Computer Laboratory

Kieron Ivy Turk

About me

I am a PhD student at the Department of Computer Science and Technology at the University of Cambridge studying interactions between technology and domestic abuse. This follows 2 main paths: making it safer for victim-survivors to access support, and creating/improving technical interventions for specific abuses of technology. I am supervised by Alice Hutchings, and part of the Cambridge Cybercrime Centre.

I completed my MEng and BA at the University of Cambridge. My MEng dissertation is Locked Into Stupidity: A Smart Lock Security Analysis - a vulnerability analysis of a pair of smart locks, resulting in 4 attacks on a Wifi-based lock and 8 attacks on a BLE lock. My BA project was Pinpoint: A Web Application Vulnerability Scanner which can detect XSS, command and code injection, path traversal, and Shellshock vulnerabilities in websites.

I'm non-binary (genderfluid) and use either name and they/she pronouns. Voice, appearance, and other gender-y things subject to change.

Publications and Conferences

C. Geeng, N. Chen, K.I. Turk, J. Hutson, D. McCoy, x "Say I'm in public...I don't want my nudes to pop up." User Threat Models for Using Vault Applications, Accepted for publication at SOUPS 2024.

P. Doerfler, K.I. Turk, C. Geeng, D. McCoy, J. Ackerman, M. Dragiewicz, "Privacy or Transparency? Negotiated Smartphone Access as a Signifier of Trust in Romantic Relationships" ArXiv Preprint, 2024. [Paper available here].

K.I. Turk, A. Hutchings, A. Beresford, "Stop Following Me! Evaluating the Effectiveness of Anti-Stalking Features of Personal Item Tracking Devices" ArXiv Preprint, 2023. [Paper available here].

K.I. Turk, A. Hutchings, A. Beresford, "Can’t Keep Them Away: The failures of anti-stalking protocols in personal item tracking devices" In: F. Stajano, V. Matyas, B. Christianson, J. Anderson (ed) Security Protocols XXVIII. Security Protocols 2023. Lecture Notes in Computer Science, vol 14186. Springer, Cham. [Paper available here] ; [Transcript of discussion available here].

K.I. Turk, A. Hutchings, "Click Here to Exit: An Evaluation of Quick Exit Buttons." In Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems (CHI ’23), April 23–28, 2023, Hamburg, Germany. ACM, New York, NY, USA, 15 pages. [Available here]

K. Turk, S. Pastrana, and B. Collier, "A tight scrape: methodological approaches to collecting research data on cybercrime communities in adversarial environments," in 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 428–437, 2020. [Available here]

Academic

PhD Student 2021-2024/5 at University of Cambridge

Intern with Damon McCoy from May 1st 2023 - July 21st 2023 at New York University.

MEng (Hons with Distinction, 2020-2021) + BA (1st with Hons, 2017-2020) Computer Science from University of Cambridge.

• [MEng Certificate] // [BA Certificate] // [Combined Transcript]
• [MEng Dissertation]: Locked into Stupidity: A Smartlock Security Analysis
• [BA Dissertation]: PinPoint: A Web Application Vulnerability Scanner

Supervisions

I'm open to supervising Part II/III/MPhil projects in 2024-2025*, and have some ideas here. I'm happy supervising anything I have expertise in: this includes tech-abuse, system security and hacking, or creating tools for detecting vulnerabilities. Feel free to email me any ideas you have or things from my list you want to work on!

* I expect to finish my PhD this calendar year and may not be around to fully supervise projects, but I am always happy to discuss ideas with students and can arrange for co-supervision with someone who is around the full year!

Societies etc.

I'm on the committee of the CU Cyber Security Society (Cybersoc) for 2021-present and have presented on Web Hacking, Intro to CTF, and physical security workshops.

I am president of the Wolfson Pole and Aerial Sports Society for 2022-2024 after being vice-president for 2021-2022.

I am Wolfson Student co-Bar Manager for 2024.

I managed the Security Seminar Series for seminars from January 2022 – April 23.

I manage the LGBTQ+@CL webpages from February 2022.

Hobbies etc.

I know too much about locks and lockpicking, and can pick about 12 different types of lock. I'm currently working on cracking the ATM safes in the security corridor for fun.

I play acoustic and electric guitar, bass, ukulele, mandolin, banjo and tenor banjo, and used to play piano/keyboard.

I speak Spanish (DELE B2) and some Russian (CEFR A2 ish).

I solve Rubik's cubes and similar puzzles pretty fast, and used to compete in speedcubing competitions.

I have two black belts (2nd dan Taekwondo, 1st dan Krav Maga), and sometimes train in these two styles as well as training with weapons like sais, tonfa, bo staff, and butterfly swords.