Work


Detecting Humanity - Brave Software

During a research internship at Brave Software in 2018 I worked on verifiable client side humanity detection tools. This work is a deployment of anomaly detection to identify client humanity through runtime behaviour. Humanity detection is an issue in software development, where automation tools have forced deployment of obtrusive countermeasures (e.g. CAPTCHA). The biggest concerns raised by this approach are privacy and verifiability, as the proof of humanity is on client side but must be verifiable by a third party (Brave) without exposing private user data. More info
Tags: Research, Work Created on: 09-08-2018

PhD - Information Security Group - Royal Holloway, University of London

I began a PhD with the Information Security Group (ISG) at Royal Holloway in September 2015 as part of the Cyber Security CDT. The CDT is set to take 4 years to complete during which I will be exposed to a wide variety of topics relating to the security of computing devices such as static and dynamic program analysis, cryptography, and network security. More info
Tags: Work Created on: 09-08-2018

A Solution To Compression Oracles on the Web - Cloudflare

Compression is often considered an essential tool when reducing the bandwidth usage of internet services. The impact that the use of such compression schemes can have on security, however, has often been overlooked. The recently detailed CRIME, BREACH, TIME and HEIST attacks on TLS have shown that if an attacker can make requests on behalf of a user then secret information can be extracted from encrypted messages using only the length of the response. Deciding whether an element of a web-page should be secret often depends on the content of the page, however there are some common elements of web-pages which should always remain secret such as Cross-Site Request Forgery (CSRF) tokens. Such tokens are used to ensure that malicious webpages cannot forge requests from a user by enforcing that any request must contain a secret token included in a previous response. More info
Tags: Research, Work Created on: 09-08-2018

Runnymede Explored - National Trust

Throughout 2013 and 2014 I was part of a small agile development team which was tasked with creating a program capable of giving historical information on walks through the Magna Carta site in preparation for the 800 year anniversary of its signing. More info
Tags: Work Created on: 09-08-2018

Graduate Software Developer - IG

IG is the world-leading provider of contracts for difference (CFDs) and financial spread betting, and the UK's largest forex provider.

I joined IG as a graduate developer in 2014. Over my first year there I will be working in several teams in the company, taking on a variety of different software development roles.

Working at IG has given me key experience in developing large complex systems, working as a member of an agile team, and working with dependencies in extremely complex system being contributed to by many different teams. It has also given me experience with frontend development and Javascript, an area of software engineering that I had not really explored. More info

Tags: Work Created on: 09-08-2018