I have collected together the slides from various talks that I have given. They may give you some idea of what you missed, though of course without the animations and my chatter, they are but a pale shadow....
My Cambridge lecture notes are kept elsewhere.
Slides in PDF format for my keynote talk about cybercrime.
Slides in PDF format for a presentation about this academic paper (joint work with Tyler Moore) on a "worm" that spread via Instant Messaging for which we had very detailed measurements of its spread.
Slides in PDF format for a talk about my work with Tyler Moore on a "worm" that spread via Instant Messaging for which we had very detailed measurements of its spread. The academic paper was presented at eCrime 2015.
Slides in PDF format for a talk about this academic paper (joint work with MSc student Jens Neisius) on how High Yield Investment Programs (HYIPs) actually work from a financial point of view (they are Ponzi schemes!) and where the money goes.
Slides in PDF format for a presentation of our academic paper (joint work with Tony Mansfield) summarising the ICANN report we wrote on Whois Privacy and Proxy Services.
Slides in PDF format for a talk about the results of an ICANN report (joint work with Tony Mansfield) on Whois which was also covered in this WEIS 2014 paper. The talk also discussed my joint work with Tyler Moore on abandoned bank domains.
Slides in PDF format for a seminar about my work with Tony Mansfield to produce a report for ICANN on the use of Privacy and Proxy services in domain registration.
Slides in PDF format for a presentation to an Internet Architecture Board Workshop on Internet Technology Adoption and Transition. I presented my work from 2009 on SHIM6 along with Andy Ozment and Stuart Schechter's earlier work on bootstrapping security protocols. The intent was to set out the economic perspective on why protocol succeed (or mainly, fail).
Slides in PDF format for a presentation based on this academic paper from APWG eCrime 2012 which describes a method of identifying the email dropboxes to which phished credentials are delivered, which allowed us, for the first time, to accurately estimate the number of criminals who were phishing PayPal credential.
Slides in PDF format for a presentation at a conference on cybersecurity. The title is one I was given, what I actually talked about was "Regulating Zero Days".
Slides in PDF format for a presentation based on this academic paper from WEIS 2012 which attempted to estimate the cost of cybercrime and to critique the multi-billion (or trillion) dollar estimates for which solid evidence appears to be lacking.
Slides in PDF format for a presentation based on this academic paper from WEIS 2012 which attempted to estimate the cost of cybercrime and to critique the multi-billion (or trillion) dollar estimates for which solid evidence appears to be lacking.
Slides in PDF format for a brief presentation on my work to some visitors to NPL.
Slides in PDF format for a talk about our work on High Yield Investment Schemes (based on this academic paper).
Slides in PDF format for a short talk at the Security and Human Behaviour Conference about the relative effectiveness of using Portuguese messages to lure Brazilians into downloading and running malware.
Slides in PDF format for a talk given to the Internet Watch Foundation board on what academic research into child sexual abuse image activity might usefully look at.
This talk considered the extent to which proactive identification of phishing sites might lead to an overall rise in activity. The data remains too sensitive to put the slides online at the present time.
Slides in PDF format for a talk at an International Conference on "Challenges in Cybersecurity -- Risks, Strategies, and Confidence-Building.
Slides in PDF format for a talk at a meeting about various different aspects of Internet content filtering. My talk was on the technical means.
Slides in PDF format for a fairly general about phishing and financial malware for a presentation at a conference attached to a trade show.
Slides in PDF format for a presentation on an academic paper which discussed the ethical issues Tyler Moore and myself have encountered whilst researching the impact of "take-down" on phishing and other types of eCrime. The paper is more a collection of "war stories" than a philosophical treatise, but the philosophers could usefully take account of what researchers actually encounter in practice when developing their theories. The paper was written for WECSR 2011, and Tyler presented it there.
Slides in PDF format for a short talk about what sort of features matter in the URLs used for phishing and for luring people into downloading malware.
Slides in PDF format for a presentation on an academic paper which summarises the identically titled ENISA report on which I was a co-author.
Slides in PDF format for a presentation on an academic paper which discussed the ethical issues Tyler Moore and myself have encountered whilst researching the impact of "take-down" on phishing and other types of eCrime. The paper is more a collection of "war stories" than a philosophical treatise, but the philosophers could usefully take account of what researchers actually encounter in practice when developing their theories. The paper was written for WECSR 2011, and Tyler presented it there.
I gave a talk about phishing and malware in Yahoo!s Security Week. Unfortunately the content is under an NDA.
I gave a talk, jointly with Elizabeth Zwicky, about some IM malware in Yahoo!s Security Week. Unfortunately the content is under an NDA.
Slides in PDF format for a lecture on Security Economics for a University of Luxembourg MSc course.
Slides in PDF format for a presentation on an academic paper which discussed the ethical issues Tyler Moore and myself have encountered whilst researching the impact of "take-down" on phishing and other types of eCrime. The paper is more a collection of "war stories" than a philosophical treatise, but the philosophers could usefully take account of what researchers actually encounter in practice when developing their theories. The paper was written for WECSR 2011, and Tyler presented it there.
Slides in PDF format for yet another running of my Evil on the Internet talk. As ever, the slides are just a backup (and little changed as such from previous versions), with the whole point of the talk being that I showed examples of live sites.
Slides in PDF format for my talk at this EU Commission sponsored seminar on national experiences with regard to the implementation of cybercrime instruments.
This talk was about my experiences dealing with Instant Messenger worms during Spring 2010 whilst I was "embedded" with the Yahoo! paranoids in Sunnyvale. Unfortunately the content of this talk can only be given under an NDA.
Slides in PDF format to accompany my talk about this academic paper which discussed a possible role for Governments in subsidising malware clean-up, and outlined why that subsidy might be rather less than might initially be thought.
Slides in PDF format for my lightning talk about using passive DNS data from ISC to identify blocked websites.
Slides in PDF format for yet another running of my Evil on the Internet talk. As ever, the slides are just a backup (and little changed as such from previous versions), with the whole point of the talk being that I showed examples of live sites. NPL recorded the talk, and it is available here.
Slides in PDF format for my talk to an OFCOM Consumer Forum about the 2009 apComms report for which I was the specialist adviser.
Slides in PDF format for yet another running of my Evil on the Internet talk. As ever, the slides are just a backup (and little changed as such from previous versions), with the whole point of the talk being that I showed examples of live sites.
This talk was about my experiences dealing with Instant Messenger worms during Spring 2010 whilst I was "embedded" with the Yahoo! paranoids in Sunnyvale. Unfortunately the content of this talk can only be given under an NDA.
Slides in PDF format for my lecture on traceability failures, and insecurities in DNS and BGP, part of a weeklong course run for Check Point personnel.
Slides in PDF format for my Internet wickedness, part of a weeklong course run for Check Point personnel. As usual with this particular talk, I showed live websites, and the slides are copies of similar sites which were visited at a much earlier date.
Slides in PDF format to accompany my talk about this academic paper which discussed a possible role for Governments in subsidising malware clean-up, and outlined why that subsidy might be rather less than might initially be thought.
Slides in PDF format to accompany a talk about possibilities for academic eCrime research in the Grand Duchy.
Slides in PDF format for another outing of my popular talk on the various forms of evil websites on the Internet. This time it was given to an audience of ~1200 at the quite remarkable FOSDEM meeting. You can fetch the video in AVI format here or watch it in streaming mode on YouTube here.
Slides in PDF format for a lightning talk on an academic paper examining how global routing table growth is being driven by multihoming; how SHIM6 is supposed to fix this for the IPv6 world; and why economics strongly suggests that it will fail to do so.
Slides in PDF format for my introduction to cryptanalysis talk, to students considering taking part in the 2009 National Cipher Challenge.
Slides in PDF format for my talk about the various entities who would like to (or already do) snoop on your Internet traffic. There's a podcast of the talk here.
Slides in PDF format for an invited talk that presented an updated view of various communities, of varying degrees of 'evilness' that we have come across on the Internet -- the actual talk presented "live" websites whenever possible, the slides date from earlier in 2009 and were really just for backup; so they don't really reflect the sites actually visited. There's a recording of the talk (ogg format) available here
Slides in PDF format for my lecture on traceability, part of a weeklong course run for Check Point personnel.
Slides in PDF format for my lecture on spotting spam by log processing, and insecurities in DNS and BGP, part of a weeklong course run for Check Point personnel.
Slides in PDF format for my brief talk summarising the work with Tyler Moore and Henry Stern on measuring phishing email spam and relating this to phishing website lifetimes.
Slides in PDF format for a talk given at Google, Mountain View, about phishing. The title of talk reflects the ongoing nature of the research by Tyler Moore and myself, and how we are now able to explain anomalous results in earlier work. This is much the same talk as the one given at Microsoft two weeks earlier.
Slides in PDF format for a talk given at Internet Identity. Although the slides closely resemble those used at Microsoft Research, the actual talk was far more of a discussion, with their experts offering their own interpretations of some of our observations.
Slides in PDF format for a talk given at Microsoft Research, Redmond, about phishing. The title of talk reflects the ongoing nature of the research by Tyler Moore and myself, and how we are now able to explain anomalous results in earlier work.
Slides in PDF format for a presentation on a short academic paper which considered the impact of the disconnection of McColo in November 2008. Statistics from a medium sized UK ISP showed that although spam volumes fell, some heuristics became far less effective -- indicating that some of the spam was "easy to block" and hence the disconnection had less practical effect than might at first be assumed.
Slides in PDF format for the third talk I've given at Yahoo! on the topic of phishing. The emphasis was on the results of this academic paper on phishing spam.
Slides in PDF format for a talk to the Irish Internet Exchange INEX about the technicalities of various problems that have occurred with the blocking by UK ISPs of sites on the IWF list of child sexual abuse image websites. There's a video of the talk available here
Slides in PDF format for a talk on an academic paper examining how global routing table growth is being driven by multihoming; how SHIM6 is supposed to fix this for the IPv6 world; and why economics strongly suggests that it will fail to do so.
Slides in PDF format for a fairly general talk about online security at this inaugral conference. You can even watch the video.
Slides in PDF format for a talk at UKNOF about the technicalities of various problems that have occurred with the blocking by UK ISPs of sites on the IWF list of child sexual abuse image websites. I also presented some early data as to what sites are currently on the IWF list. You can also find the slides on WikiLeaks!
Slides in PDF format for a talk that summarised the results from our LEET09 paper that considered data about email phishing spam alongside data about phishing website takedown.
Slides in PDF format for an invited talk that presented an updated view of various communities, of varying degrees of 'evilness' that we have come across on the Internet -- the actual talk presented "live" websites whenever possible, the slides were created the previous week.
Slides in PDF format for the latest version of a talk summarising what is now two years worth of research into phishing, covering the papers I have written with Tyler Moore.
Slides in PDF format for a keynote talk on the failings of UK Internet legislation; and how most of it should be repealed and replaced by more general statutes. We don't have a Sledgehammer Misuse Act, so why do we have a Computer Misuse Act ?
Slides in PDF format for a plenary talk to UK academic networking people about my research (and production systems) for processing email server logs to detect email spam from traffic patterns.
Slides in PDF format for the latest version of a talk summarising what is now two years worth of research into phishing, covering the papers I have written with Tyler Moore.
Slides in PDF format for my invited talk to this workshop about the insecurities in DNS and BGP, and the extent to which cryptography is providing solutions.
Slides in PDF format for my talk to this workshop on eCrime and Opportunities. I presented this rapid review of the recommendations from the report I coauthored for ENISA on "Security Economics and the Internal Market".
Slides in PDF format for my talk to the IWF about the take-down times for child sexual abuse websites. This summarised the results from the WEIS paper that Tyler Moore and I wrote earlier in the year.
Slides in PDF format for my introduction to cryptanalysis talk, to students considering taking part in the 2008 National Cipher Challenge.
Slides in PDF format for my two hour lecture introducing the field of "security economics" and then explaining the recommendations of the report I coauthored for ENISA on "Security Economics and the Internal Market".
Slides in PDF format for my lecture on spotting spam by log processing, and insecurities in DNS and BGP, part of a weeklong course run for Check Point personnel.
Slides in PDF format for my lecture on traceability, part of a weeklong course run for Check Point personnel.
Slides in PDF format for my talk introducing the field of "security economics" and then explaining the recommendations of the report I coauthored for ENISA on "Security Economics and the Internal Market".
Slides in PDF format for my brief talk on how a lack of cooperation between brand protection companies is damaging phishing website take-down effectiveness.
Slides in PDF format for my talk about an academic paper that considered the extent to which the first letter of the local part (left of the @) of an email address influences how much spam is received. The answer, it seems, is quite a lot!
Slides in PDF format for a talk summarising a years worth of research into phishing, covering the papers I have written with Tyler Moore. Essentially the same talk as on the 18th and 20th!
Slides in PDF format for a talk summarising a years worth of research into phishing, covering the papers I have written with Tyler Moore. Essentially the same talk as on the 19th and 20th!
Slides in PDF format for my talk at the LINX quarterly meeting which explained how the Phorm system works, and the types of legal problem that ISPs who deployed it were likely to encounter.
Slides in PDF format for my talk at this public meeting organised by 80/20 Thinking. See here, for the BBC report on the meeting (other press accounts are available).
I gave the main talk at this lunch for young engineers, and then answered a number of questions from the audience of engineers and parliamentarians.
Slides in PDF format for a talk on the different systems that ISPs use for monitoring or blocking traffic, and how these completely different technologies relate, in their own way, to online copyright issues.
Slides in PDF format for yet another variant of this popular talk.
Slides in PDF format for a talk about DNS and BGP security.
This version of the 'Searching for Evil' talk was given in the upstairs of a Fleet Street pub, so no powerpoint! Some enthusiasts captured the talk on video (pt1, pt2, pt3, pt4), on tape, and there is even a (sort of) transcript.
Slides in PDF format for the revised version of the talk given by Ross Anderson and myself about bad things on the Internet. We originally gave this talk together for Google in London in August 2007, then Ross gave it alone in California, the video of which you can watch here. The talk we gave in Cambridge was also recorded, so you can watch the video of this version in Real or WMV format.
Slides in PDF format for my talk about what conclusions the Science and Technology Committee reached, and an indication as to why.
Slides in PDF format for my private briefing for Dr Tanya Byron and her inquiry team about the practical issues that arise when attempting to filter bad content.
Slides in PDF format for my talk about spamHINTS at this Workshop on Application Classification and Identification.
Slides in PDF format for my talk, to an audience of bankers and law enforcement officials, about our work in tackling phishing.
Slides in PDF format for my talk giving a brief update on the spamHINTS project, along with some of what we've been learning about phishing (especially "fastflux" hosting) along with a discussion of some of the "evil" communities that we are beginning to identify.
Slides in PDF format for my sections of a joint talk that Ross Anderson and I gave about various communities, of varying degrees of 'evilness' that we have come across -- and the extent to which search engines, such as Google might be aware of them.
Slides in PDF format for my talk about an academic paper giving details of one months worth of email, and some analysis of how mcuh of it was spam, how much forwarded and how much came from mailing lists.
Slides in PDF format for my talk, kindly hosted by MarkMoniotor, to various anti-phishing industry people about our work measuring phishing website takedown. The talk is mainly based on the figures from our WEIS paper but it does contain a preview of later results which were (in corrected form) placed into the APWG researchers forum paper (to appear).
Slides in PDF format for my talk about our work measuring phishing website takedown. The talk is mainly based on the figures from our WEIS paper but it does contain a preview of later results which were (in corrected form) placed into the APWG researchers forum paper (to appear).
Slides in PDF format for my talk about the spamHINTS project. There is also a summary of my various techniques for detecting email spam by looking at email server logs. You can watch a video of this session (with a nasty buzz on the soundtrack) here.
Slides in PDF format for my talk summarising my work on various techniques for detecting email spam by looking at email server logs. You can watch a video of this session (I'm the first speaker, immediately after the introduction) here.
Slides and Notes in PDF format for a lecture given to Birmingham undergraduates in their "Communication Skills and Professional Issues Course". This is basically one of my Cambridge lectures recycled for a similar audience!
Slides in PDF format for another one of my high speed tutorials on content filtering issues.
Slides in PDF format for a seminar that covered my work on the BT Cleanfeed system (this paper) and the Great Firewall of China (this paper). Note that despite a familiar looking title, this was rather more extended than my UKNOF5 and LINX55 talks.
Slides in PDF format for my talk on ISP's relationships with their customers.
Slides in PDF format for my initial (private) briefing to the Select Committee on the issues that would arise during their 2006--2007 inquiry into Personal Internet Security. The final report of the Committee can be read on the House of Lords website, here.
Slides in PDF format for my high speed tutorial on content filtering issues.
Slides in PDF format for my talk about an academic paper written by George Danezis and myself about some attacks on the initial version of the system that was once called Tarzan and which could well be effective against other systems that are unaware of the dangers and attempt to be efficient when dealing with anonymous networks with very large numbers of nodes.
Slides in PDF format to accompany a talk on the Home Office consultation on a Code of Practice for Part I Chapter II of the RIP Act 2000.
Slides in PDF format for my talk about an academic paper about the latest results from analysing email server logs, and how the earliest results from the spamHINTS project shed light on the number of email senders at an ISP.
Slides in PDF format for my lunchtime talk about an academic paper on how the "Great Firewall of China" can be made ineffective, at least in part, by dropping reset packets.
Slides in PDF format for my talk about an academic paper about the problems with D-Link systems sending unwanted NTP traffic, and showing how this is part of a pattern of "attacks" that cause significant problems.
Slides in PDF format for my rump session talk on the issues that arise when creating pre-proceedings for an academic conference.
Slides in PDF format for my talk to accompany an academic paper on how the "Great Firewall of China" can be made ineffective, at least in part, by dropping reset packets.
Slides in PDF format for my progress report (with some very early sFlow results) to LINX on my spamHINTS project to examine sFlow traffic data on an Internet Exchange to pick out the patterns that are the senders of spam.
Slides in PDF format for a talk at this forum on the impact of Data Retention Directive on the ISP industry. The Kipling poem illustrates the number of questions that remain to be answered.
Slides in PDF format for a seminar on how to impersonate other users on at Ethernet. This is presenting the work in Chapter 4 of my thesis albeit with some more material to cover what I have learnt since that was submitted and examined.
Slides and Notes in PDF format for a lecture given to Birmingham undergraduates in their "Communication Skills and Professional Issues Course". This is basically one of my Cambridge lectures recycled for a similar audience!
Slides in PDF format for my progress report to LINX on my spamHINTS project to examine sFlow traffic data on an Internet Exchange to pick out the patterns that are the senders of spam.
Slides in PDF format for my pitch to LINX on my proposal to examine sFlow traffic data on an Internet Exchange to pick out the patterns that are the senders of spam.
Slides in PDF format for my talk to the Government-Industry Forum (once called the Government Industry Encryption Forum) reminding those present as to where RIP Part III came from, what is was supposed to do, and what the problems with it were going to be.
Slides in PDF format to accompany a talk I gave, along with Mike Bond at this symposium.
Slides in PDF format for my talk to accompany an academic paper on how by examining incoming server logs you can spot the traffic that one ISP customer is sending to another. This turns out to be an effective method of detected customers who are infected by viruses or who are, generally inadvertently, sending email spam.
Slides in PDF format for my talk to the Berkman Center people, who are part of the OpenNet Initiative, on the issues raised by my academic paper on the BT "CleanFeed" content blocking system.
Slides in PDF format for my talk to accompany an academic paper that introduces a model for the blocking of incoming email from ISPs (and entire ASs).
Slides in PDF format for my talk to accompany an academic paper on the BT "CleanFeed" content blocking system.
Slides in PDF format for my contribution to the panel on "Revocable Anonymity".
Slides in PDF format for my talk to accompany an academic paper on the parlous state of authentication protocols in the banking sector.
Slides in PDF format for my talk in UCL's seminar series. I covered the failure of universal proof-of-work systems to deliver, the success of ISP log processing (extrusion detection) and tacked on some remarks about tackling phishing.
Slides in PDF format for my panel presentation on economics as a way of looking at computer security problems.
Slides in PDF format for my panel presentation on phishing. The little essay on this topic from the proceedings should be read to more fully understand my viewpoint.
Slides in PDF format to accompany academic paper on a system for processing "smarthost" email logs to determine which of an ISP's customers are, probably inadvertently, sending spam.
Slides in PDF format to accompany my contribution to a panel on whether payment systems (of various kinds) for email would help to prevent spam. I conclude not.
Slides in PDF format to accompany yet another version of this talk relating to my academic paper on how a simple-minded anti-spam scheme using "Proof-of-Work" (also known as "Client-Puzzles" or "HashCash") will not work.
Slides in PDF format to accompany another talk relating to my academic paper on how a simple-minded anti-spam scheme using "Proof-of-Work" (also known as "Client-Puzzles" or "HashCash") will not work. Unlike the WEIS04 talk, these slides do not have the "power of ten" error that Ted Wobber spotted in the paper!
Slides in PDF format to accompany an academic paper on how a simple-minded anti-spam scheme using "Proof-of-Work" (also known as "Client-Puzzles" or "HashCash") will not work.
Slides in PDF format to accompany a reprise of my talk about my DES cracker work.
Slides in PDF format to accompany a talk about the story of Locomotive Software and the development of the Amstrad CPC464 way back in 1983-1984.
Slides in PDF format to accompany a talk in the Security Group seminar series.
Slides in PDF format to accompany a brief talk at the start of a panel discussion.
Slides in PDF format to accompany a talk to an audience of ISPs, SPOCs (collective noun, "an enterprise of SPOCs"), and police officers. Having heard the other talks, I would now modify my remarks about jurisdictions to suggest that you avoided the US!
Slides in PDF format to accompany a talk to this BCS monthly meeting.
Slides in PDF format to accompany a panel talk at this symposium.
Slides in PDF format to accompany a talk given at this IPC conference. Since I haven't purchased the rights to use this cartoon on the web, you'd have to have attended the talk to see it (for which I had purchased the rights -- so as to make some general points about how merchants address identity!)
Slides in PDF format to accompany a talk given at this open meeting on the UK Government's consultation on data access and data retention. NB: I Am Not A Policeman, so my view of investigations is second-hand. The figures used come from statistics gathered by the Home Office.
Slides in PDF format to accompany a talk given at an SCL London Group Meeting on "Retaining and Accessing Data: A Conflict of Interests?". The other speakers were Home Office officials who described the two current HO consultations in this area.
Slides and notes in PDF format to accompany brief talk at the start of a panel discussion.
Slides in PDF format to accompany academic paper.
Slides in PDF format.
Slides in PDF format.
Slides in PDF format.
Slides and notes in PDF format.
Slides in PDF format.
Slides in PDF format.
Slides in PDF format.
Slides in PDF format to accompany academic paper.
Slides in PDF format to accompany this talk to ISPs and lawyers.
Slides in PDF format to accompany a talk to this workshop on the 'interception of computer crime'.
Slides in PDF format to accompany a talk to this conference, discussing the relevance of the RIP act to journalists.
Slides in PDF format.
Slides in PDF format to accompany a talk to ISPs and lawyers.
Slides in PDF format to accompany this talk to ISPs and lawyers.
Slides in PDF format to accompany a talk on the industry attitude to the RIP Act.
Slides in PDF format to accompany a talk on unsolicited bulk email. Notable perhaps, in retrospect, for some of the statistics quoted!