Professor Steven J. Murdoch

Recent publications

For more details see my full list of publications or my Google Scholar page. I also write articles on information security for the UCL Information Security Group blog – Bentham’s Gaze.

• Are we collaborative yet? A Usability Perspective on Mixnet Latency for Real-Time Applications
  Killian Davitt, Dan Ristea, Steven J. Murdoch
  Mixnet networks deliberately induce additional latency to communications to provide anonymity. Recent developments have allowed mixnets to reduce their latency from hours to seconds while maintaining the same level of anonymity. As a result, real-time communications are now possible on mixnets. There has been limited research on how users tolerate different levels of delay, and it is unclear what latency levels mixnet operators should choose. Previous studies about latency do not apply to these `mid-latency' mixnet scenarios. Our paper contributes the first measurement of users' tolerance to real-time applications under mixnet delay. We design a text-based collaborative quiz system to test user response to latency where participants complete a set of question tasks in collaboration with a simulated second user. Different levels of latency are added, analogous to a modern mixnet system. We show that average delay parameters of 1s and 4s maintain usability, a mean delay of 7s shows some difficulty and a mean delay of 10s is detrimental to user experience.Using these delay parameters, mixnet operators can ensure that most types of real-time communication applications are usable. Mixnets thus can balance usability and anonymity without compromising either.
  Proceedings on Privacy Enhancing Technologies, Volume 2026, Number 1, pages 567–582, 2026. (Journal of the 26th Privacy Enhancing Technologies Symposium, Calgary, Canada). [ paper | DOI 10.56553/popets-2026-0029 ]
• Starlit: Privacy-Preserving Federated Learning to Enhance Financial Fraud Detection
  Aydin Abadi, Mohammad Naseri, Bradley Doyle, Francesco Gini, Kieron Guinamard, Sasi Kumar Murakonda, Jack Liddell, Paul Mellor, Steven J. Murdoch, Hector Page, George Theodorakopoulos, Suzanne Weller
  Federated Learning (FL) is a data-minimization approach enabling collaborative model training across diverse clients with local data, avoiding direct data exchange. However, state-of-the-art FL solutions to identify fraudulent financial transactions exhibit a subset of the following limitations. They (1) lack a formal security definition and proof, (2) assume prior freezing of suspicious customers' accounts by financial institutions (limiting the solutions' adoption), (3) scale poorly, involving either O(n2) computationally expensive modular exponentiation (where n is the total number of financial institutions) or highly inefficient fully homomorphic encryption, (4) assume the parties have already completed the entity alignment phase, hence excluding it from the implementation, performance evaluation, and security analysis, and (5) struggle to resist clients' dropouts. This work introduces Starlit, a novel scalable privacy-preserving FL mechanism that overcomes these limitations. It has various applications, such as enhancing financial fraud detection, mitigating terrorism, and enhancing digital health. We implemented Starlit and conducted a thorough performance analysis using synthetic data from a key player in global financial transactions. The evaluation indicates Starlit's scalability, efficiency, and accuracy.
  IEEE International Conference on Federated Learning Technologies and Applications (FLTA), Dubrovnik, Croatia, 14–17 October 2025. Awarded joint first prize in the UK-US Privacy Enhancing Technologies (PETs) Prize Challenge. [ paper | DOI 10.1109/FLTA67013.2025.11336591 ]
• HTTPS-Only Modes: Improving warnings in Tor Browser and beyond
  Killian Davitt, Steven J. Murdoch
  HTTPS-Only modes are new browser security features that present users with a warning page before proceeding to non-HTTPS websites. Despite these modes being available in most major browsers, little to no work has been done researching what these modes should be aiming to do, or how users react to these warnings. SSL Stripping attacks, which these modes mitigate are common in the Tor network. As a result, we studied these warnings in the context of Tor Browser. We deployed a survey of Tor experts and gathered their thoughts on these browser modes in general, as well as gaining specific feedback on 3 current warning pages. We report a number of potential improvements to HTTPS-Only mode warning pages. Future warning pages should mention specific types of attack that could occur. Warnings should also include discussion about the integrity of web content, not just confidentiality. The context of the website being visited is also not mentioned by current warning pages. Participants also highlighted that the warning as it appears in Tor Browser should feature some Tor specific advice. Finally, prompted by some participant responses, we engage in a discussion about whether the warnings should aim to deter non-HTTPS connections fully, or seek to empower users to make a determination themselves.
  European Symposium on Usable Security (EuroUSEC), Manchester, United Kingdom, 10–11 September 2025. [ paper | DOI 10.1109/EuroUSEC69254.2025.00025 ]

Recent talks

For more detail see my full list of talks

• Re-designing computer systems for reliable electronic evidence
  Steven J. Murdoch
  Computer systems are increasingly relied upon for a wide range of important tasks, but much of the research on reliability has been restricted to the control systems for safety-critical hardware. For other systems, efforts to assess their effectiveness has been more ad-hoc and of questionable validity, even those relied upon to produce legally admissible evidence. From breathalyzers and forensic software to the infamous Post Office Horizon system, computer bugs can make the difference between someone being imprisoned and going free. This talk will discuss some examples of computer evidence failures risking causing miscarriages of justice, and what can be done to mitigate such risks in the future. In particular, it will motivate the idea that computer systems relied upon for computer evidence should be built with rigorous engineering techniques, but that these techniques are distinct from what are needed for safety-critical systems. When combined with appropriate treatment by the legal system, we can help avoid future miscarriages of justice.
  Invited talk at CANS Workshop on Mobile Systems Security and Privacy, 27 September 2024. [ slides ]
• Electronic Evidence
  Steven J. Murdoch
  Computer-generated evidence is playing an increasing role in legal disputes. This talk discusses the potential impact of computer bugs on the reliability of electronic evidence, and what documentation may be available to assess to what extent it is appropriate to depend on such evidence.
  Royal Society Science and the Law Seminar Series, 13 December 2023. [ slides | video (re-recording) | transcript ]
• Post Office Horizon Scandal
  Steven J. Murdoch
  Computer bugs were found to be the reason many sub-postmasters and sub-postmistresses were wrongly convicted of stealing and false accounting. Professor Steven Murdoch, a professor of Security Engineering and a Royal Society University Research Fellow at UCL explains the sorts of faults that were found.
  Computerphile, 09 July 2021. [ video | video (extra bits) ]

Professional activities

Research supervision

Killian Davitt (PhD student, 2018–): understanding, measuring and improving the security of collaboration tools.

Alexander Hicks (PhD student, 2017–): privacy preserving continuous authentication.

Andreas Gutmann (PhD student, 2016–2020): privacy-preserving transaction authentication for mobile devices.

Shehar Bano (Research Assistant & PhD student, 2013–2016): measurement of censorship and censorship resistance systems.

Kumar Sharad (PhD student, 2012–2016): security in social networks – anonymisation and fraud prevention.

Program chair

14th Privacy Enhancing Technologies Symposium, 16–18 July, 2014, Amsterdam, Netherlands.

15th Privacy Enhancing Technologies Symposium, 30 June–2 July 2015, Philadelphia, PA, USA.

General chair

Financial Cryptography and Data Security 2011, 15th International Conference, 28 February–4 March 2011, St. Lucia.

Programme committee membership

• IEEE European Symposium on Security and Privacy 2019
• IFIP Summer School 2016, 2017, 2018
• Financial Cryptography and Data Security (FC): 2010, 2016, 2018
• Privacy Enhancing Technologies Symposium (PETS): 2007, 2008, 2009, 2011, 2017, 2018
• Network and Distributed System Security Symposium (NDSS): 2017
• ACM Conference on Computer and Communications Security (CCS): 2007, 2008, 2010, 2011, 2016
• Annual Privacy Forum 2014
• Free and Open Communications on the Internet (FOCI) 2013
• USENIX Security 2012
• European Symposium on Research in Computer Security (ESORICS) 2011
• Workshop on Foundations of Security and Privacy (FCS-PrivMod): 2010
• Workshop on Privacy in the Electronic Society (WPES): 2006, 2007, 2009
• FIDIS/IFIP Internet Security & Privacy Summer School: 2008
• ACM Symposium on Applied Computing (Computer Security track): 2007

Journal reviewing

Includes Proceedings on Privacy Enhancing Technologies (2017, 2018, 2019), ACM Transactions on Internet Technology (TOIT) (2017), International Journal of Computer Security (2016), IEEE Transactions on Dependable and Secure Computing (2009), ACM Transactions on Information and System Security (2008), IEEE Transactions on Software Engineering (2008), IEEE/ACM Transactions on Networking (2007), IEEE Security & Privacy (2007), The Triple Helix (2008), Identity in the Information Society (2008).

Contact Details

email (preferred):

s.murdoch at ucl.ac.uk

post:

Professor Steven J. Murdoch
Computer Science Department
University College London
Gower Street
London
WC1E 6BT
United Kingdom

phone:

+44 20 3108 1629 (internal x51629)

mobile and Signal:

+44 7866 807 628