Computer Laboratory

Security Group


More recent publications will be added very shortly ...


  • Robert N. M. Watson, Peter G. Neumann, Simon W. Moore: Balancing Disruption and Deployability in the CHERI Instruction-Set Architecture (ISA), NEW SOLUTIONS FOR CYBERSECURITY, Shrobe H, Shrier D, Pentland A eds., MIT Press/Connection Science: Cambridge MA. (to appear)
  • Sergei Skorobogatov: How microprobing can attack encrypted memory. Euromicro Conference on Digital System Design, AHSA 2017, 30 August - 1 September 2017, Austria, IEEE Computer Society (to appear)
  • Ilias Marinos, Robert N. M. Watson, Mark Handley, Randal Ray Stewart: Disk|Crypt|Net: rethinking the stack for high performance video streaming. ACM SIGCOMM 2017 Conference (SIGCOMM'17). Los Angeles, CA, USA, August 21-25, 2017. (to appear)
  • Vincent F. Taylor, Alastair R. Beresford, Ivan Martinovic: There are Many Apps for That: Quantifying the Availability of Privacy-Preserving Apps. In the Proceedings of the Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), ACM, 2017 (to appear)
  • Martin Kleppmann, Alastair R. Beresford: A Conflict-Free Replicated JSON Datatype. In Transactions on Parallel and Distributed Systems (TPDS), IEEE, 2017 (to appear)
  • Kelly Widdicks, Oliver Bates, Mike Hazas, Adrian Friday, Alastair R. Beresford: Demand Around the Clock: Time Use and Data Demand of Mobile Devices in Everyday Life. In the Proceedings of the International Conference on Computer-Human Interaction (CHI), 2017. ACM (to appear)
  • Franck Courbon: An Application of Partial Hardware Reverse Engineering for the Detection of Hardware Trojan. In: Bossuet L., Torres L. (eds) Foundations of Hardware IP Protection, pp 125-148, Springer 2017
  • A. Hutchings, R. Clayton: Configuring Zeus: A case study of online crime target selection and knowledge transmission. Arizona: eCrime
  • A. Hutchings, Y. T. Chua: Gendering cybercrime. In T. J. Holt (ed), Cybercrime through an Interdisciplinary Lens, pp 167-188, Oxon: Routledge, 2017
  • L. Simon: Erasing Secrets from RAM. In the Real World Cryptography Conference (RWC), 2017
  • Eireann Leverett, Richard Clayton, Ross Anderson: Standardisation and Certification of the 'Internet of Things. Workshop on the Economics of Information Security 2017
  • Khaled Baqer, Ross Anderson, Jeunese Adrienne Payne, Lorna Mutegi, Joseph Sevilla: DigiTally: Piloting Offline Payments for Phones, 13th Symposium on Usable Privacy & Security (SOUPS 2017)
  • Graeme Jenkinson, Lucian Carata, Thomas Bytheway, Ripduman Sohan, Robert N. M. Watson, Jonathan Anderson, Brian Kidney, Amanda Strnad, Arun Thomas, George Neville-Neil: Applying Provenance in APT Monitoring and Analysis: Practical Challenges for Scalable, Efficient and Trustworthy Distributed Provenance. Proceedings of the 9th International Workshop on Theory and Practice of Provenance (TAPP'17). Seattle, Washington, June 2017
  • David Chisnall, Brooks Davis, Khilan Gudka, David Brazdil, Alexandre Joannouand Jonathan Woodruff, A. Theodore Markettos, J. Edward Maste, Robert Norton, Stacey Son, Michael Roe, Simon W. Moore, Peter G. Neumann, Ben Laurie, Robert N. M. Watson: CHERI JNI: Sinking the Java security model into the C. Proceedings of the 22nd ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2017). Xi'an, China, 8-12 April, 2017
  • Robert N. M. Watson, Peter G. Neumann, Jonathan Woodruff, Michael Roe, Jonathan Anderson, John Baldwin, David Chisnall, Brooks Davis, Alexandre Joannou, Ben Laurie, Simon W. Moore, Steven J. Murdoch, Robert Norton, Stacey Son, Hongyan Xia: Capability Hardware Enhanced RISC Instructions: CHERI Instruction-Set Architecture (Version 6). Technical Report UCAM-CL-TR-907, Computer Laboratory, April 2017
  • Ross Anderson, Khaled Baqer: Reconciling Multiple Objectives - Politics or Markets? Security Protocols 2017
  • Stephan A. Kollmann, Alastair R. Beresford: The Cost of Push Notifications for Smartphones using Tor Hidden Services. Proceedings of the Workshop on Innovations in Mobile Privacy and Security (IMPS), IEEE, 2017
  • Daniel R. Thomas, Richard Clayton, Alastair R. Beresford: 1000 days of UDP amplification DDoS attacks. 2017 APWG Symposium on Electronic Crime Research (eCrime)
  • A. Hutchings, T. J. Holt: The online stolen data market: Disruption and intervention approaches. Global Crime, 18(1), pp 11-30





















  • Ross J. Anderson, Markus G. Kuhn: Low Cost Attacks on Tamper Resistant Devices, in M. Lomas et al. (ed.): Security Protocols, 5th International Workshop, Paris, France, April 7-9, 1997, Proceedings, LNCS 1361, Springer-Verlag, pp. 125-136, ISBN 3-540-64040-1.


  • Ross J. Anderson, Markus G. Kuhn: Tamper Resistance — a Cautionary Note, The Second USENIX Workshop on Electronic Commerce Proceedings, Oakland, California, November 18-21, 1996, pp. 1-11, ISBN 1-880446-83-9.

[Older publications will be added in due course.]