Research Methods for Cyber Security

Research Methods for Cyber Security teaches scientific methods for generating impactful knowledge, validating theories, and adding critical rigor to the cyber security field. This book shows how to develop a research plan, beginning by starting research with a question, then offers an introduction to the broad range of useful research methods for cyber security research: observational, mathematical, experimental, and applied. Each research method chapter concludes with recommended outlines and suggested templates for submission to peer reviewed venues. This book concludes with information on cross-cutting issues within cyber security research.

Cyber security research contends with numerous unique issues, such as an extremely fast environment evolution, adversarial behavior, and the merging of natural and social science phenomena. Research Methods for Cyber Security addresses these concerns and much more by teaching readers not only the process of science in the context of cyber security research, but providing assistance in execution of research as well.

• Presents research methods from a cyber security science perspective
• Catalyzes the rigorous research necessary to propel the cyber security field forward
• Provides a guided method selection for the type of research being conducted, presented in the context of real-world usage

Cyber security researchers, graduate and undergraduate students, and practitioners

Part I: Introduction

Chapter 1. Introduction to Science

• Abstract
• Chapter Objectives
• What is Science
• Types of Science
• Science is Messy
• From Ptolemy to Einstein—Science and the Discovery of the Nature of the Sky
• Summary and Conclusions
• Endnotes

Chapter 2. Science and Cyber Security

• Abstract
• Chapter Objectives
• Defining Cyber Space
• Defining Cyber Security
• Cyber Security Fundamentals
• Cyber Security Controls Overview
• Defining a Science of Cyber Security
• Challenges in Achieving Security in Cyber Space
• Further Reading
• Endnotes

Chapter 3. Starting Your Research

• Abstract
• Chapter Objectives
• Starting Your Research
• Research before the Research
• Selecting Your Research Path
• Conferences and Journals
• Endnotes

Part II: Observational Research Methods

Chapter 4. Exploratory Study

• Abstract
• Chapter Objectives
• Knowledge by Inference
• Types of Studies
• Gathering Data
• Exploratory Method Selection
• Exploratory Study Method Examples
• Analysis Bias
• The Search for a Causal Relationship
• Reporting Your Results
• Endnotes

Chapter 5. Descriptive Study

• Abstract
• Chapter Objectives
• Descriptive Study Methods
• Observation Method Selection
• Gathering Data
• Data Analysis
• Descriptive Study Method Examples
• Reporting your Results
• Endnotes

Chapter 6. Machine Learning

• Abstract
• Chapter Objectives
• What is Machine Learning
• Categories of Machine Learning
• Debugging Machine Learning
• Bayesian Network Mathematical Preliminaries and Model Properties
• Hidden Markov Models
• Discussion
• Sample Format
• Endnotes

Part III: Mathematical Research Methods

Chapter 7. Theoretical Research

• Abstract
• Chapter Objectives
• Background
• Challenges in Development of Cyber Security Science Theory
• Example Theoretical Research Construction
• Reporting Your Results
• Endnotes

Chapter 8. Using Simulation for Research

• Abstract
• Chapter Objectives
• Defining Simulation
• When Should Simulation Be Used
• Defining What to Model
• Instantiating a Model
• Example Use Case
• Paper Format
• Endnotes

Part IV: Experimental Research Methods

Chapter 9. Hypothetico-deductive Research

• Abstract
• Chapter Objectives
• Purpose of Hypothesis-driven Experimentation
• A Proper Hypothesis
• Experimentation
• Analysis
• Integrating the Theory with Results
• Reporting Your Results
• Endnotes

Chapter 10. Quasi-experimental Research

• Abstract
• Chapter Objectives
• True versus Quasi-experiment
• Cyber Drivers for Quasi-experimental Design
• Quasi-experiment Research Methods
• Reporting Your Results
• Endnotes

Part V: Applied Research Methods

Chapter 11. Applied Experimentation

• Abstract
• Chapter Objectives
• Building From a Theory
• Methods of Applied Experimentation
• Benchmarking
• Reporting Your Results
• Validation Testing
• Independent Variables
• Dependent Variables
• Experimental Design
• Problems With Validation Testing
• Reporting Your Results
• Endnotes

Chapter 12. Applied Observational Study

• Abstract
• Chapter Objectives
• Applied Study Types
• Applied Observation Method Selection
• Data Collection and Analysis
• Applied Exploratory Study: Stress Test
• Applied Descriptive Study: Case Study
• Reporting Your Results
• Endnote

Part VI: Additional Materials

Chapter 13. Instrumentation

• Abstract
• Chapter Objectives
• Understanding Your Data Needs
• Overview of Data and Sensor Types
• Controlled-testing Environments
• Conclusion
• Endnotes

Chapter 14. Addressing the Adversary

• Abstract
• Chapter Objectives
• Defining Adversary
• The Challenge of Adversarial Research
• Adversaries in Other Fields of Study
• Different Ways to Think About Threats
• Integrating Adversary Models into Research
• Conclusions
• Endnotes

Chapter 15. Scientific Ethics

• Abstract
• Chapter Objectives
• Ethics for Science
• History of Ethics in Cyber Security
• Ethical Standards
• Cyber Security Expert Classification
• Cyber Security and the Law
• Human Subjects Research
• Ethical Use of Data
• Individual Responsibility
• Conclusion
• Endnotes