Dr Simon J. Bell

Hi, I'm Simon, an award-winning Cyber Security Researcher, Software Engineer, and Web Security Specialist.

My research papers are published internationally, and my findings have featured in Ars Technica, The Hacker New, PC World, amogst others.

I have a PhD in Cyber Security, a BSc in Computer Science, and I'm a member of The British Computing Society (BCS), The Institution of Engineering and Technology (IET), and The Association for Computing Machinery (ACM).

Simon Bell

Web Security & Development

I write about securty, privacy, and web development at KeyThreat.com.

Cyber Security Research

My cybersecurity research takes an empirical, data-driven approach to investigate cyber attacks. My studies include measuring phishing and malware attacks on Twitter, blacklist characterisation, the impact of blacklist delays on user security, web browser phishing detection capabilities, SSH honeypots, and malware analysis.


My PhD thesis explores how well-protected Twitter users are from phishing and malware attacks. I take an empirical, data-driven approach, to investigate the effectiveness of Twitter’s cybercrime defence system at time-of-tweet and time-of-click. I created Phishalytics: a measurement infrastructure that collects and analyses large-scale data sets. Data feeds include Twitter’s Stream API, Bitly’s Clicks API, and 3 popular blacklists: Google Safe Browsing, PhishTank, and OpenPhish.

My PhD thesis contributes to improving internet measurement studies by addressing soundness and limitations of existing work. Research output includes characterising URL blacklists, investigating blacklist delays, and examining Twitter’s URL shortener (t.co). My thesis aims to better enable policymakers, technology designers, and researchers to strengthen online user security.

Find out more about my PhD thesis and measurement infrastructure at Phishalytics.com.

Secure Honey

I graduated from the University of Sussex with a First Class Honours Degree (BSc) in Computer Science. My final year project involved creating an SSH honeypot in C, deploying the honeypot to Amazon Web Services (AWS), and analysing various types of malware. The project was awarded the British Computing Society's (BCS) Best Final Year Project Prize. The project's blog featured in numerous popular security news websites including Ars Technica, The Register, PC World, and SC Magazine.

Find out more at SecureHoney.net.

Research interests

  • Phishing and malware measurement studies
  • Cybercrime on online social media (OSM)
  • Blacklists (including characterisation, temporal aspects, etc)
  • Phishing detection (including machine learning, URL analysis, psychology of social engineering, etc)
  • Web security (including web applications, network security, etc)
  • Honeypots
  • Malware analysis


I teach Information Security on the Royal Holloway, Univeritsy of London distance learning MSc programme, modules:

  • Network Security -- Module Lead
  • Computer Security -- Tutor
  • Security Management -- Tutor