My research involves the development of new mathematical analysis techniques, and the application of these techniques to cyber security problems. Some recent highlights include:
Estimation of Information Leakage: I am interested in how mutual information can be estimated and how information leakage can be measured in real systems. Recent papers in this area include: LeakWatch: Estimating Information Leakage from Java Programs (ESORICS 2014), A Tool for Estimating Information Leakage (CAV 2013), Probabilistic Point-to-Point Information Leakage (CSF 2013) and A Statistical Test for Information Leaks Using Continuous Mutual Information, (CSF 2011). These papers are joint work with Apratim Guha,Yusuke Kawamoto, Chris Novakovic and David Parker.
Tools and software to support these papers can be found here.
The monitoring of peer to peer file sharing: This work was the first to analyse the direct monitoring of illegal file sharing. Our findings include:
Massive scale monitoring of all of the most popular illegal downloads from the PirateBay has been taking place over the last 3 years.
On average an illegal file sharer, using BitTorrent to download the most popular content, will be connected to and have there IP address logged within 3 hours of starting a download.
Poor collection methods mean the evidence of illegal file sharing collected by monitors may not stand up in court.
This work received wide spread media coverage including articles by the BBC, NBC and New Scientist. This was joint work with Chris Novakovic, Marco Cova and Camilo Gonzalez Toro, and our report on this work was published at SecureComm 2012.
e-Passport security: The Basic Access Control (BAC) protocol, as used in e-Passports, is flawed. There is quite an elegant traceability attack against the protocol as implemented on French e-passports and a side-channel traceability attack against all other passports we looked at. Details of the attack are available in the paper: A Traceability Attack Against e-Passports. A formal analysis of the e-passport traceability is available in our paper Analysing Unlinkability and Anonymity Using the Applied Pi Calculus and an analysis of time-based side channels can be found in our paper: A Statistical Test for Information Leaks Using Continuous Mutual Information. Some media coverage of this work can be found here.