Richard Clayton


A photo of me

How you can contact me:

Richard Clayton
University of Cambridge
Computer Laboratory, GE21
William Gates Building,
JJ Thomson Avenue,
Cambridge CB3 0FD
United Kingdom
Phone:  +44 1223 7-63570
Mobile: +44 7887 794090
Email:  <Richard.Clayton AT>
        <rnc1 AT>
        <richard AT>

If you want to know where I thought I was going to be today then look at my calendar here; and please pay attention to timezones if I am not in the UK!

What I study

I am a security researcher in the Computer Laboratory of the University of Cambridge and the Director of the Cambridge Cloud Cybercrime Center.

I work in the field of "security economics". When there is security failure (or the occasional success!) a technical investigation will tell you what failed and how it did so -- but looking at the economic forces in play will often tell you why it was built that way and why it was allowed to fail.

I mainly study ecrime; I've done a lot of work on phishing with my long-term collaborator Tyler Moore. But I am also very interested in many other types of online crime and in developing innovative ways of detecting and mitigating email spam. I'm very keen on measuring things, because I find that many insights come directly from trying to understand why the figures change over time, or why we measure different values from apparently similar subgroups.

My PhD was on "traceability" -- whether or not we can tell "who did that?" and I maintain a keen interest in this topic, along with the related field of anonymity and the not quite so related field of traffic blocking.

I teach a handful of lectures each year: the notes for the various undergraduate (Part 1B & II) lectures I've given can be found here. Ancient Part II project proposals are here. I'm usually also prepared to consider supervising other projects in the security or cryptanalysis milieu.

I've given a great many talks about my work which I list here along with the slides (and sometimes notes and occasionally videos). I have also started to collate the various media articles that refer to me and my work.

I keep a formal list of my academic publications in date order; for a topic oriented list (which is usually much more useful) see below.

NB: I often write about what I've been doing on the Security Group "blog" It's well worth a visit.


Phishing is the theft of credentials from people who incorrecly believe that they are using those credentials to access a legitimate service.

High Yield Investment Programs (HYIPs)

HYIPs are online ponzi schemes (so they count as fraud in pretty much every jurisdiction). Unlike many other forms of online criminality they operate in plain sight -- so they can be measured and tracked somewhat more easily than other scams.

Security Economics

These papers show how security economics can be applied to a wide range of issues.

Email spam

Email spam remains a scourge -- but most people see less of it than they used to because the filters are now so good. I used to do a lot of work on practical methods to detect spam, these days I mainly look at spam data with a view to better understanding the ecrime that it facilitates.


Traceability is all about knowing "who did that?" on the Internet. It's often more interesting to look at where traceability fails, and why.


I'm very interested in the systems that are deployed in the vain hope of blocking access to Internet content.


Anonymity is the flipside of traceability -- and much of my work in this area has been about how these systems break in the real world. Doing things randomly may make you easier to find than you expected!

Brute force

Brute force ("proof-of-work") isn't much use in dealing with email spam (the bad guys have more computers than we do). However, it can be useful in breaking (pretty weak) cryptographic keys and I've done some work, long ago on that. I've an ancient bibliography and list of brute force results and a lot of detailed material about our DES cracker.

Policy etc.

I have acted a specialist adviser to committees of the House of Commons and House of Lords on various inquiries:

I have acted a specialist adviser to the All Party Internet Group (APIG), latterly the All Party Parliamentary Communications Group (apComms) in various inquiries that they have held:

I've written a assortment of submissions to consultations, think pieces and so on. some of which get quoted from time to time:

PGP Keys

If you wish to write to me then I welcome PGP encrypted email. If I write to you then I usually sign what I send and, if I know your key, will encrypt it as well (please say if this annoys!). You can find my keys (and an explanation of how they all interact) here.

last modified 29 DEC 2015 --