Knowledge-Base Practicality for Cybersecurity Research Ethics Evaluation
This addresses the problem of abstract ethics guidance for cybersecurity researchers, though it is incremental as it builds on prior work.
The paper tackled the lack of concrete ethical standards in cybersecurity research by comparing expert analyses to those from a knowledge base of best practices, finding that the knowledge base yields comparable or more extensive ethical insights.
Research ethics in Information and Communications Technology has seen a resurgence in popularity in recent years. Although a number of general ethics standards have been issued, cyber security specifically has yet to see one. Furthermore, such standards are often abstract, lacking in guidance on specific practices. In this paper we compare peer-reviewed ethical analyses of condemned research papers to analyses derived from a knowledge base (KB) of concrete cyber security research ethics best practices. The KB we employ was compiled in prior work from a large random survey of research papers. We demonstrate preliminary evidence that such a KB can be used to yield comparable or more extensive ethical analyses of published cyber security research than expert application of standards like the Menlo Report. We extend the ethical analyses of the reviewed manuscripts, and calculate measures of the efficiency with which the expert versus KB methods yield ethical insights.