Search Icon
Register

Operationalizing Cybersecurity Research Ethics Review: From Principles and Guidelines to Practice

Dennis Reidsma, Jeroen van der Ham, and Andrea Continella (University of Twente)

Cybersecurity research involves ethics risks such as accidental privacy breaches, corruption of production services, and discovery of weaknesses in networked systems. Although literature describes these and other issues in some depth, reflection on these issues is not yet well embedded in typical Ethics Review Board procedures. In this paper, we operationalize existing guidance on cybersecurity research ethics into a proposal that can be directly implemented in an Ethics Review Board. We provide a set of self-assessment questions to effectively and efficiently probe the ethics of proposed cybersecurity research, a Coordinated Vulnerability Disclosure procedure for discoveries made in the course of research, and an outline of a university policy to institutionally embed this procedure, which could be adapted and adopted by research institutes. With this paper, we hope to contribute to more Ethics Review Boards taking up the challenge of addressing cybersecurity research ethics in an adequate and productive manner.

Paper
Slides

View More Papers

coucouArray ( [post_type] => ndss-paper [post_status] => publish [posts_per_page] => 4 [orderby] => rand [tax_query] => Array ( [0] => Array ( [taxonomy] => category [field] => id [terms] => Array ( [0] => 69 [1] => 66 ) ) ) [post__not_in] => Array ( [0] => 13647 ) )

BEAGLE: Forensics of Deep Learning Backdoor Attack for Better...

Siyuan Cheng (Purdue University), Guanhong Tao (Purdue University), Yingqi Liu (Purdue University), Shengwei An (Purdue University), Xiangzhe Xu (Purdue University), Shiwei Feng (Purdue University), Guangyu Shen (Purdue University), Kaiyuan Zhang (Purdue University), Qiuling Xu (Purdue University), Shiqing Ma (Rutgers University), Xiangyu Zhang (Purdue University)

Read More

Navigating Murky Waters: Automated Browser Feature Testing for Uncovering...

Mir Masood Ali (University of Illinois Chicago), Binoy Chitale (Stony Brook University), Mohammad Ghasemisharif (University of Illinois Chicago), Chris Kanich (University of Illinois Chicago), Nick Nikiforakis (Stony Brook University), Jason Polakis (University of Illinois Chicago)

Read More

Do Not Give a Dog Bread Every Time He...

Chongqing Lei (Southeast University), Zhen Ling (Southeast University), Yue Zhang (Jinan University), Kai Dong (Southeast University), Kaizheng Liu (Southeast University), Junzhou Luo (Southeast University), Xinwen Fu (University of Massachusetts Lowell)

Read More

EdgeTDC: On the Security of Time Difference of Arrival...

Marc Roeschlin (ETH Zurich, Switzerland), Giovanni Camurati (ETH Zurich, Switzerland), Pascal Brunner (ETH Zurich, Switzerland), Mridula Singh (CISPA Helmholtz Center for Information Security), Srdjan Capkun (ETH Zurich, Switzerland)

Read More