COVID-19 Update: We are currently shipping orders daily. However, due to transit disruptions in some geographies, deliveries may be delayed. To provide all customers with timely access to content, we are offering 50% off Science and Technology Print & eBook bundle options. Terms & conditions.
Research Methods for Cyber Security - 1st Edition - ISBN: 9780128053492, 9780128129302

Research Methods for Cyber Security

1st Edition

Authors: Thomas Edgar David Manz
Paperback ISBN: 9780128053492
eBook ISBN: 9780128129302
Imprint: Syngress
Published Date: 19th April 2017
Page Count: 428
Sales tax will be calculated at check-out Price includes VAT/GST
Price includes VAT/GST

Institutional Subscription

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.


Research Methods for Cyber Security teaches scientific methods for generating impactful knowledge, validating theories, and adding critical rigor to the cyber security field. This book shows how to develop a research plan, beginning by starting research with a question, then offers an introduction to the broad range of useful research methods for cyber security research: observational, mathematical, experimental, and applied. Each research method chapter concludes with recommended outlines and suggested templates for submission to peer reviewed venues. This book concludes with information on cross-cutting issues within cyber security research.

Cyber security research contends with numerous unique issues, such as an extremely fast environment evolution, adversarial behavior, and the merging of natural and social science phenomena. Research Methods for Cyber Security addresses these concerns and much more by teaching readers not only the process of science in the context of cyber security research, but providing assistance in execution of research as well.

Key Features

  • Presents research methods from a cyber security science perspective
  • Catalyzes the rigorous research necessary to propel the cyber security field forward
  • Provides a guided method selection for the type of research being conducted, presented in the context of real-world usage


Cyber security researchers, graduate and undergraduate students, and practitioners

Table of Contents

Part I: Introduction

Chapter 1. Introduction to Science

  • Abstract
  • Chapter Objectives
  • What is Science
  • Types of Science
  • Science is Messy
  • From Ptolemy to Einstein—Science and the Discovery of the Nature of the Sky
  • Summary and Conclusions
  • Endnotes

Chapter 2. Science and Cyber Security

  • Abstract
  • Chapter Objectives
  • Defining Cyber Space
  • Defining Cyber Security
  • Cyber Security Fundamentals
  • Cyber Security Controls Overview
  • Defining a Science of Cyber Security
  • Challenges in Achieving Security in Cyber Space
  • Further Reading
  • Endnotes

Chapter 3. Starting Your Research

  • Abstract
  • Chapter Objectives
  • Starting Your Research
  • Research before the Research
  • Selecting Your Research Path
  • Conferences and Journals
  • Endnotes

Part II: Observational Research Methods

Chapter 4. Exploratory Study

  • Abstract
  • Chapter Objectives
  • Knowledge by Inference
  • Types of Studies
  • Gathering Data
  • Exploratory Method Selection
  • Exploratory Study Method Examples
  • Analysis Bias
  • The Search for a Causal Relationship
  • Reporting Your Results
  • Endnotes

Chapter 5. Descriptive Study

  • Abstract
  • Chapter Objectives
  • Descriptive Study Methods
  • Observation Method Selection
  • Gathering Data
  • Data Analysis
  • Descriptive Study Method Examples
  • Reporting your Results
  • Endnotes

Chapter 6. Machine Learning

  • Abstract
  • Chapter Objectives
  • What is Machine Learning
  • Categories of Machine Learning
  • Debugging Machine Learning
  • Bayesian Network Mathematical Preliminaries and Model Properties
  • Hidden Markov Models
  • Discussion
  • Sample Format
  • Endnotes

Part III: Mathematical Research Methods

Chapter 7. Theoretical Research

  • Abstract
  • Chapter Objectives
  • Background
  • Challenges in Development of Cyber Security Science Theory
  • Example Theoretical Research Construction
  • Reporting Your Results
  • Endnotes

Chapter 8. Using Simulation for Research

  • Abstract
  • Chapter Objectives
  • Defining Simulation
  • When Should Simulation Be Used
  • Defining What to Model
  • Instantiating a Model
  • Example Use Case
  • Paper Format
  • Endnotes

Part IV: Experimental Research Methods

Chapter 9. Hypothetico-deductive Research

  • Abstract
  • Chapter Objectives
  • Purpose of Hypothesis-driven Experimentation
  • A Proper Hypothesis
  • Experimentation
  • Analysis
  • Integrating the Theory with Results
  • Reporting Your Results
  • Endnotes

Chapter 10. Quasi-experimental Research

  • Abstract
  • Chapter Objectives
  • True versus Quasi-experiment
  • Cyber Drivers for Quasi-experimental Design
  • Quasi-experiment Research Methods
  • Reporting Your Results
  • Endnotes

Part V: Applied Research Methods

Chapter 11. Applied Experimentation

  • Abstract
  • Chapter Objectives
  • Building From a Theory
  • Methods of Applied Experimentation
  • Benchmarking
  • Reporting Your Results
  • Validation Testing
  • Independent Variables
  • Dependent Variables
  • Experimental Design
  • Problems With Validation Testing
  • Reporting Your Results
  • Endnotes

Chapter 12. Applied Observational Study

  • Abstract
  • Chapter Objectives
  • Applied Study Types
  • Applied Observation Method Selection
  • Data Collection and Analysis
  • Applied Exploratory Study: Stress Test
  • Applied Descriptive Study: Case Study
  • Reporting Your Results
  • Endnote

Part VI: Additional Materials

Chapter 13. Instrumentation

  • Abstract
  • Chapter Objectives
  • Understanding Your Data Needs
  • Overview of Data and Sensor Types
  • Controlled-testing Environments
  • Conclusion
  • Endnotes

Chapter 14. Addressing the Adversary

  • Abstract
  • Chapter Objectives
  • Defining Adversary
  • The Challenge of Adversarial Research
  • Adversaries in Other Fields of Study
  • Different Ways to Think About Threats
  • Integrating Adversary Models into Research
  • Conclusions
  • Endnotes

Chapter 15. Scientific Ethics

  • Abstract
  • Chapter Objectives
  • Ethics for Science
  • History of Ethics in Cyber Security
  • Ethical Standards
  • Cyber Security Expert Classification
  • Cyber Security and the Law
  • Human Subjects Research
  • Ethical Use of Data
  • Individual Responsibility
  • Conclusion
  • Endnotes


No. of pages:
© Syngress 2017
19th April 2017
Paperback ISBN:
eBook ISBN:

About the Authors

Thomas Edgar

Thomas Edgar is a Senior Cyber Security Research Scientist at the Pacific Northwest National Laboratory. He has completed research in the areas of secure communication protocols, cryptographic trust management, critical infrastructure protection, and developing a scientific approach to cyber security. Edgar’s research interests include the scientific underpinnings of cyber security and applying scientific based cyber security solutions to enterprise and critical infrastructure environments. His expertise lies in scientific process, critical infrastructure security, protocol development, cyber forensics, network security, and testbed and experiment construction. Edgar has a BS and MS in Computer Science from the University of Tulsa with a specialization in information assurance.

Affiliations and Expertise

Senior Cyber Security Scientist, Pacific Northwest National Laboratory

David Manz

David Manz is currently a Senior Cyber Security Scientist in the National Security Directorate at the Pacific Northwest National Laboratory. He holds a B.S. in Computer and Information Science from the Robert D. Clark Honors College at the University of Oregon and a Ph.D. in Computer Science from the University of Idaho. David's work at PNNL includes enterprise resilience and cyber security, secure control system communication, and critical infrastructure security. Enabling his research is an application of relevant research methods for cyber security (Cyber Security Science). Prior to his work at PNNL, David spent five years as a researcher on Group Key Management Protocols for the Center for Secure and Dependable Systems at the University of Idaho (U of I). David also has experience teaching undergraduate and graduate computer science courses at U of I, and as an adjunct faculty at Washington State University. David has co-authored numerous papers and presentations on cyber security, control system security, and cryptographic key management.

Affiliations and Expertise

Senior Cyber Security Scientist, Pacific Northwest National Laboratory

Ratings and Reviews