Computer security researchers have not generally applied the scientific method when conducting experiments, producing results, and making conclusive claims. Thus, researchers who have been claiming to be doing “science” generally are not. Therefore, we propose a new paradigm in computer security in which conclusions drawn from experiments that claim to be “science” actually rely on scientific principles and the scientific method.We have previously discussed classical methods of conducting computer security experiments to obtain more scientifically valid results. In this paper, we propose a new method of conducting experiments, when one of the classical methods is unavailable or impractical
We replicated and extended a 2008 study conducted at CMU that investigated the e effectiveness of SS...
The byproduct of today’s massive interconnectivity is that basically nothing and no-one is immune to...
Computer and network security researchers usually focus on the security of computers and networks. A...
Computer security researchers have not generally applied the scientific method when conducting exper...
In this paper, we discuss the scientific method and how it can be applied to computer security exper...
What would a 'Science of Security' look like? This question has received considerable attention over...
The past ten years has seen increasing calls to makesecurity research more 'scientific'.On the surfa...
Although experiments have been a core element of the scientific method since the 1600s, experiments ...
Many computer security problems stem from buggy software. Attackers exploit software bugs to infiltr...
Background: Human beings are an integral part of computer security, whether we actively participate...
Critical Security Methods offers a new approach to research methods in critical security studies. ...
Background: Cybersecurity has risen to international importance. Almost every organization will fall...
This position paper proposes a research agenda for the field of security testing. It gives a critica...
Lessons from previous experiences are often overlooked when deploying security-sensitive technology ...
Lessons from previous experiences are often overlooked when deploying security-sensitive technology ...
We replicated and extended a 2008 study conducted at CMU that investigated the e effectiveness of SS...
The byproduct of today’s massive interconnectivity is that basically nothing and no-one is immune to...
Computer and network security researchers usually focus on the security of computers and networks. A...
Computer security researchers have not generally applied the scientific method when conducting exper...
In this paper, we discuss the scientific method and how it can be applied to computer security exper...
What would a 'Science of Security' look like? This question has received considerable attention over...
The past ten years has seen increasing calls to makesecurity research more 'scientific'.On the surfa...
Although experiments have been a core element of the scientific method since the 1600s, experiments ...
Many computer security problems stem from buggy software. Attackers exploit software bugs to infiltr...
Background: Human beings are an integral part of computer security, whether we actively participate...
Critical Security Methods offers a new approach to research methods in critical security studies. ...
Background: Cybersecurity has risen to international importance. Almost every organization will fall...
This position paper proposes a research agenda for the field of security testing. It gives a critica...
Lessons from previous experiences are often overlooked when deploying security-sensitive technology ...
Lessons from previous experiences are often overlooked when deploying security-sensitive technology ...
We replicated and extended a 2008 study conducted at CMU that investigated the e effectiveness of SS...
The byproduct of today’s massive interconnectivity is that basically nothing and no-one is immune to...
Computer and network security researchers usually focus on the security of computers and networks. A...