Ethical Guidelines for Computer Security Researchers: “Be Reasonable”

Sassaman, Len

doi:10.1007/978-3-642-14992-4_24

Cited by 2 publications

(4 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The field of cybersecurity research sometimes involves ethical choices, legal restrictions, liability concerns, as well as challenging political questions . During the last few years, there have been several studies that discussed ethical considerations and restrictions in cybersecurity and more precisely in botnets research …”

Section: Design Of An Intra‐csp Botnetmentioning

confidence: 99%

“…In this section, we briefly discuss some of the ethical considerations of the botnet research work we have conducted in this paper. We do so by focusing on two questions that are directly related to the different considerations that have been discussed in the context of ethical issues involved in cybersecurity research Was there any harm on the CSP side or on the target side?…”

Section: Design Of An Intra‐csp Botnetmentioning

confidence: 99%

“…30,31 During the last few years, there have been several studies that discussed ethical considerations and restrictions in cybersecurity and more precisely in botnets research. 30,[32][33][34][35] In this section, we briefly discuss some of the ethical considerations of the botnet research work we have conducted in this paper. We do so by focusing on two questions that are directly related to the different considerations that have been discussed in the context of ethical issues involved in cybersecurity research.…”

Section: Ethical Considerationsmentioning

confidence: 99%

“…We do so by focusing on two questions that are directly related to the different considerations that have been discussed in the context of ethical issues involved in cybersecurity research. 30,[32][33][34][35] 1. Was there any harm on the CSP side or on the target side?…”

Section: Ethical Considerationsmentioning

confidence: 99%

See 3 more Smart Citations

An empirical investigation of botnet as a service for cyberattacks

Hammi

Zeadally

Khatoun

2018

Trans Emerging Tel Tech

View full text Add to dashboard Cite

During the last years, cloud computing has emerged and imposed itself as a cost‐effective solution for providing high quality Information Technology services. However, beyond a legitimate usage, the benefits of cloud computing are being exploited by attackers in nefarious ways and botnets are among the greatest beneficiaries of this malicious use. This botnet trend is a major issue because it strongly increases the power of massive distributed attacks when leveraging the capabilities of cloud service providers that do not have appropriate detection approaches in place to detect botnets exploiting cloud resources (also referred to as botclouds). We developed a free experimental intra–Cloud Service Provider (CSP) botnet that exploits CSPs' trial versions. We used this intra‐CSP botnet to execute numerous TCP SYN flood and UDP flood attacks during one week. Our empirical results demonstrate that, contrary to what CSPs claim, all the CSPs (with the exception of one) we have tested still cannot detect or issued no warnings when malicious activities were launched from their cloud computing platforms. Besides, CSP's trial versions can easily be exploited to perpetrate large scale cyberattacks. We argue that efficient, cost‐effective, scalable detection approaches that can detect botclouds need to be developed in the future to address this challenge.

show abstract

Section: Design Of An Intra‐csp Botnetmentioning

confidence: 99%

Section: Design Of An Intra‐csp Botnetmentioning

confidence: 99%