Muhammad Koprawi

About

I am a Lecturer and Researcher in Cybersecurity with interests in Web Security, IoT Security, Security Engineering, Software Engineering, Incident Response, Security Monitoring, and Cybersecurity Education.

My research explores how cyber attacks emerge across modern digital environments and how organizations can design effective defensive capabilities. I am particularly interested in web application security, threat detection, incident analysis, secure systems, software engineering for secure applications, and the security challenges introduced by increasingly connected IoT ecosystems.

Alongside my research, I design and deliver hands-on cybersecurity education through laboratories, cyber range exercises, CTF challenges, and project-based learning. I believe cybersecurity is best learned through experimentation, investigation, and reproducible practice.

Beyond teaching and research, I actively develop security-focused software, laboratory environments, and learning platforms that support cybersecurity education and practical defense. My work emphasizes open-source technologies, reproducible environments, secure software development practices, and evidence-driven approaches to security analysis and incident response.

My goal is to bridge academic cybersecurity research, software engineering, and real-world security operations while helping students, researchers, and practitioners develop practical security skills.

Download my CV. Find selected work on Google Scholar | GitHub | ORCID.

Research Interests

  • Web Application Security
  • Internet of Things (IoT) Security
  • Security Engineering
  • Software Engineering for Secure Systems
  • Security Monitoring and SIEM
  • Incident Response and Digital Investigations
  • Threat Detection and Log Analysis
  • Ethical Hacking and Penetration Testing
  • Cybersecurity Education
  • Cyber Range and CTF Development

Research Vision

My work aims to bridge cybersecurity research, software engineering, and operational security practice through reproducible laboratories, realistic training environments, and evidence-driven security analysis.