July 18, 2012
Conference Paper

Realizing Scientific Methods for Cyber Security

Abstract

There is little doubt among cyber security researchers about the lack of scientic rigor that underlies much of the liter-ature. The issues are manifold and are well documented. Further complicating the problem is insufficient scientic methods to address these issues. Cyber security melds man and machine: we inherit the challenges of computer science, sociology, psychology, and many other elds and create new ones where these elds interface. In this paper we detail a partial list of challenges imposed by rigorous science and survey how other sciences have tackled them, in the hope of applying a similar approach to cyber security science. This paper is by no means comprehensive: its purpose is to foster discussion in the community on how we can improve rigor in cyber security science.

Revised: April 28, 2015 | Published: July 18, 2012

Citation

Carroll T.E., D.O. Manz, T.W. Edgar, and F.L. Greitzer. 2012. Realizing Scientific Methods for Cyber Security. In LASER '12: Proceedings of the 2012 Workshop on Learning from Authoritative Security Experiment Results, July 18-19, 2012, Arlington, Virginia, 19-24. New York:Association for Computing Machinery. PNNL-SA-87207. doi:10.1145/2379616.2379619