Research ethics in Internet-enabled research: Human subjects issues and methodological myopia
Ethics and Information Technology
Communications of the ACM
What ought a program committee to do?
WOWCS'08 Proceedings of the conference on Organizing Workshops, Conferences, and Symposia for Computer Systems
Conducting cybersecurity research legally and ethically
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Spamalytics: an empirical analysis of spam marketing conversion
Proceedings of the 15th ACM conference on Computer and communications security
Internet research ethics and the institutional review board: current practices and issues
ACM SIGCAS Computers and Society
Institutional review boards and your research
Communications of the ACM
Ethics in Security Vulnerability Research
IEEE Security and Privacy
Proliferation and Detection of Blog Spam
IEEE Security and Privacy
Re: CAPTCHAs: understanding CAPTCHA-solving services in an economic context
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
The nuts and bolts of a forum spam automator
LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
Click Trajectories: End-to-End Analysis of the Spam Value Chain
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
No plan survives contact: experience with cybercrime measurement
CSET'11 Proceedings of the 4th conference on Cyber security experimentation and test
Show me the money: characterizing spam-advertised revenue
SEC'11 Proceedings of the 20th USENIX conference on Security
Link spamming Wikipedia for profit
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
What Wikipedia deletes: characterizing dangerous collaborative content
Proceedings of the 7th International Symposium on Wikis and Open Collaboration
Autonomous link spam detection in purely collaborative environments
Proceedings of the 7th International Symposium on Wikis and Open Collaboration
Building an Active Computer Security Ethics Community
IEEE Security and Privacy
Hi-index | 0.00 |
Spam and other electronic abuses have long been a focus of computer security research. However, recent work in the domain has emphasized an economic analysis of these operations in the hope of understanding and disrupting the profit model of attackers. Such studies do not lend themselves to passive measurement techniques. Instead, researchers have become middle-men or active participants in spam behaviors; methodologies that lie at an interesting juncture of legal, ethical, and human subject (e.g., IRB) guidelines. In this work two such experiments serve as case studies: One testing a novel link spam model on Wikipedia and another using blackhat software to target blog comments and forums. Discussion concentrates on the experimental design process, especially as influenced by human-subject policy. Case studies are used to frame related work in the area, and scrutiny reveals the computer science community requires greater consistency in evaluating research of this nature.