I'm a Directeur de Recherche (Cybersecurity) at Institut Mines-Télécom/IMT Atlantique (formally Telecom Bretagne) in Rennes, France. I was previously a Statutory Lecturer in Computer Science at University College Cork.

My research interests include distributed/network access controls, trust, security analysis, security risk management, cyber-physical security and user-experience. I'm on the editorial boards of the Journal of Computer Security and the International Journal of Information Privacy, Security and Integrity; PC co-Chair of the European Symposium on Research in Computer Security and a past chair of NSPW and CSF.

My current PhD students are Imran Khan (UCC), Thomas Cledel (IMT), Edwin Bourget (IMT) and post-doc researcher Vivien Rooney (IMT). PhD and postdoc alumni from my old security group in Cork include Thomas Quillinan, Hongbin Zhou, Barry Mulcahy, Wayne Mac Adams, William Fitzgerald, Olgierd Pieczul (UCC), Ultan Neville (UCC), Fatih, Jonathan Petit and Benyamin Aziz.

Recent Publications

  • Pieczul, O., Foley, S. N., & Zurko, M. E. (2017). Developer-centered security and the symmetry of ignorance. In New Security Paradigms Workshop, to appear. Retrieved from http://simonnfoley.github.io/pubs/nspw2017.pdf [link]
  • Foley, S. N. (2017). Getting security objectives wrong: a cautionary tale of an Industrial Control System. In International Workshop on Security Protocols, to appear. Retrieved from http://simonnfoley.github.io/pubs/spw2017.pdf [link]
  • Rooney, V. M., & Foley, S. N. (2017). What users want: adapting qualitative research methods to security policy requirements elicitation. In Proceedings of the International Workshop on Security and Privacy Requirements Engineering, SECPRE 2017. Retrieved from http://simonnfoley.github.io/pubs/secpre2017.pdf [link]
  • Kahn, M. I., O’Sullivan, B., & Foley, S. N. (2017). A semantic approach to frequency based anomaly detection of insider access in database management systems. In International Conference on Risks and Security of Internet and Systems.
  • Kahn, M. I., Foley, S. N., & O’Sullivan, B. (2017). On database intrusion detection: Query analytics based model of normative behavior to detect insider attacks. In 7th International Conference on Communication and Network Security.
  • Kahn, M. I., & Foley, S. N. (2016). Detecting anomalous behavior in DBMS logs. In International Conference on Risks and Security of Internet and Systems (CRiSIS2016).
  • Neville, U., & Foley, S. N. (2016). Reasoning About Firewall Policies Through Refinement and Composition. In IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec2016). Retrieved from http://simonnfoley.github.io/pubs/dbsec2016-FW.pdf [link]
  • Pieczul, O., & Foley, S. N. (2016). Runtime detection of zero-day vulnerability exploits in contemporary software systems. In IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec2016). Retrieved from http://simonnfoley.github.io/pubs/dbsec2016-struts.pdf [link]
  • Pieczul, O., & Foley, S. N. (2016). The evolution of a security control. In International Workshop on Security Protocols, to appear. Retrieved from http://simonnfoley.github.io/pubs/secprot2016.pdf [link]
  • Foley, S. N., & Neville, U. (2015). A firewall algebra for OpenStack. In Workshop on security and privacy in the cloud (IEEE CNS). Retrieved from http://simonnfoley.github.io/pubs/spc-2015.pdf [link]
  • Pieczul, O., & Foley, S. N. (2015). The Dark Side of the Code. In International Workshop on Security Protocols (Vol. 9379). Springer. http://doi.org/10.1007/978-3-319-26096-9_1 [link]
  • Foley, S. N., & Pieczul, O. (2015). The Dark Side of the Code (Transcript of Discussion). In Security Protocols XXIII (Vol. 9379). Springer. http://doi.org/10.1007/978-3-319-26096-9_2 [link]
  • Pieczul, O., Foley, S. N., & Rooney, V. M. (2014). I’m OK, You’re OK, the System’s OK: Normative Security for Systems. In Proceedings of the 2014 workshop on New Security Paradigms Workshop, Victoria, BC, Canada, September 15-18, 2014 (pp. 95–104). http://doi.org/10.1145/2683467.2683476 [link]
  • Brennan, R., Etzioni, Z., Feeney, K., O’Sullivan, D., Fitzgerald, W. M., & Foley, S. N. (2014). Consumer-Managed Federated Homes. IEEE Communications Magazine, 52(6), 194–201. http://doi.org/10.1109/MCOM.2014.6829964 [link]
  • Pieczul, O., & Foley, S. N. (2014). Collaborating as Normal: Detecting Systemic Anomalies in Your Partner. In Security Protocols XXII - 22nd International Workshop Cambridge, UK, March 19-21, 2014 Revised Selected Papers (pp. 18–27). http://doi.org/10.1007/978-3-319-12400-1_3 [link]
  • Foley, S. N. (2014). Collaborating as Normal: Detecting Systemic Anomalies in Your Partner (Transcript of Discussion). In Security Protocols XXII - 22nd International Workshop Cambridge, UK, March 19-21, 2014 Revised Selected Papers (pp. 28–37). http://doi.org/10.1007/978-3-319-12400-1_4 [link]
  • Foley, S. N. (2014). Noninterference Analysis of Delegation Subterfuge in Distributed Authorization Systems. Journal of Trust Management, 1(11). Retrieved from http://simonnfoley.github.io/pubs/ifiptm2013.pdf [link]