Simon Bell

Simon Bell


If you made any changes in Pure these will be visible here soon.

Personal profile

Personal profile

Simon Bell specialises in empirical, data-driven research to investigate cyber attacks. His studies include measuring phishing and malware attacks on Twitter, blacklist characterisation, the impact of blacklist delays on user security, web browser phishing detection capabilities, SSH honeypots, and malware analysis.


Simon's PhD thesis explores how well-protected Twitter users are from phishing and malware attacks. Taking an empirical, data-driven approach, his thesis investigates the effectiveness of Twitter’s cybercrime defence system at time-of-tweet and time-of-click. Simon created Phishalytics: a measurement infrastructure that collects and analyses large-scale data sets. Data feeds include Twitter’s Stream API, Bitly’s Clicks API, and 3 popular blacklists: Google Safe Browsing, PhishTank, and OpenPhish.

Simon's PhD thesis contributes to improving internet measurement studies by addressing soundness and limitations of existing work. Research output includes characterising URL blacklists, investigating blacklist delays, and examining Twitter’s URL shortener ( His thesis aims to better enable policymakers, technology designers, and researchers to strengthen online user security.

Find out more about Simon's PhD thesis and measurement infrastructure at

Secure Honey

Prior to starting his PhD, Simon graduated from the University of Sussex with a First Class Honours Degree (BSc) in Computer Science. His final year project involved creating an SSH honeypot in C, deploying the honeypot to Amazon Web Services (AWS), and analysing various types of malware. The project was awarded the British Computing Society's (BCS) Best Final Year Project Prize. The project's blog featured in numerous popular security news websites including Ars Technica, The Register, PC World, and SC Magazine.

Find out more at


Connect with Simon at

Research interests

  • Phishing and malware measurement studies
  • Cybercrime on online social media (OSM)
  • Blacklists (including characterisation, temporal aspects, etc)
  • Phishing detection (including machine learning, URL analysis, psychology of social engineering, etc)
  • Web security (including web applications, network security, etc)
  • Honeypots
  • Malware analysis


Simon teaches on the university's distance learning MSc in Information Security, modules:

  • Network Security -- Module Lead
  • Computer Security -- Tutor
  • Security Management -- Tutor

Expertise related to UN Sustainable Development Goals

In 2015, UN member states agreed to 17 global Sustainable Development Goals (SDGs) to end poverty, protect the planet and ensure prosperity for all. This person’s work contributes towards the following SDG(s):

  • SDG 16 - Peace, Justice and Strong Institutions
  • Best Paper

    Bell, Simon (Recipient) & Komisarczuk, Peter (Recipient), 3 Feb 2020

    Prize: Prize (including medals and awards)

  • Best Student Paper

    Bell, Simon (Recipient) & Komisarczuk, Peter (Recipient), 3 Feb 2020

    Prize: Prize (including medals and awards)