Knowledge-Base Practicality for Cybersecurity Research Ethics Evaluation

Research ethics in Information and Communications Technology has seen a resurgence in popularity in recent years. Although a number of general ethics standards have been issued, cyber security specifically has yet to see one. Furthermore, such standards are often abstract, lacking in guidance on specific practices. In this paper we compare peer-reviewed ethical analyses of condemned research papers to analyses derived from a knowledge base (KB) of concrete cyber security research ethics best practices. The KB we employ was compiled in prior work from a large random survey of research papers. We demonstrate preliminary evidence that such a KB can be used to yield comparable or more extensive ethical analyses of published cyber security research than expert application of standards like the Menlo Report. We extend the ethical analyses of the reviewed manuscripts, and calculate measures of the efficiency with which the expert versus KB methods yield ethical insights.Comment: 9 pages, To appear in Computer Security Symposium 2020 (CSS 2020). Readers viewing this document after 10/19/2020 please refer to the most recent version on arXiv.org. Proceedings to be made available at: https://www.iwsec.org/css/2020/proceedings.htm