Professor Tom Chothia

School of Computer Science
Professor of Cyber Security
Head of External Partnerships of Computer Science

Contact details

Address
School of Computer Science
University of Birmingham
Edgbaston
Birmingham
B15 2TT
UK

Tom Chothia is a Professor in Cyber Security for the School of Computer Science at the University of Birmingham. His research involves the development of new mathematical analysis, and the application of these techniques to cyber security problems.

For more information, please see Tom's homepage.

Publications

Recent publications

Chapter

Chothia, T, Novakovic, C, Radu, AI & Thomas, RJ 2019, Choose Your Pwn Adventure: Adding Competition and Storytelling to an Introductory Cybersecurity Course. in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11345 LNCS, Springer Verlag, pp. 141-172. https://doi.org/10.1007/978-3-662-59351-6_12

Conference contribution

Bowden, M, Chothia, T, Clee, A, Collins, S, Henes, J & Oswald, D 2024, Teaching Adversarial Thinking by Having Students Circumvent Exam Rules. in The 4th Annual Advances in Cyber Security Education: CSE-Connect . Springer Lecture Notes in Networks and Systems, The 4th Annual Advances in Cyber Security Education, Bristol, United Kingdom, 2/07/24.

Aldoseri, A, Chothia, T, Moreira-Sanchez, J & Oswald, D 2023, Symbolic Modelling of Remote Attestation Protocols for Device and App Integrity on Android. in J Liu, Y Xiang, S Nepal & G Tsudik (eds), ASIA CCS '23: Proceedings of the 2023 ACM on Asia Conference on Computer and Communications Security. Association for Computing Machinery (ACM), pp. 218–231, 18th ACM ASIA Conference on Computer and Communications Security , Melbourne, Victoria, Australia, 10/07/23. https://doi.org/10.1145/3579856.3582812

Thomas, RJ, Chothia, T & Ordean, M 2022, Cyber security in the rail sector - an integrated approach. in World Congress on Rail Research. World Congress on Railway Research 2022, Birmingham, United Kingdom, 6/06/22.

Radu, AI, Chothia, T, Newton, CJP, Boureanu, I & Chen, L 2022, Practical EMV relay protection. in Proceedings - 43rd IEEE Symposium on Security and Privacy, SP 2022., 9833642, Proceedings - IEEE Symposium on Security and Privacy, Institute of Electrical and Electronics Engineers (IEEE), pp. 1737-1756, 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, United States, 23/05/22. https://doi.org/10.1109/SP46214.2022.9833642

McMahon Stone, C, Thomas, SL, Vanhoef, M, Henderson, J, Bailluet, N & Chothia, T 2022, The Closer You Look, The More You Learn: A Grey-box Approach to Protocol State Machine Learning. in CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery , New York, pp. 2265-2278, 28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, United States, 7/11/22. https://doi.org/10.1145/3548606.3559365

Thomas, RJ, Gardiner, J, Chothia, T, Samanis, E, Perrett, J & Rashid, A 2020, Catch me if you can: an in-depth study of CVE discovery time and inconsistencies for managing risks in critical infrastructures. in CPSIOTSEC'20: Proceedings of the 2020 Joint Workshop on CPS&IoT Security and Privacy. Association for Computing Machinery (ACM), pp. 49-60, CPSIOTSec: The Joint Workshop on CPS & IoT Security and Privacy, 9/11/20. https://doi.org/10.1145/3411498.3419970

Thomas, RJ & Chothia, T 2020, Learning from Vulnerabilities - Categorising, Understanding and Detecting Weaknesses in Industrial Control Systems. in S Katsikas, F Cuppens, N Cuppens, C Lambrinoudakis, C Kalloniatis, J Mylopoulos, A Antón, S Gritzalis, W Meng & S Furnell (eds), Computer Security - ESORICS 2020 International Workshops, CyberICPS, SECPRE, and ADIoT, 2020, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12501 LNCS, Springer, pp. 100-116, 6th International Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2020, 2nd International Workshop on Security and Privacy Requirements Engineering, SECPRE 2020, and 3rd International Workshop on Attacks and Defenses for Internet-of-Things, ADIoT 2020, held in conjunction with 25th European Symposium on Research in Computer Security, ESORICS 2020, Guildford, United Kingdom, 14/09/20. https://doi.org/10.1007/978-3-030-64330-0_7

Singh, RR, Moreira-Sanchez, J, Chothia, T & Ryan, M 2020, Modelling of 802.11 4-Way Handshake Attacks and Analysis of Security Properties. in STM 2020: Security and Trust Management . Springer, pp. 3. https://doi.org/10.1007/978-3-030-59817-4_1

Boureanu, I, Chothia, T, Debant, A & Delaune, S 2020, Security Analysis and Implementation of Relay-Resistant Contactless Payments. in CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery (ACM), pp. 879-898, 27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020, Virtual, Online, United States, 9/11/20. https://doi.org/10.1145/3372297.3417235

Vasile, S, Oswald, D & Chothia, T 2019, Breaking all the things: a systematic survey of firmware extraction and modification techniques for IoT devices. in CARDIS 2018: Smart Card Research and Advanced Applications. Lecture Notes in Computer Science, Springer, pp. 171-185, 17th Smart Card Research and Advanced Application Conference, Montpellier, France, 12/11/18. https://doi.org/10.1007/978-3-030-15462-2_12

Chothia, T, Boureanu, I & Chen, L 2019, Short paper: making contactless EMV robust against rogue readers colluding with relay attackers. in Proceedings of the 23rd International Conference on Financial Cryptography and Data Security (FC'19). 23rd International Conference on Financial Cryptography and Data Security (FC'19), St. Kitts, Saint Kitts and Nevis, 18/02/19. <https://fc19.ifca.ai/program.html>

Chothia, T, Boureanu, I & Chen, L 2019, Short Paper: Making Contactless EMV Robust Against Rogue Readers Colluding with Relay Attackers. in I Goldberg & T Moore (eds), Financial Cryptography and Data Security: 23rd International Conference, FC 2019, Revised Selected Papers. Lecture Notes in Computer Science, vol. 11598, Springer, pp. 222-233, 23rd International Conference on Financial Cryptography and Data Security, FC 2019, St. Kitts, Saint Kitts and Nevis, 18/02/19. https://doi.org/10.1007/978-3-030-32101-7_14

Ge, Q, Yarom, Y, Chothia, T & Heiser, G 2019, Time protection: the missing OS abstraction. in EuroSys '19: Proceedings of the Fourteenth EuroSys Conference 2019., 1, Association for Computing Machinery (ACM), pp. 1-17, 14th European Conference on Computer Systems (EuroSys 2019), Dresden, Germany, 25/03/19. https://doi.org/10.1145/3302424.3303976

Alruhaily, N, Chothia, T & Bordbar, B 2018, A better understanding of machine learning malware misclassifcation. in P Mori, S Furnell & O Camp (eds), Information Systems Security and Privacy - 3rd International Conference, ICISSP 2017, Revised Selected Papers. Communications in Computer and Information Science, vol. 867, Springer Verlag, pp. 35-58, 3rd International Conference on Information Systems Security and Privacy, ICISSP 2017, Porto, Portugal, 19/02/17. https://doi.org/10.1007/978-3-319-93354-2_3

View all publications in research portal