 15th Annual Workshop on the Economics of Information Security (WEIS), Berkeley, CA, USA, 2016. [The Register]

  10. Steven J. Murdoch, Ingolf Becker, Ruba Abu-Salma, Ross Anderson, Nicholas Bohm, Alice Hutchings, M. Angela Sasse, and Gianluca Stringhini. Are Payment Banking Contracts Unfair? In Proceedings of the 20th International Conference on Financial Cryptography and Data Security, Rockley, Christ Church, Barbados, 2016.

Posters

  1. Ruba Abu-Salma, Juliane Kramer, Scott Ruoti, Kent Seamons, Justin Wu, and Daniel Zappala. Secure and Private Group Chat: Investigating Users Needs and Practices. In Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC), San Juan, Puerto Rico, USA, 2017.

  2. INVITED: Ruba Abu-Salma, Kat Krol, Simon Parkin, Victoria Koh, Kevin Kwan, Jazib Mahboob, Zahra Traboulsi, and M. Angela Sasse. The Security Blanket of the Chat World: An Analytic Evaluation and a User Study of Telegram. In Proceedings of the 13th Symposium on Usable Privacy and Security (SOUPS), Santa Clara, CA, USA, 2017.

  3. Ruba Abu-Salma, Jeremiah Onaolapo, Jonathan Bootle, and Lucky Onwuzurike. How to Get Owned by a Malicious Browser Extension. 1st ACM-W UK Inspire Celebration of Women in Computing, London, UK, 2015.

  4. Jeremiah Onaolapo, Ruba Abu-Salma, Jonathan Bootle, and Lucky Onwuzurike. The Ordeals of Mr. Smith. Cyber Security Visualization Design Competition (The EU TREsPASS Project), The Hague, The Netherlands, 2015.

  5. Ruba Abu-Salma, M. Angela Sasse, Joseph Bonneau, and Matthew Smith. POSTER: Secure Chat for the Masses? User-centered Security to the Rescue. In Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS), Denver, CO, USA, 2015.

  6. Ruba Abu-Salma, and M. Angela Sasse. PUP: Pretty Usable Privacy. 5th Information Assurance Advisory Council (IAAC) Symposium, London, UK, 2015.

Talks

  1. INVITED: Designing Human-Centered Privacy-Enhancing Technologies. SecHuman Colloquium, Ruhr-University Bochum (RUB), Germany (Feb. 28, 2019).

  2. INVITED: Introduction to Computer Security. Decoded London, UK (Nov. 06, 2018).

  3. Evaluating the End-User Experience of Private Browsing Mode. Brave Software, London, UK (Sept. 10, 2018).

  4. Designing for the Elderly: Understanding the Role of Age on the Adoption and Use of Secure Communication Tools. 2nd MobileHCI Workshop on Mobile Privacy and Security for an Ageing Population, Barcelona, Spain (Sept. 03, 2018).

  5. Exploring User Mental Models of End-to-End Encrypted Communication Tools. 8th USENIX Workshop on Free and Open Communications on the Internet (FOCI), Baltimore, MD, USA, (Aug. 14, 2018).

  6. Exploring User Mental Models of End-to-End Encrypted Communication Tools. Oxford Internet Institute, University of Oxford, UK (July 05, 2018).

  7. INVITED: How User Needs, Practices, and Perceptions Influence the Adoption and Use of Secure Communication Tools. Cybersecurity Seminar, Dept. of Computer Science, University of Oxford, UK (May 18, 2018).

  8. INVITED: How User Needs, Practices, and Perceptions Influence the Adoption and Use of Secure Communication Tools. Information Security Seminar, Dept. of Computer Science, Lancaster University, UK (May 11, 2018).

  9. INVITED: Introduction to Computer Security and Privacy. Westminster School, London, UK (May 04, 2018). – joint talk with Alexandros Mittos

  10. INVITED: Introduction to Computer Security. Monzo London, UK (Mar. 08, 2018).

  11. Dead on Arrival: Recovering from Fatal Flaws in Email Encryption Tools. 5th USENIX Workshop on Learning from Authoritative Security Experiment Results (LASER), Arlington, VA, USA (Oct. 19, 2017).

  12. Obstacles to the Adoption of Secure Communication Tools. 38th IEEE Symposium on Security and Privacy (Oakland), San Jose, CA, USA (May 22, 2017).

  13. INVITED: Obstacles to the Adoption of Secure Communication Tools. Security and Privacy Seminar, School of Computer Science, University of Birmingham, UK (May 11, 2017).

  14. INVITED: The Security Blanket of the Chat World: An Analytic Evaluation and a User Study of Telegram. Security and Privacy Seminar, School of Computer Science, University of Birmingham, UK (May 11, 2017).

  15. INVITED: Obstacles to the Adoption of Secure Communication Tools. Information Security (InfoSec) Seminar, Dept. of Computer Science, University College London (UCL), UK (May 04, 2017).

  16. Obstacles to the Adoption of Secure Communication Tools. 7th International Workshop on Cryptography, Robustness, and Provably Secure Schemes for Female Young Researchers (CrossFyre), Pierre and Marie Curie University (UPMC), Paris, France (Apr. 30, 2017).

  17. The Security Blanket of the Chat World: An Analytic Evaluation and a User Study of Telegram. 2nd European Workshop on Usable Security (EuroUSEC), Paris, France (Apr. 29, 2017).

  18. Usable and Secure Group Chat. 2nd IEEE European Symposium on Security and Privacy (EuroS&P), Paris, France (Apr. 27, 2017).

  19. INVITED: Misconceptions of Secure Messaging. Women-in-Engineering Community Meeting, Facebook London, UK (July 27, 2016).

  20. Misconceptions of Secure Messaging. 6th International Workshop on Cryptography, Robustness, and Provably Secure Schemes for Female Young Researchers (CrossFyre), Technical University of Darmstadt, Germany (July 21, 2016).

  21. Secure and Private Chat for Everyone. 10th International IFIP Summer School on Privacy and Identity Management (Time for a Revolution?), University of Edinburgh, UK (Aug. 19, 2015).

  22. PUP: Pretty Usable Privacy. London Hopper Colloquium Research Competition, British Computer Society (BCS), London, UK (May 20, 2015) (Finalist Prize).

  23. INVITED: Differentially Private Statistics. Genetics, Evolution and Environmental (GEE) Departmental Seminar, University College London (UCL), UK (Dec. 9, 2014).

Panels

  1. INVITED: Obfuscating Ownership: Privacy and Sousveillance (OOPS). University of Hertfordshire, UK (Dec. 10, 2018).

  2. Cryptogame: Pirates and Guardians of the Galaxy. Mozilla Festival (MozFest), London, UK (Oct. 27, 2018).

  3. INVITED: Supporting Usability and Design in Security. Open Technology Fund (OTF) Summit, Valencia, Spain (Nov. 14, 2017).

Teaching

  1. Theory I: Fall 2014.

  2. Theory II: Spring 2015.

  3. Operating Systems: Fall 2015.

  4. Research in Information Security: Spring 2017 – Spring 2019.

  5. Introduction to Cybersecurity: Spring 2019.

Academic Service

Program Co-Chair:

  1. Workshop on Cryptography, Robustness, and Provably Secure Schemes for Female Young Researchers (CrossFyre): 2017.

  2. UCL Computer Science Mini Conference: 2016.

Publicity Chair:

  1. IEEE European Symposium on Security and Privacy (EuroS&P): 2018.

Programme Committee (PC) Member:

  1. Privacy-Enhancing Technologies Symposium (PETS): 2019.

  2. Grace Hopper Celebration (GHC) of Women in Computing (Security and Privacy Track): 2018.

Student Programme Committee (PC) Member:

  1. IEEE Symposium on Security and Privacy (Oakland): 2019.

Posters Jury Member:

  1. Symposium on Usable Privacy and Security (SOUPS): 2018, 2019.

Invited External Reviewer:

  1. ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW): 2018.

  2. ACM Conference on Human-Computer Interaction with Mobile Devices and Services (MobileHCI): 2018.

  3. ACM Conference on Human Factors in Computing (CHI): 2016, 2019.

  4. ACM Symposium on Virtual Reality Software and Technology (VRST): 2018.

  5. European Conference on Information Systems (ECIS): 2018.

  6. Journal of Computer Security: 2018.

  7. Privacy-Enhancing Technologies Symposium (PETS): 2018.

  8. European Workshop on Usable Security (EuroUSEC): 2016.

  9. IEEE Security and Privacy Magazine: 2016.

  10. Workshop on Privacy in the Electronic Society (WPES): 2016.

  11. Workshop on Socio-Technical Aspects in Security and Trust (STAST): 2016.

  12. International Conference on Financial Cryptography and Data Security: 2015.

  13. USENIX Security Symposium: 2015.