Departmental Papers (CIS)

Date of this Version


Document Type

Conference Paper


3rd Workshop on Ethics in Computer Security Research 2012 (WECSR 2012), Bonaire on March 2, 2012.


Spam and other electronic abuses have long been a focus of computer security research. However, recent work in the domain has emphasized an economic analysis of these operations in the hope of understanding and disrupting the profit model of attackers. Such studies do not lend themselves to passive measurement techniques. Instead, researchers have become middle-men or active participants in spam behaviors; methodologies that lie at an interesting juncture of legal, ethical, and human subject e.g., IRB) guidelines. In this work two such experiments serve as case studies: One testing a novel link spam model on Wikipedia and another using blackhat software to target blog comments and forums.
Discussion concentrates on the experimental design process, especially as in uenced by human-subject policy. Case studies are used to frame related work in the area, and scrutiny reveals the computer science community requires greater consistency in evaluating research of this nature.

Subject Area

CPS Internet of Things

Publication Source

Lecture Notes in Computer Science: Financial Cryptography and Data Security



Start Page


Last Page




Copyright/Permission Statement

The final publication is available at Springer via



Date Posted: 21 March 2012

This document has been peer reviewed.