I earned my PhD in Computer Science from Carleton University (Ottawa, Canada) in 1998 under the direction of Paul Van Oorschot and Evangelos Kranakis. From 1998 till 2002 I was a Research Scientist at Entrust, a security software company, where I performed code security reviews, contributed to new product developments and created new IETF and W3C standards, primarily related to authentication and key management. From 2002 till 2008 I worked for the Government of Canada. In 2003, I designed the "account recovery" interface for the Government Online portal, used by more than six million citizens. I also contributed to design of the portal's "epass" authentication service. In 2008 I made the leap to full-time academic work, where I continue to build on my usable security research, as well as applying machine learning to security. I started as a Research Fellow at the University of Edinburgh in 2008, then in 2010 I became a Lecturer and then Senior Lecturer at Glasgow Caledonian University, and in 2015 I moved to Heriot-Watt University as an Associate Professor.
I am primarily interested in computer security, and in applying human-computer interaction (HCI) and machine learning (ML) techniques to solve computer security problems. I also apply fundamental security techniques to design, and attack modelling and analysis. For example, I have enumerated the attack space for partial passwords and the answers to challenge questions, and I have modelled attacks to implicit smartphone authentication. The results of my research include critical evaluations of current security solutions, the establishment of new security and usability methodologies, and the design of new security techniques. I currently apply these methods and techniques to authentication protocols, security warnings, and mobile devices and networks, though I am very interested in broader applications of my research.
You can find more information at my website: http://www.justmikejust.co.uk/