Dr Ingolf Becker

I am an Associate Professor in Security and Crime Science in the Department of Security and Crime Science at University College London. I am part of UCL's Academic Centre of Excellence in Cyber-Security Research (ACE-CSR) and a Principal Investigator at the Research Institute in Socio-Technical Security (RISCS). I currently lead UCL's part of the 3-year ESPRC project Protecting public-facing professionals and their dependents online (3PO).

My research focuses on human-centred security and privacy. I fundamentally believe that security and privacy are never the primary task but should instead be seen as an enabler for productivity and society more generally. I work with people and organisations to build and study systems and policies that are both secure and productive.

News

12/03/25 The 3PO project has been awarded the Security ;& Policing 2025 Academic Innovation Award.

11/03/25 Kris Christmann and I have been invited to present our research with the 3PO project at the REPHRAIN Annual Showcase.

01/03/25 In the last few months, two of my PhD students have successfully defended their thesis and have been awarded their PhDs. Congratulations Dr Blackwell and Dr Buckley!

01/10/24 I have been promoted to Associate Professor at UCL! Thank you to all the internal and external referees for supporting me.

94/09/24 Marilyne Ordekian is presenting our work (with Marie Vasek) on Investigating the Self-Regulation and Practices of Cryptocurrency Exchanges in Light of the EU's Upcoming legislations MiCA and DORA at the 115th Annual Conference of the Society of Legal Scholars in the Cyberlaw session.

12/06/24 Kris Christman and I had an abstract on our work on the 3PO project accepted for HFC 2024 in Montreal, Canada. We will both be attending, it should be an exiting event.

11/06/24 I am giving a talk at the Festival of Digital Research and Scholarship organised by UCL's Advanced Research Computing (ARC) on Automated participant recruitment for survey studies. The demo code is on GitHub.

10/06/24 I am charing a session (From Psychology to Cyber Security) at this year's Crime Science Conference. This year's theme is Fraud, Fakery, and Deception.

24/05/24 My PhD student Gerard Buckley is giving a presentation about his work on GDPR to the sasig. As journals are taking a long time reviewing some of Gerard's outputs, we have made two papers available as pre-prints: GDPR: Is it worth it? Perceptions of workers who have experienced its implementation and How might the GDPR evolve? A question of politics, pace and punishment.

Recent Publications

A complete list of my publications can be found here or on my Google Scholar Profile.

D. Blackwell, I. Becker and D. Clark, Hyperfuzzing: black-box security hypertesting with a grey-box fuzzer, in Empirical Software Engineering, 30:22, 2025. Publisher Link
G. Buckley, T. Caulfield and I. Becker, How might the GDPR evolve? A question of politics, pace and punishment, in Computer Law and Security Review, Volume 54, September 2024. Publisher Link | SSRN | UCL Discovery
G. Buckley, T. Caulfield and I. Becker, GDPR and the indefinable effectiveness of privacy regulators: Can performance assessment be improved?, in Journal of Cybersecurity, Volume 10, Issue 1, 2024. Publisher Link | UCL Discovery
S. Zheng and I. Becker, Phishing to improve detection, in The 2023 European Symposium on Usable Security, EuroUSEC 2023. Publisher Link | UCL Discovery
N. Sombatruang, T. Caulfield, I. Becker, A. Fujita, T. Kasama, K. Nakao and D. Inoue, Internet Service Providers' and Individuals' Attitudes, Barriers, and Incentives to Secure IoT, in 32nd USENIX Security Symposium, USENIX Security 2023. Preprint | UCL Discovery | Publisher link (with video and slides)
S. Zheng and I. Becker, Checking, nudging or scoring? Evaluating e-mail user security tools, in Nineteenth Symposium on Usable Privacy and Security, SOUPS 2023. Publisher Link (with video and slides) | UCL Discovery
M. Ordekian, I. Becker and M. Vasek, Shaping Cryptocurrency Gatekeepers with a Regulatory 'Trial and Error', in 4th Workshop on Coordination of Decentralized Finance, CoDecFin 2023. SSRN Preprint | UCL Discovery | Blogpost
C. Weir, I. Becker and L. Blair, Incorporating software security: Using developer workshops to engage product managers, in Empirical Software Engineering, 2023. Publisher Version | Lancaster Research Directory | UCL Discovery
G. Buckley, T. Caulfield and I. Becker, “It may be a pain in the backside but...” Insights into the resilience of business after GDPR, in New Security Paradigms Workshop, NSPW 2022. Publisher Link | UCL Discovery
S. Zheng and I. Becker, Presenting Suspicious Details in User-Facing E-mail Headers Does Not Improve Phishing Detection, in Eighteenth Symposium on Usable Privacy and Security, SOUPS 2022. Publisher Link (with video and slides) | UCL Discovery
P. Demetriou, I Becker, S. Hailes, Who Watches the Watchers: A Multi-Task Benchmark for Anomaly Detection, in 8th International Conference on Information Systems Security and Privacy, ICISSP 2022. Publisher Link | UCL Discovery | Aftershock Project Website
I. Becker, R. Posner, T. Islam, P. Ekblom, H. Borrion, M. McGuire and S. Li, Privacy in Transport? Exploring Perceptions of Location Privacy Through User Segmentation, in Proceedings of the 54th Hawaii International Conference on System Sciences, HICCS 2021. Publisher Link | UCL Discovery | Best Paper Award Winner.
C. Weir, I. Becker and L. Blair, A Passion for Security: Intervening to Help Software Developers, in Proceedings of the 43rd International Conference on Software Engineering, ICSE 2021. Publisher Version (not OA) | UCL Discovery
J. Morris, I. Becker and S. Parkin, An Analysis of Perceptions and Support for Windows 10 Home Edition Update Features, in Journal of Cybersecurity, Volume 6, Issue 1, 2020. Publisher Version | UCL Discovery
This is a substantially extended and updated version of the 2019 USEC paper.
C. Weir, I. Becker, J. Noble, L. Blair, M. A. Sasse, and A Rashid, Interventions for Long Term Software Security: Creating a lightweight program of assurance techniques for developers, in Software: Practice and Experience, Volume 50, Issue 3, 2020. Publisher Version (not OA) | UCL Discovery
T. Tasmina, I. Becker, R. Posner, P. Ekblom, M. McGuire, H. Borrion, and S. Li, A Socio-Technical and Co-Evolutionary Framework for Reducing Human-Related Risks in Cyber Security and Cybercrime Ecosystems, Proc. DependSys, 2019. Publisher Version (not OA) | UCL Discovery

Recent Projects

Protecting public-facing professionals and their dependents online (3PO)

The 3PO is an EPSRC funded project associated with the National Research Centre on Privacy, Harm Reduction and Adversarial Influence Online. We focus on protecting public-facing police personnel and their dependents online by co-designing vulnerability assessments, harm reporting apps, and various risk assessment tools, alongside training and supporting materials.

Kris Christman is the senior research fellow on the project at UCL.

Secure Development

Dr Charles Weir and I have been working on a project to improve software security through a bottom-up approach. We focus on helping developers understand, appropriately evaluate and promote security inside their organisations. After successfully working with almost a dozen organisations and publishing our results in conferences and journals, we successfully commercialised our project through CyberASAP in 2021. We still hold regular training events, and our workshop and materials are open source and can be used free of charge. We continue working with companies, both for research to improve the package and for consultancy to help deliver the training. We have good links with organisations specialising in training and professional development, and certification bodies to improve secure software development in the UK and abroad.

Attitudes, Barriers, and Incentives to Secure IoT

Dr Tristan Caulfield and I have been working in collaboration with colleagues from Japan's National Institute of Information and Communications Technology (NICT) on cross-cultural studies on internet service providers' and individuals' attitudes, barriers, and incentives to secure the internet of things. The first part of this work has been published, and will be presented at USENIX Security '23.

Research Supervision

I mainly supervise PhD students through UCL's CDT in Cybersecurity, the Dawes Centre for Future Crime, and UCL SECReT. If you want to study with me, please email me before submitting an application to UCL with a research proposal and a CV attached.

My department has received funding for a new CDT in Cyber-Physical Risk, and I will also be supervising students on that CDT. Please take a look and apply!

Phil Demetriou, co-supervised with Prof Steve Hailes on anomaly detection
Neil Amhis, co-supervised with Prof Spencer Chainey on technology innovation in organised crime groups
Carlos Rombaldo Junior, co-supervised with Prof Shane Johnson on SME cybersecurity
Nadine Michaelides, co-supervised with Prof Angela Sasse on psychological contract and cybersecurity behaviours
Marilyne Ordekian, co-supervised with Dr Marie Vasek on cryptocurrency regulation
Siobhan McCrea, co-supervised with Prof Shane Johnson on SME cybersecurity
Liberty Kent, co-supervised with Dr Nilufer Tuptuk on human-centred cyber defence
Yingbo Fu, co-supervised with Prof Earl Barr on Usable code annotations for better software security
Chizzy Meka, co-supervised with Dr Jens Krinke on predicting vulnerable software components

Finished Students

Sarah Zheng, co-supervised with Prof Tali Sharot: Online scam detection using human psychology: Towards usable cybersecurity
Daniel Blackwell, co-supervised with Dr David Clark: Fuzzing and information flow
Gerard Buckley, co-supervised with Dr Tristan Caulfield: Privacy at the intersection of technology, business and regulation: A case study of the GDPR

Professional Activities

Program Committees

EuroUSEC '19, '20, '21, '22, '23, '24, '25
STAST '20, '21, '22, '23, '24, '25
USEC '19, '20
SPOSE '19
NSPW '22, '23 (also Publication Chair in both '22 and '23), '24 (also co-general Chair)
SOUPS '25

External Reviewing

CHI '20 (x1), '21 (x2), '22 (x3), '23 (x3) ,'24 (x5)
PAUC '21
EPSRC '21
Journal of Cybersecurity '20, '23 (x2), '24
JISA '20
International Journal of Social Research Methodology '19
Crime Science '22, '24, '25
OUP '22
Digital Threats: Research and Practice '22 (x2), '23
Computer-Supported Cooperative Work '24 (x2)
IEEE Security & Privacy '24 (x3)
Policy & Internet '24
International Journal of Information Security '24
Computer Law & Security Review '25

Academic Service

Departmental ethics committee member '18–present and co-chair '20–present
REPHRAIN academic ethics board member '20–present
Member of UCL's Security Working Group