Share on Facebook Tweet on Twitter Share on LinkedIn Share by email
Cormac Herley

I am a Principal Researcher at Microsoft Research. I am interested in data and signal analysis problems that reduce complexity and remove pain points for users. My current interests include data-mining for fraud and abuse, authentication, safety and data-driven security. There are links to some papers and projects below.

I received my PhD from Columbia University, my MSEE from Georgia Tech and my BE from University College Cork, Ireland. 

Here's a short profile of me done by MSR. Some media coverage of my work: All Things Considered (NPR), the Boston Globe, the NY Times, Wired, Ars Technica, theAtlantic, Bloomberg TVThe Economist, the Wall St Journal.

My email is my firstname at microsoft dot com.   

Twitter @cormacherley

Recent papers:

Recent talks:

  • The Unfalsifiability of Security Claims, U Calgary Oct. 2015, Cambridge Feb. 16
  • Passwords: Pushing on String, Trinity College Dublin, Sept. 2015 [slides]
  • Cybercrime and the Internet User, Ian Dangerfield Memorial Lecture, Maynooth Univ, Sept. 2015 [slides]


Users, Security Advice and Avoiding Harm:


Economics of Cybercrime: 

Safety and Security:

P2P and Networking:


Image Processing:



Press Coverage and Other Stuff 

People worth following:

  • NewSchoolSecurity: provocative thinking from some of the smartest people in the field

Favorite things to do around Seattle: