1 / 11

What is Network and Security Research?

What is Network and Security Research?. Network and Security Research, or Information Communication Technology (ICT) Research involves: the collection, use and disclosure of information collected via networks or using hardware and software associated with information technology

leif
Download Presentation

What is Network and Security Research?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What is Network and Security Research? Network and Security Research, or Information Communication Technology (ICT) Research involves: • the collection, use and disclosure of information collected via networks or using hardware and software associated with information technology • Examples include: • Phishing experiments • Botnets • Honeypots • Analysis of internet network traffic

  2. Ethical Challenges in ICT Research ICT research differs from traditional human subjects research which poses new ethical challenges: • Interactions with humans are often indirect with intervening technology • It is often not feasible to obtain informed consent • Deception may be necessary • There are varying degrees of linkage between data and individuals’ identities for behaviors • Researchers can easily engage millions of “subjects” and billions of associated data “objects” simultaneously.

  3. There is more to it than “data” Network Host Computer Application Data http://en.wikipedia.org/wiki/McCumber_cube Information and Information System

  4. Case Studies of ICT Research • Studying Spamming Botnets Using Botlab • P2P as Botnet Command and Control: A Deeper Insight • DDoS Attacks Against South Korean and U.S. Government Sites • BBC: Experiments with Commercial Botnets • Lycos Europe “Make Love Not Spam” Campaign • University of Bonn: “Stormfucker” • Information Warfare Monitor: “Ghostnet” • Tipping Point: Kraken Botnet Takeover • Symbiot: “Active Defense” • Tracing Anonymous Packets to the Approximate Source • LxLabs Kloxo/HyperVM • Exploiting Open Functionality in SMS-Capable Networks • Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses • Black Ops 2008 -- Its The End Of The Cache As We Know It • How to Own the Internet in Your Spare Time • Botnet Design • RFID Hacking • WORM vs. WORM: preliminary study of an active counter-attack mechanism • A Pact with the Devil • Playing Devil's Advocate: Inferring Sensitive Data from Anonymized Network Traces • Protected Repository for the Defense of Infrastructure Against Cyber Attacks • Shining Light in Dark Places: Understanding the ToR Network • Learning More About the Underground Economy: A Case Study of Keyloggers and Dropzones • Your Botnet is My Botnet: Examination of a Botnet Takeover • Why and How to Perform Fraud Experiments • Measurement and Mitigation of Peer-to-Peer-Based Botnets: A Case Study on Storm Worm • Spamalytics: An Empirical Analysis of Spam Marketing Conversion   • Likely to be considered Human Subjects • Research subject • to IRB review 

  5. A Bit of Context • Review boards lack expertise in this area of research • It is difficult for researcher or IRB to quantify risks • Distance1 between researcher and “subject” differs from traditional human subjects research: • As the “distance” between the researcher and subject decreases, we are more likely to define the research scenario as one that involves “human subjects.” • As the “distance” increases, we are more likely to define the research scenario as one that does not involve “human subjects”. • Concern about possible “human harming research” 1 Elizabeth Buchanan and Annette Markham

  6. Subject or Object?

  7. Social Network Honeypot Case Study [Discuss here] SOCIAL NETWORK HONEYPOT CASE STUDY

  8. Case Study: Social Network Honeypots • Research Method • Deceptively “friend” millions of users • Follow all posts, identifying malware through “sandbox” analysis • Develop detection and filtering mechanisms • Involved Stakeholders • End users of social networks (i.e., victims) • Criminals • Social network platform providers • Law enforcement • Researchers

  9. Case Study: Social Network Honeypots • Benefits • New detective, protective, and possibly investigative techniques • Publicity from novel, high-profile research • Risks of harm • Loss of user privacy (researcher obtaining personal communications and personally identifiable information) • Harm resulting from use of deception • Costs to provider to respond to complaints • Harming a criminal investigation • Violation of acceptable use policy

  10. Case Study: Social Network Honeypots • Benefits • New detective, protective, and possibly investigative techniques • Publicity from novel, high-profile research • Risks of harm • Loss of user privacy (researcher obtaining personal communications and personally identifiable information) • Harm resulting from use of deception • Costs to provider to respond to complaints • Harming a criminal investigation • Violation of acceptable use policy

  11. Case study: Questions THIS IS A TEST! In this case study: • Is there use of “personally identifiable data?” • Is there an expectation ofprivacy in communications? • Is use of deception necessary? • Does it make a difference that amillion users (as opposed to hundreds)are being deceived? • Are waivers of consent and/orof debriefing warranted? • Does it matter that researchers may impact law enforcement investigations, or other researchers’ data collection/experimentation?

More Related