We welcome Dr Nalin Arachchilage to the Cyber Security Foundry (CSF), who is a Lecturer in Cyber Security and Privacy (Usable Security and Privacy) in the School of Computer Science at the University of Auckland, New Zealand.
Previously, he was a Senior Research Fellow (Research Associate Professor in the USA – from 2019 to 2021) in Cyber Security in the Department of Computer Science and Information Technology at La Trobe University, Australia. Before joining La Trobe, Nalin worked as a Lecturer in Cyber Security (from 2015 to 2019) a Visiting Researcher (2019 – 2021) in the School of Engineering and Information Technology of the University of New South Wales at the Australian Defence Force Academy (ADFA), where he led the Usable Security research group.
Nalin holds a PhD in Computer Science (Cyber Security) from Brunel University London, UK, where he developed a game design framework for teaching people how to protect themselves from phishing attacks. At Oxford University, he cut his teeth as a Postdoctoral Researcher in Systems Security Engineering (2013 – 2014) in the Department of Computer Science and then joined the University of British Columbia (UBC), Canada as Postdoctoral Research Fellow in Usable Security and Privacy (2014 – 2015). He is also a Sun Certified Java Programmer (SCJP) at Sun Microsystems (now Oracle), USA.
His primary research interests are at the intersection of computer security, human-computer interaction (HCI), software engineering, Information systems security and serious games, in an area known as usable security and privacy engineering. In his research, he applies HCI methods and concepts to the Cyber Security and Privacy domain. He also works on Secure Software Engineering (i.e., developer-centred) and Machine Learning for Cyber/Usable Security, specifically threat modelling through the cybercriminals’ and end users’ behavioural analysis. Nalin’s research is inter-disciplinary in nature and has published numerous articles at the world’s leading conferences and high-impact journals. Notably, Nalin’s recent work has contributed to improving the OWASP Enterprise Security API and its Javadoc for the ESAPI Encoder interface – this will appear in their ESAPI 18.104.22.168 release [https://owasp.org]
Nalin has presented his research at Facebook Headquarters, Menlo Park, California, USA and collaborated with HP in a research capacity at the HP Lab, Bristol, UK. His research has been featured in numerous media outlets including Sky News Australia, ABC News Radio, WIN TV Australia, 2GB 873 AM Radio, SYN Radio 90.7 FM, Daily show on Radio 2SER 107.3, Choice – Australia, Guardian labs (sponsored by Intel Corporation, Australia) and UNSW TV. He has been an invited speaker for conferences both nationally and internationally. Nalin also worked on a number of “sessional/visiting” lecturing positions in Computer Science in the UK (Brunel University London, University of Bedfordshire, Westminster University, and Central Bedfordshire College), Canada (University of British Columbia), and Australia (Deakin University, Victoria University, and Central Queensland University (CQUniversity).
Finally, Nalin recently represented the University of Auckland by delivering a talk at the 10th Annual Fraud & Risk Management Summit 2021 on “Securing software applications to detect and manage security breaches?” in Sydney, Australia in April 2021 He also also recently published a paper at CHI (Rank A*) with UoA affiliation – Title: Better, Funner, Stronger: A Gameful Approach to Nudge People into Making Less Predictable Graphical Password Choice. (This research work focused on gamifying the GUA (i.e., Microsoft GUA) process to nudge people to use to strong passwords in the wild – we improved the security and usability(in terms of memorability) in the GUA password use).