Dr Tom Chothia

Dr Tom Chothia

School of Computer Science
Senior Lecturer in Cyber Security

Contact details

Address
School of Computer Science
University of Birmingham
Edgbaston
Birmingham
B15 2TT
UK

Dr Tom Chothia is a Senior Lecturer in Cyber Security for the School of Computer Science at the University of Birmingham. His research involves the development of new mathematical analysis, and the application of these techniques to cyber security problems.

For more information, please see Tom's homepage.

Publications

Recent publications

Chapter

Chothia, T, Novakovic, C, Radu, AI & Thomas, RJ 2019, Choose Your Pwn Adventure: Adding Competition and Storytelling to an Introductory Cybersecurity Course. in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11345 LNCS, Springer Verlag, pp. 141-172. https://doi.org/10.1007/978-3-662-59351-6_12

Chothia, T, Holdcroft, S, Radu, A & Thomas, R 2017, Jail, Hero or Drug Lord? Turning a Cyber Security Course Into an 11 Week Choose Your Own Adventure Story. in 2017 USENIX Workshop on Advances in Security Education (ASE 17). USENIX Association, Vancouver, BC.

Conference contribution

Ge, Q, Yarom, Y, Chothia, T & Heiser, G 2019, Time protection: the missing OS abstraction. in Proceedings of the Fourteenth EuroSys Conference 2019 (EuroSys '19)., 1, Association for Computing Machinery (ACM), pp. 1-17, 14th European Conference on Computer Systems (EuroSys 2019), Dresden, Germany, 25/03/19. https://doi.org/10.1145/3302424.3303976

Vasile, S, Oswald, D & Chothia, T 2019, Breaking all the things: a systematic survey of firmware extraction and modification techniques for IoT devices. in CARDIS 2018: Smart Card Research and Advanced Applications. Lecture Notes in Computer Science, Springer, pp. 171-185, 17th Smart Card Research and Advanced Application Conference, Montpellier, France, 12/11/18. https://doi.org/10.1007/978-3-030-15462-2_12

Chothia, T, Boureanu, I & Chen, L 2019, Short paper: making contactless EMV robust against rogue readers colluding with relay attackers. in Proceedings of the 23rd International Conference on Financial Cryptography and Data Security (FC'19). 23rd International Conference on Financial Cryptography and Data Security (FC'19), St. Kitts, Saint Kitts and Nevis, 18/02/19.

Chothia, T, De Ruiter, J & Smyth, B 2018, Modelling and analysis of a hierarchy of distance bounding attacks. in Usenix Security '18. USENIX Association, 27th USENIX Security Symposium, Baltimore, United States, 15/08/18.

Chothia, T, McMahon Stone, C & De Ruiter, J 2018, Extending Automated Protocol State Learning for the 802.11 4-Way Handshake. in J Lopez, J Zhou & M Soriano (eds), Computer Security: 23rd European Symposium on Research in Computer Security, ESORICS 2018, Barcelona, Spain, September 3-7, 2018, Proceedings, Part I. 1 edn, Lecture Notes in Computer Science, vol. 11098, Springer, pp. 325-345, 23rd European Symposium on Research in Computer Security, ESORICS 2018, Barcelona, Spain, 3/09/18. https://doi.org/10.1007/978-3-319-99073-6_16

Alruhaily, N, Chothia, T & Bordbar, B 2018, A better understanding of machine learning malware misclassifcation. in P Mori, S Furnell & O Camp (eds), Information Systems Security and Privacy - 3rd International Conference, ICISSP 2017, Revised Selected Papers. Communications in Computer and Information Science, vol. 867, Springer Verlag, pp. 35-58, 3rd International Conference on Information Systems Security and Privacy, ICISSP 2017, Porto, Portugal, 19/02/17. https://doi.org/10.1007/978-3-319-93354-2_3

Chothia, T, Garcia, F, Heppel, C & McMahon Stone, C 2017, Why banker Bob (still) can’t get TLS right: A Security Analysis of TLS in Leading UK Banking Apps. in A Kiayias (ed.), Financial Cryptography and Data Security: 21st International Conference, FC 2017, Sliema, Malta, April 3-7, 2017, Revised Selected Papers. Lecture Notes in Computer Science, vol. 10322, Springer, pp. 579-597, 21st International Conference on Financial Cryptography and Data Security (FC 2017), Sliema, Malta, 3/04/17. https://doi.org/10.1007/978-3-319-70972-7_33

McMahon Stone, C, Chothia, T & Garcia, FD 2017, Spinner: Semi-Automatic Detection of Pinning without Hostname Verification (or why 10M bank users were vulnerable). in Proceedings of 33rd Annual Computer Security Applications Conference (ACSAC 2017). Association for Computing Machinery , pp. 176-188, 33rd Annual Computer Security Applications Conference (ACSAC 2017), Orlando, Florida, United States, 4/12/17. https://doi.org/10.1145/3134600.3134628

Thomas, R, Ordean, M, Chothia, T & De Ruiter, J 2017, TRAKS: A Universal Key Management Scheme for ERTMS. in ACSAC 2017 Proceedings of the 33rd Annual Computer Security Applications Conference. Association for Computing Machinery (ACM), pp. 327-338, 33rd Annual Computer Security Applications Conference (ACSAC 2017), Orlando, Florida, United States, 4/12/17. https://doi.org/10.1145/3134600.3134631

Gazeau, I, Chothia, T & Duggan, D 2017, Types for Location and Data Security in Cloud Environments. in 2017 IEEE 30th Computer Security Foundations Symposium (CSF). IEEE Computer Society Press, 30th IEEE Computer Security Foundations Symposium, Santa Barbara, United States, 21/08/17. https://doi.org/10.1109/CSF.2017.25

Thomas, SL, Chothia, T & Garcia, FD 2017, Stringer: measuring the importance of static data comparisons to detect backdoors and undocumented functionality. in SN Foley, D Gollmann & E Snekkenes (eds), Computer Security - ESORICS 2017: 22nd European Symposium on Research in Computer Security, Oslo, Norway, September 11-15, 2017, Proceedings, Part II. Lecture Notes in Computer Science, Springer, pp. 513-531, 22nd European Symposium on Research in Computer Security (ESORICS 2017), Oslo, Norway, 11/09/17. https://doi.org/10.1007/978-3-319-66399-9_28

Chothia, T, Ordean, M, De Ruiter, J & Thomas, RJ 2017, An attack against message authentication in the ERTMS train to trackside communication protocols. in Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security. Association for Computing Machinery , New York, NY, USA, pp. 743-756, AsiaCCS, Abu Dhabi, United Arab Emirates, 2/04/17. https://doi.org/10.1145/3052973.3053027

Alruhaily, N, Bordbar, B & Chothia, T 2017, Towards an understanding of the misclassification rates of machine learning-based malware detection systems. in P Mori , S Furnell & O Camp (eds), ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy. vol. 2017-January, SciTePress, pp. 101-112, 3rd International Conference on Information Systems Security and Privacy, ICISSP 2017, Porto, Portugal, 19/02/17. https://doi.org/10.5220/0006174301010112

View all publications in research portal