Departmental Papers (CIS)
Document Type
Conference Paper
Date of this Version
3-2-2012
Abstract
Spam and other electronic abuses have long been a focus of computer security research. However, recent work in the domain has emphasized an economic analysis of these operations in the hope of understanding and disrupting the profit model of attackers. Such studies do not lend themselves to passive measurement techniques. Instead, researchers have become middle-men or active participants in spam behaviors; methodologies that lie at an interesting juncture of legal, ethical, and human subject e.g., IRB) guidelines. In this work two such experiments serve as case studies: One testing a novel link spam model on Wikipedia and another using blackhat software to target blog comments and forums.
Discussion concentrates on the experimental design process, especially as in uenced by human-subject policy. Case studies are used to frame related work in the area, and scrutiny reveals the computer science community requires greater consistency in evaluating research of this nature.
Date Posted: 21 March 2012
This document has been peer reviewed.
Comments
3rd Workshop on Ethics in Computer Security Research 2012 (WECSR 2012), Bonaire on March 2, 2012. http://www.cs.stevens.edu/~spock/wecsr2012/index.html
© 2012 International Financial Cryptography Association. To be published in Lecture Notes in Computer Science.