I supervise MSc projects on a number of topics including:
This research focuses on the intersection of accessibility, usability, and security, ensuring digital safety for everyone. Building on similar work that evaluated cookie notices for users with visual impairments and the privacy of children's apps, this theme expands to other at-risk groups. Future projects could audit the security of assistive technologies (e.g., screen readers, smart hearing aids), analyze the privacy risks of "FemTech" or "ElderTech" applications, or co-design privacy controls that are usable for individuals with cognitive or motor impairments. The core goal is to identify, measure, and remediate digital vulnerabilities that disproportionately affect marginalized populations.
This area investigates how everyday sensors in mobile and IoT devices can be exploited to leak sensitive information. This theme extends previous research on ambient light sensors, voice assistant microphones, and Android sensor access. New projects could explore sensor fusion attacks, where machine learning combines data from multiple sensors (e.g., accelerometers, gyroscopes, magnetometers) to infer complex user activities like typing or location. Other projects might investigate novel covert channels in smart home devices or analyze the environmental fingerprinting capabilities of advanced sensors in connected vehicles.
This theme provides empirical, medium or large-scale audits of how data privacy laws are implemented in practice, both within and outside of Europe and North America. Following on from similar studies by MSc students on web tracking in Europe, Nigeria and Ghana, and app privacy in China and India, this research expands to new jurisdictions. Projects could involve comparative analyses of tracking ecosystems before and after the implementation of new data protection laws (e.g., GDPR or CCPA). This work would use web/mobile analysis and network-level examination to measure real-world compliance, identifying gaps between policy and practice to inform regulators
This theme investigates the distinct security, privacy, and ethical risks when Large Language Model (LLM) chatbots are deployed in sensitive areas like health, finance, and mental wellness. While LLMs offer convenience, they amplify the risk of unintentional data leakage and profiling. Projects will move beyond general privacy studies to perform audits of sensitive chatbot platforms, analyzing how they handle highly personal inputs (e.g., symptoms, financial status) across various modalities. The research can e.g., specifically investigate the usability of consent and data deletion mechanisms within a conversational interface, developing ethical and law-compliant design guidelines that prioritize both data security and user trust, especially for users disclosing highly sensitive information.
2025 (RHUL) Military Personal Radios: Threat Analysis and Recommended Improvements In Light of Recent Conflicts, Benjamin Warne
2025 (RHUL) Data Privacy and Security in Chinese Dating Applications, Aimee Liu
2025 (RHUL) Cookies in Context: An Empirical Study Evaluating Web Tracking and Policy Compliance Across Nigeria and Ghana, Temilola Allen-Ijewere
2024 (RHUL) Accessibility, Security, and Privacy: A Comparative Analysis of NVDA and Chrome Addon Ecosystems, Kaushik Dhamodaran
2024 (RHUL) Ambient Light Sensors: Fingerprinting Environments, Daniel Knight
2024 (RHUL) Enhancing IoT Security: A Comparative Analysis of Communication Protocols to Address Web Application Vulnerabilities, Abdul Kamalbasha
2024 (RHUL) Connected Vehicles: User Awareness, Data Privacy, and Security Concerns, Ahmed Shahzad
2024 (RHUL) Safeguarding Children’s Privacy in the Digital Age: An Assessment of GDPR Compliance and Data Tracking in Popular Mobile Apps, Jeremiah Eze
2024 (RHUL) Measuring the Security and Privacy of IP Cameras on Shodan, Natalie Ng, Output:
Security and Privacy Evaluation of IP Cameras on Shodan, Security Standardisation Research Conference (SSR)
2023 (RHUL): Enhancing Cyber Threat Intelligence with Artificial Intelligence and Machine Learning, Rubab Anjum
2023 (RHUL): Practical Live Laser Microphone Injection Attacks on Voice Assistants, Rachel Robin
2023 (RHUL): An Analysis of Bluetooth Low Energy Beacon Libraries, Aisha Sandia
2023 (RHUL): Security Issues in Serverless Functions Final Report, Bruce Lay
2023 (RHUL): A Chat Bot to Manage Security Services, Christopher Rodipe
2023 (RHUL): Implementation and Analysis of Silencing Attacks on Bluetooth low energy beacons, Connor Kirk
2022 (Newcastle): Analysis of the User’s Environment based on Mobile Ambient Light Sensor via JavaScript, Bangyi Zhang
2022 (Newcastle): Evaluating the Sensor Access on Android via Hybrid Apps, Shuning Yang
2022 (Newcastle): Usage Patterns of Privacy-enhancing Technologies in China, Xuanming Zhang
2021 (Newcastle): Privacy and Security Analysis of 3rd-party Smart Home Products, Stephen Cook
2021 (Newcastle): A Privacy Analysis of Children’s Mobile Applications, Anamaria Dragulin
2021 (Newcastle): Visual Impairments and Privacy-enhancing Technologies, James Clarke Output:
Invisible, Unreadable, and Inaudible Cookie Notices: An Evaluation of Cookie Notices for Users with Visual Impairments, ACM Transactions on Accessible Computing, 2023
2020 (Newcastle): A Privacy-Preserving ML-based Face Mask Recognition System, Zeynep Aki
2020 (Newcastle): An Android Game App for Sensor Security and Privacy, Rory Jones
2020 (Newcastle): User Privacy in Smart Buildings, Scott Harper (Supervisory team), Output:
User Privacy Concerns and Preferences in Smart Buildings, STAST'21
User Privacy Concerns in Commercial Smart Buildings, Journal of Computer Security'22
2019 (Newcastle): Privacy Analysis of Popular Android Apps in India, Adi Vaidya
2019 (Newcastle): Information Leakage via Mobile Ambient Sensors, Chris Makarouna, Output: