Richard Clayton

Learn More
The so-called “Great Firewall of China” operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST flag set) are sent to both endpoints of the connection, which then close. However, because the original packets are passed through the firewall unscathed, if the endpoints(More)
Banks and other organisations deal with fraudulent phishing websites by pressing hosting service providers to remove the sites from the Internet. Until they are removed, the fraudsters learn the passwords, personal identification numbers (PINs) and other personal details of the users who are fooled into visiting them. We analyse empirical data on phishing(More)
The present study takes a developmental approach to subgrouping and examines the trajectories of substance use from early adolescence through young adulthood among a community sample of 481 individuals. The patterns of use were examined, subgroups were identified separately for men and women and for alcohol and marijuana, and psychosocial predictors and(More)
We examine the structure and outcomes of user participation in PhishTank, a phishing-report collator. Anyone who wishes may submit URLs of suspected phishing websites, and may vote on the accuracy of other submissions. We find that PhishTank is dominated by the most active users, and that participation follows a power-law distribution, and that this makes(More)
This chapter documents what we believe to be the first systematic study of the costs of cybercrime. The initial workshop paper was prepared in response to a request from the UK Ministry of Defence following scepticism that previous studies had hyped the problem. For each of the main categories of cybercrime we set out what is and is not known of the direct(More)
End users are often unaware that their systems have been compromised and are being used to send bulk unsolicited email (spam). We show how automated processing of the email logs recorded on the “smarthost” provided by an ISP for their customer’s outgoing email can be used to detect this spam. The variability and obfuscation being employed by the spammers to(More)
Peer discovery and route set-up are an integral part of the processes by which anonymizing peer-to-peer systems are made secure. When systems are large, and individual nodes only gain random knowledge of part of the network, their traffic can be detected by the uniqueness of the information they have learnt. We discuss this problem, which occurred in the(More)
Three main methods of content blocking are used on the Internet: blocking routes to particular IP addresses, blocking specific URLs in a proxy cache or firewall, and providing invalid data for DNS lookups. The mechanisms have different accuracy/cost trade-offs. This paper examines a hybrid, two-stage system that redirects traffic that might need to be(More)
primary objective is to provide critical reviews of research problem areas and techniques, the content of state-of-the-art conferences, intearative research reviews and significant oriainal research. Its dual publication emphasis is rapid and targeted dissemination to the scientific and professional community. FOREWORD The National Institute on Drug Abuse(More)