Embedded Files
My cybersecurity and digital trust research focuses on strengthening protection, verification, and resilience across digital systems, with particular attention to telecommunication and online-channel risk. The work spans applied fraud prevention, adversarial threats to detection systems, cryptographic key management, and practical security analytics that support trustworthy decision-making and operational security.
images (1).jpgInteraction Design’s Role in Safeguarding Against Digital Deception
Cyberattacks are increasingly driven by human factors, making interaction design a critical layer of defence against digital deception. Phishing—a common social-engineering technique used to steal sensitive information—remains persistent despite decades of awareness and technical countermeasures, indicating the need for more robust, user-centred approaches. This study proposes an improved Security-UX (S-UX) framework for cybersecurity training applications to strengthen user resilience against phishing. The framework is informed by an in-depth review of phishing research and major attacks and links anti-phishing strategies to user experience design. It introduces six high-level constructs: security, experience, interactiveness, accessibility, robustness, and transparency.
Research outputs
Mpekoa, N., Tom, S., Shozi, N., Gcaza, N. (2025). Designing a S-UX Framework to Combat Phishing and Foster Digital Responsibility. Designing for Tomorrow: Innovation and Equity in Global Interaction Design. Proceedings of the First IFIP WG 13.8 Interaction Design for International Development (IDID 2024). Springer.
Screenshot 2026-03-06 115742.pngCyber security skills development in South Africa: Addressing the Gender Gap in the Industry
This study examines the gender gap in South Africa’s cybersecurity sector and its implications for skills capacity, innovation, and national security. It identifies key contributors—including stereotypes, limited access to education and training, and non-inclusive workplace culture—and reports insights from a questionnaire distributed to cybersecurity professionals and academics. The study argues for coordinated stakeholder action and recommends targeted initiatives to expand training access, promote gender diversity, and strengthen workplace inclusion.
Research outputs
Ramonyai,T.M., Mpekoa,N. & Tom, S.(2024).Cyber security skills development in South Africa: Addressing the Gender Gap in the Industry. 2024 Conference on Information Communications Technology and Society (ICTAS), pp. 144-149, doi: 10.1109/ICTAS59620.2024.10507137.
download (5).jpgFraud prevention for e-commerce platforms in telecommunication (biometrics + blockchain)
Part of the broader project on subscription fraud prevention for online telecom channels, combining multimodal biometric verification with blockchain-backed assurance. This work proposes a multi-layered verification approach for fraud prevention in telecom e-commerce channels, integrating biometrics with blockchain-supported assurance. The focus is on strengthening identity verification and reducing fraud risk in online transactions.
Role: Supervisor
Research output
Kau, F.M., Mpekoa, N. & Tom, S. (2025). Fraud Prevention on E-commerce Platform in Telecommunication Using Multilayered Verification of Biometrics and Blockchain Technology. IEEE ICIR.
download (6).jpgData poisoning threats in telecom fraud detection
Also situated within the broader subscription fraud prevention programme, this work examines how data poisoning can degrade fraud detection models and conceal risk within bad-debt settings. The focus is on adversarial robustness and data integrity for operational telecom analytics.
Role: Supervisor
Research output
Kau, F.M., Mpekoa, N. & Tom, S. (2025). Fraud Hidden in Bad Debt: How Data Poisoning Attacks Undermine Fraud Detection in Telecommunication. ICECCME.
download (7).jpgKey rotation management for improved data security
This work designs and implements a key rotation management system to strengthen organisational cryptographic hygiene and reduce exposure from key compromise. The focus is on operational security controls that improve confidentiality and compliance in real deployments.
Research output
Ntalali, M., Mpekoa, N. & Tom, S. (2026 – in press). A Key Rotation Management System: Design and Implementation for Improved Data Security. ICCWS.
download (8).jpgMalware author attribution using traditional analysis
This study advances malware author attribution using established analysis techniques to support attribution, threat intelligence, and incident response workflows. The focus is on extracting interpretable indicators that improve forensic reasoning and attribution confidence.
Research output
Mpekoa, N., Tom, S. & Dube, B. (2026 – in press). Enhancing Malware Author Attribution through Traditional Analysis Techniques. In IFIP Conference on Human-Computer Interaction. Cham: Springer Nature Switzerland.
download (9).jpgSingle-hand gesture authentication for smartphones (ML-based)
This work empirically evaluates single-hand gesture patterns as a behavioural biometric for smartphone authentication using machine learning models. The aim is to balance security and usability by enabling lightweight, natural authentication in everyday mobile use.
Role: Supervisor
Research output
Mollo, M., Mpekoa, N., Tom, S. (Accepted). BAn Empirical Analysis of Single-Hand Gestures for Smartphone Authentication Using Machine Learning Models. In Human-Centered Design, Operation and Evaluation of Mobile Communications (HCII 2026).
Page updated
Google Sites
Report abuse