Learn More
The so-called " Great Firewall of China " operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST flag set) are sent to both endpoints of the connection, which then close. However, because the original packets are passed through the firewall unscathed, if the endpoints(More)
Banks and other organisations deal with fraudulent phishing websites by pressing hosting service providers to remove the sites from the Internet. Until they are removed, the fraudsters learn the passwords, personal identification numbers (PINs) and other personal details of the users who are fooled into visiting them. We analyse empirical data on phishing(More)
A frequently proposed method of reducing unsolicited bulk email (" spam ") is for senders to pay for each email they send. Proof-of-work schemes avoid charging real money by requiring senders to demonstrate that they have expended processing time in solving a cryptographic puzzle. We attempt to determine how difficult that puzzle should be so as to be(More)
This chapter documents what we believe to be the first systematic study of the costs of cybercrime. The initial workshop paper was prepared in response to a request from the UK Ministry of Defence following scepticism that previous studies had hyped the problem. For each of the main categories of cybercrime we set out what is and is not known of the direct(More)
Banks and other organisations deal with fraudulent phishing websites by pressing the hosting service providers to remove the sites from the Internet. Until they are removed, the fraudsters will learn the passwords, personal identification numbers (PINs) and other personal details of the users who are fooled into visiting them. We analyse empirical data on(More)
In September 2007, we were awarded a contract by the European Network and Information Security Agency (ENISA) to investigate failures in the market for secure electronic communications within the European Union, and come up with policy recommendations. In the process, we spoke to a large number of stakeholders, and held a consultative meeting in December(More)
—A key way in which banks mitigate the effects of phishing is to have fraudulent websites removed or abusive domain names suspended. This 'take-down' is often subcontracted to specialist companies. We analyse six months of 'feeds' of phishing website URLs from multiple sources, including two such companies. We demonstrate that in each case huge numbers of(More)
This paper is concerned with the units of knowledge used in understanding programs. A pilot study was conducted wherein a short, but complex, program was examined looking for " knowledge atoms, " the units from which program understanding is built. The resulting atoms were categorized along three orthogonal axes of knowledge type, design decision used, and(More)