Usable Security and Privacy (USP) Lab
Usable Security and Privacy (USP) Lab
Embedded Files
RHUL, Dec 2025
RHUL, Mar 2025
RHUL, Dec 2024
RHUL, May 2023
Newcastle, Mar 2022
Online, April 2021
The Usable Security and Privacy (USP) Lab is a research hub within the Information Security Department at Royal Holloway University of London (RHUL). Our team brings together dedicated post-doctoral researchers, PhD and MSc students, and expert collaborators from across academia and industry. Apart from our research and teaching, we organise an annual event called CyberMi2 Research Day. See CyberMi2'23, CyberMi2'24, and CyberMi2'25.
***New: We are proud to share our work with the world. Our recent output it the Tech Abuse Handbook. You can read about it here.
Lab Director
Lab Director
Dr Maryam Mehrnezhad is a Reader (Associate Professor) at the ISG, RHUL. With a background in Systems Security, she is interested in the intersection of security and society.
Research Fellows, Associates/Assistants (RA)
Research Fellows, Associates/Assistants (RA)
Dr Taylor Robinson (RHUL, 2023-now), Research Assistant. Taylor is working on an international project on the risks and user perception of data collection and sharing in intimate health. Outputs:
With Rebecca Jones and Sophie Hawkes, User Risk Perceptions and Privacy Attitudes towards Menopause Data Collection and Use, ACM Transactions on Social Computing, 2026
Dr Adriano Bermudez Villalva (RHUL, 2022-now), Research Fellow (AGENCY and CyFer projects). Adrian expertise is in complex online risks and harms affecting women and girls, specifically online hate speech, and misinformation and crime related to women's health across various digital platforms. Outputs:
Measuring Online Hate on 4chan Using Pre-Trained Deep Learning Models, Paper, IEEE Transactions on Technology and Society, 2025
Dataset: Measuring Online Hate on 4chan Using Pre-Trained Deep Learning Models, Dataset, 2025
The Dark Side of Anonymity: Measuring Online Hate on 4chan, Agency blog post, 2025
Challenges of Extracting Data from Social Media: The Case of Women's Health Misinformation, CyFer blog post, 2023
Women's Health-related Misinformation on Social Media, CyFer blog post, 2023
Dr Scott Harper (Surrey, 2024-now), Research Assistant (working with Ehsan Toreini, AGENCY project). Scott's work focused on the security and privacy of smart IoT home devices and apps across Android and iOS ecosystems, including an Apple Security Research Device for the latter. Output:
Android vs iOS in Smart Security Camera Privacy, Agency blog post, 2025
Previous RAs:
Stephen Cook (RHUL, 2022-23), Research Assistant (CyFer project), Stephen worked on the cybersecurity and privacy of FemTech. He performed experiments on the communication layers of FemTech IoT devices including NFC, BT and WiFi. Outputs:
Bluetooth Security Analysis of General and Intimate Health IoT Devices and Apps: the Case of FemTech, Paper, International Journal of Information Security, 2024
The Importance of Collective Privacy in Digital Sexual and Reproductive Health, Paper, UK Fertility Conference, 2024
Dr Laura Shipp (Newcastle, 2022), Research Associate (CyFer project), Laura's research examined the SP of FemTech IoT devices, focusing on their data collection, privacy policies, and associated risks for women, partners, and children. Outputs:
Bodies Like Yours: Enquiring Data Privacy in FemTech, Paper, ACM NordicCHI, 2022
Vision: Too Little too Late? Do the Risks of FemTech already Outweigh the Benefits? Paper, EuroUSEC, 2022
Zeynep Aki (Newcastle, 2021), Research Assistant, Zey worked on a privacy-preserving ML-based face mask recognition system. She used ML algorithms to develop a system which can identify if people have their face masks on properly without revealing the identity of the person.
PhD Students
PhD Students
Jorele Simons (RHUL,2025-now), main supervisor with Christian Weinert. Jorele's PhD project is focusing on digital resilience in the social media economy for SMEs by employing threat modelling frameworks via participatory methods.
Stephen Cook (RHUL, CDT'23-now), main supervisor with Waleed Shahid. Stephen works on accessibility on IoT devices and apps. He investigates the security and privacy of BLE connection and privacy notices, as well as accessibility scores.
Rebecca Jones (RHUL, CDT'23-now), main supervisor with Ravinder Barn. Rebecca works on security, privacy, and safety of menopause tech. She uses creative CHI methods such as story completion method to understand the user perception and expectations in these technologies.
Sophie Hawkes (RHUL, CDT'22-now), second supervisor, with Christian Weinert. Sophie is working on the investigation of real world privacy vulnerabilities and developing privacy-preserving solutions. Output:
Perceptual Hash Inversion Attacks on Image-Based Sexual Abuse Removal Tools, Paper, IEEE S&P Magazine, 2024
James Clarke (University of Surrey'22-now), external advisor, with Ehsan Toreini. James is working on the security and privacy of people with visual impairment via system studies as well as user studies. James was my MSc student at Newcastle and continued his research topic to his PhD work. Output:
Invisible, Unreadable, and Inaudible Cookie Notices: An Evaluation of Cookie Notices for Users with Visual Impairments, Paper, ACM Transactions on Accessible Computing, 2024
Previous PhD Students
Previous PhD Students
Dr Scott Harper (Newcastle, 2020-24) main supervisor, with Matt Leach, PhD title: On the Security and Privacy of Animal Technologies. Outputs:
Are Our Animals Leaking Information About Us? Security and Privacy Evaluation of Animal-related Apps, Paper, SSR (IEEE EuroS&PW), 2022
Security and Privacy Concerns of Pet-Tech Users, Paper, STaR-IoT (IoT Conference Workshop), 2022
Security and Privacy of Pet Technologies: Actual Risks vs User Perception, Paper, Journal of Frontiers in Internet of Things, 2023
International News Coverage including: The Telegraph, CBS News, Naked Scientists, La Opinión, Crumpe, etc.
Dr Dante Gray (RHUL, 2019-24) main supervisor, with Rishad Shafik, PhD title: On the Security of IoT Sensors. Outputs:
PhotonKey: A Key Pairing System for IoT Resource and Input Constrained Devices Using Light Sensors, Paper, Journal of Information Security and Applications, 2025
SenSig: Practical IoT Sensor Fingerprinting Using Calibration Data, Paper, SSR (IEEE EuroS&PW), 2022
Verifying the Identity of a Device via Sensor Calibration Data, UK Patent application, 2022
Dr Rawan Taher (Newcastle, 2019-24) supervisory team, with Charles Morisset and John Mace, PhD title: A Trust-Based Mechanism to Manage User Privacy in University Smart Buildings. Output:
"I feel spied on and I don't have any control over my data": User Privacy Perception, Preferences and Trade-offs in University Smart Buildings, Paper, STAST'22
Dr Naoom Abu Abah (Newcastle, 2020-24) supervisory team, with Charles Morisset, PhD title: "Human as a Sensor" in Incident Reporting Systems in a Smart Spaces, Output:
U-Sense: Feasibility Study of “Human as a Sensor” in Incident Reporting Systems in a Smart Campus, Paper, STAST, 2023
Selected MSc Projects
Selected MSc Projects
For the complete list, see here.
Cheok Ieng Ng (RHUL, 2024), Paper: Security and Privacy Evaluation of IP Cameras on Shodan, SSR, 2025
Diana P. Moniz, (Portugal, Supervised by Teresa Almeida, 2023), Paper: Intimate Data: Exploring Perceptions of Privacy and Privacy-Seeking Behaviors Through the Story Completion Method, IFIP, 2023
Joshua Harrison (Durham, Supervised by Ehsan Toreini, 2023), Paper: A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards, SLIM, (IEEE Euro S&P), 2023
James Clarke (Newcastle, 2021), Paper: Invisible, Unreadable, and Inaudible Cookie Notices: An Evaluation of Cookie Notices for Users with Visual Impairments, ACM Transactions on Accessible Computing, 2023
Scott Harper (Newcastle, 2020), Paper: User Privacy Concerns and Preferences in Smart Buildings, Paper, STAST, 2021, and User Privacy Concerns in Commercial Smart Buildings, Paper, Journal of Computer Security, 2022
Chris Makarouna (Newcastle, 2019), Paper: Risks of Mobile Ambient Sensors and User Awareness, Concerns, and Preferences, Paper, EuroUSEC, 2022
Current Collaborators
Current Collaborators
Dr Christian Weinert, Cryptography, ISG, RHUL, UK
Dr Ehsan Toreini, Systems Security, Samsung R&D, UK, and Visiting Professor, University of Surrey, UK
Dr Teresa Almeida, HCI, Instituto Superior Técnico, University of Lisbon | ITI/LARSyS
Dr Jennifer Pybus, Data, Democracy and AI, York University, Canada
Prof Aad van Moorsel, School of Computing Science, Birmingham University, UK
Previous Collaborators
Previous Collaborators
Prof Mike Catt, Newcastle University (Digital Health), UK
Dr Matt Leach, Newcastle University (School of Natural and Environmental Sciences), UK
Joe Bourne, The Alan Turing Institute, Lancaster University (Institute for the Contemporary Arts), UK
Dr Thyla van der Merwe, Google, Zurich, Switzerland (formerly at ETH Zurich)
Dr Kovial Coopamootoo, KCL (Usable Security and Privacy), UK
Prof Rishad Shafik, Newcastle University (Engineering), UK
Google Sites
Report abuse