S
Steven J. Murdoch
Researcher at University College London
Publications - 97
Citations - 4121
Steven J. Murdoch is an academic researcher from University College London. The author has contributed to research in topics: Anonymity & Smart card. The author has an hindex of 27, co-authored 92 publications receiving 3801 citations. Previous affiliations of Steven J. Murdoch include University of Cambridge & Microsoft.
Papers
More filters
Proceedings ArticleDOI
Low-cost traffic analysis of Tor
Steven J. Murdoch,George Danezis +1 more
TL;DR: New traffic-analysis techniques are presented that allow adversaries with only a partial view of the network to infer which nodes are being used to relay the anonymous streams and therefore greatly reduce the anonymity provided by Tor, and it is shown that otherwise unrelated streams can be linked back to the same initiator.
Book ChapterDOI
Embedding covert channels into TCP/IP
Steven J. Murdoch,Stephen Lewis +1 more
TL;DR: By examining TCP/IP specifications and open source implementations, tests to detect the use of naive embedding are developed and reversible transforms that map block cipher output onto TCP ISNs are described, indistinguishable from those generated by Linux and OpenBSD.
Proceedings ArticleDOI
Hot or not: Revealing hidden services by their clock skew
TL;DR: This work suggests the same technique could be exploited as a classical covert channel and can even provide geolocation, because existing abstract models of anonymity-network nodes do not take into account the inevitable imperfections of the hardware they run on.
Proceedings Article
Keep your enemies close: distance bounding against smartcard relay attacks
Saar Drimer,Steven J. Murdoch +1 more
TL;DR: A new defence based on a distance bounding protocol is described and implemented, which requires only modest alterations to current hardware and software and could provide cost-effective resistance to relay attacks, which are a genuine threat to deployed applications.
Proceedings ArticleDOI
Chip and PIN is Broken
TL;DR: This paper describes and demonstrates a protocol flaw which allows criminals to use a genuine card to make a payment without knowing the card’s PIN, and to remain undetected even when the merchant has an online connection to the banking network.