Privacy-preserving Transaction Authentication for Mobile Devices (2016–)
Steven J. Murdoch (PI), Andreas Gutmann (PhD student)
With the rapid accumulation and processing of personal data by numerous organizations, it is of paramount importance to protect people from adverse uses of their data, while allowing them to enjoy the benefits the use of these data can possibly provide. This is the question of protecting citizens’ privacy, while enabling them to make informed decisions regarding their actions with privacy implications. In this project, part of the Privacy & Us Marie Sklodowska-Curie Innovative Training Network and based at VASCO, we will explore techniques for privacy-preserving authentication, then extend these to develop and evaluate innovative solutions for secure and usable authentication that respects user privacy.
This work is supported by the EU Horizon 2020 Marie Sklodowska-Curie Innovative Training Network [grant number project 675730].
Censorship resistance and anonymity (2013–)
Steven J. Murdoch (PI), Sheharbano Khattak (Research Assistant & PhD student)
A growing number of countries are using Internet censorship to control the flow of information available to their population. The technologies being used are also increasing in sophistication, as are tools for circumvention censorship. This project studies tools and techniques used to perform censorship, as well as censorship circumvention technologies, in terms of their effectiveness, security and performance.
- Adblocking and Counter-Blocking: A Slice of the Arms Race, USENIX Workshop on Free and Open Communications on the Internet (FOCI), August 2016
- Do You See What I See? Differential Treatment of Anonymous Users, Network and Distributed System Security Symposium, February 2016
- A Look at the Consequences of Internet Censorship Through an ISP Lens, ACM SIGCOMM conference on Internet measurement (IMC), November 2014
This work is supported by the Engineering and Physical Sciences Research Council [grant number EP/L003406/1].
Graph anonymisation and de-anonymisation (2012–2016)
Steven J. Murdoch (PI), Kumar Sharad (PhD student)
Graph data sets provide a valuable source of data, with examples including communication patterns, relationships on social networks, and genetic data. However sharing such data must be done with care because of its sensitivity and consequent legal and ethical implications for improper use. This project focuses on techniques to measure and quantify the effectiveness of graph anonymisation schemes, in terms of the level of protection they offer and the impact on data accuracy.
- Change of Guard: The Next Generation of Social Graph De-anonymization Attacks, Workshop on Artificial Intelligence and Security (AISec), October 2016.
- True Friends Let You Down: Benchmarking Social Graph Anonymization Schemes, Workshop on Artificial Intelligence and Security (AISec), October 2016.
- An Automated Social Graph De-anonymization Technique, Workshop on Privacy in the Electronic Society (WPES), November 2014.
This work was supported by the Engineering and Physical Sciences Research Council [grant number EP/J500665/1]; and Microsoft Research through its PhD Scholarship Programme.