University of Cambridge > Computer Laboratory > Stephen Lewis

About me

I am a Ph.D. student in the Security Group in the Computer Laboratory. My supervisor is Ross Anderson. The topic of my thesis is the economics of information security, and my current research interests include game-theoretic modelling of attacker behaviour, and effort metrics for reverse engineering and vulnerability discovery. I expect to submit my dissertation in July 2006.

L Jean Camp and I edited a volume of selected papers from the First and Second Workshops on the Economics of Information Security.

I'm also one of the organizers of the Security Group's seminar series: more details are available on the seminar pages.

Contact details

The best way to contact me is via email: Stephen.Lewis@cl.cam.ac.uk. My lab telephone number is +44 (1223) 763 678.

Publications

• Embedding Covert Channels into TCP/IP

  Steven J. Murdoch, Stephen Lewis

  It is commonly believed that steganography within TCP/IP is easily achieved by embedding data in header fields seemingly filled with “random data”, such as the IP identifier, TCP initial sequence number or the least significant bit of the TCP timestamp. We show that this is not the case; these fields naturally exhibit sufficient structure and non-uniformity to be efficiently and reliably differentiated from unmodified ciphertext. Previous work on TCP/IP steganography does not take this into account and, by examining TCP/IP specifications and open source implementations, we have developed tests to detect the use of naïve embedding. Finally, we describe reversible transforms that map block cipher output into TCP ISNs, indistinguishable from those generated by Linux and OpenBSD. The techniques used can be extended to other operating systems. A message can thus be hidden in such a way that an attacker cannot demonstrate its existence without knowledge of a secret key.

  7th Information Hiding Workshop, Universitat Oberta de Catalunya, 6 – 8 June 2005. [ paper (PDF 208K) ]

• How much is location privacy worth?

  George Danezis, Stephen Lewis, Ross Anderson

  We use techniques from experimental economics and psychology to determine how much compensation must be offered to persuade someone to allow precise information about their location to be collected. We pretend that we are running a study that needs volunteers to have their location monitored (via their mobile phone) over a period of one month. Volunteers apply by specifying the amount of compensation which they would require to participate in the experiment. The experimental subjects are led to believe that we will run a sealed-bid second-price auction on these values, and thus we obtain an estimate of the value that users attach to their location data being used by third parties.

  Fourth Workshop on the Economics of Information Security, Harvard University, 2 – 3 June 2005. [ paper (PDF 152K) ]

• Sufficiently secure peer-to-peer networks

  Rupert Gatti, Stephen Lewis, Andy Ozment, Thierry Rayna, Andrei Serjantov

  Threat models in computer security often consider a very powerful adversary. A more useful model may be to consider conflict in which both sides have economic considerations that limit the resources they are willing to devote to the conflict. This paper examines censorship resistance in a peer-to-peer network. A simple game theoretic model is examined and then elaborated to include multiple publishers, non-linear cost functions, and non-trivial search heuristics. In each elaboration, we examine the equilibrium behaviour of the censor and the publisher.

  Third Workshop on the Economics of Information Security, University of Minnesota, 13 – 14 May 2004. [ paper (PDF 160K) ]

• Puzzles in P2P systems

  Andrei Serjantov, Stephen Lewis

  In this paper we consider using client puzzles to provide incentives for users in a peer-to-peer system to behave in a uniform way. The techniques developed can be used to encourage users of a system to share content (combating the free riding problem) or perform community tasks.

  8th Cabernet Radicals Workshop, Corsica, 5 – 8 October 2003. [ paper (PDF 132K) ]

• How much is stronger DRM worth?

  Stephen Lewis

  Second Workshop on the Economics of Information Security, University of Maryland, 29 – 30 May 2003.