Skip to main content
SpringerLink
Log in

Ethical Dilemmas in Take-Down Research

  • Conference paper
Book cover Financial Cryptography and Data Security (FC 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7126))

Included in the following conference series:

Abstract

We discuss nine ethical dilemmas which have arisen during the investigation of ‘notice and take-down’ regimes for Internet content. Issues arise when balancing the desire for accurate measurement to advance the security community’s understanding with the need to immediately reduce harm that is uncovered in the course of measurement. Research methods demand explanation to be accepted in peer-reviewed publications, yet the dissemination of knowledge may help miscreants improve their operations and avoid detection in the future. Finally, when researchers put forward solutions to problems they have identified, it is important that they ensure that their interventions demonstrably improve the situation and do not cause undue collateral damage.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ahlert, C., Marsden, C., Yung, C.: How ‘Liberty’ disappeared from cyberspace: the mystery shopper tests Internet content self-regulation (2004), http://pcmlp.socleg.ox.ac.uk/text/liberty.pdf

  2. Anderson, R., Moore, T.: The economics of information security. Science 314(5799), 610–613 (2006)

    Article  Google Scholar 

  3. Chao, L.: China Porn Measures Raise Fear Of Censors. Wall Street Journal, page A10 (December 17, 2009), http://online.wsj.com/article/SB126098577403994051.html

  4. Clayton, R.: Anonymity and Traceability in Cyberspace. Technical Report UCAM-CL-TR-653, University of Cambridge Computer Laboratory (2005)

    Google Scholar 

  5. Dittrich, D., Leder, F., Werner, T.: A Case Study in Ethical Decision Making Regarding Remote Mitigation of Botnets. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) RLCPS, WECSR, and WLC 2010. LNCS, vol. 6054, pp. 216–230. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  6. Dornseif, M.: Government mandated blocking of foreign web content. In: von Knop, J., Haverkamp, W., Jessen, E. (eds.): Security, E-Learning, E-Services: Proceedings of the 17. DFN-Arbeitstagung über Kommunikationsnetze, Düsseldorf, Lecture Notes in Informatics, pp. 617–648 (2003)

    Google Scholar 

  7. Franklin, J., Paxson, V., Perrig, A., Savage, S.: An inquiry into the nature and causes of the wealth of Internet miscreants. In: Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS), pp. 375–388. ACM Press, New York (2007)

    Google Scholar 

  8. Gill, C.: Hi-tech crime police quiz 19 people over Internet bank scam that netted hackers up to £20m from British accounts. Daily Mail (September 29, 2010), http://www.dailymail.co.uk/news/article-1316022/Nineteen-arrested-online-bank-raid-netted-20m.html

  9. Hobbs, A.C. (Tomlinson, C. (ed.)): Locks and Safes: The Construction of Locks. Virtue and Co., London (1853)

    Google Scholar 

  10. Kanich, C., Kreibich, C., Levchenko, K., Enright, B., Voelker, G.M., Paxson, V., Savage, S.: Spamalytics: an empirical analysis of spam marketing conversion. In: Proceedings of the 15th ACM CCS, pp. 3–14. ACM Press, New York (2008)

    Google Scholar 

  11. Kemmerer, R.: How to steal a botnet and what can happen when you do. Google Tech Talk (2009), http://www.youtube.com/watch?v=2GdqoQJa6r4

  12. McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Transactions on Information and System Security 3(4), 262–294 (2000)

    Google Scholar 

  13. Moore, T.: How can we co-operate to tackle phishing? Light Blue Touchpaper (October 27, 2008), http://www.lightbluetouchpaper.org/2008/10/27/how-can-we-co-operate-to-tackle-phishing/

  14. Moore, T., Clayton, R.: Examining the impact of website take-down on phishing. In: 2nd Anti-Phishing Working Group eCrime Researchers Summit (APWG eCrime), pp. 1–13. ACM Press, New York (2007)

    Chapter  Google Scholar 

  15. Moore, T., Clayton, R.: The Impact of Incentives on Notice and Take-down. In: Eric Johnson, M. (ed.) Managing Information Risk and the Economics of Security, pp. 199–223. Springer, New York (2008)

    Google Scholar 

  16. Moore, T., Clayton, R.: The consequence of non-cooperation in the fight against phishing. In: Anti-Phishing Working Group eCrime Researchers Summit (APWG eCrime), pp. 1–14. IEEE (2008)

    Google Scholar 

  17. Moore, T., Clayton, R.: Evil Searching: Compromise and Recompromise of Internet Hosts for Phishing. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 256–272. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  18. Moore, T., Clayton, R.: The impact of public information on phishing attack and defense. Communications and Strategies 81(1), 45–68 (2011)

    Google Scholar 

  19. Moran, T., Moore, T.: The Phish-Market Protocol: Securely Sharing Attack Data Between Competitors. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 222–237. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  20. Mutton, P.: Mr-Brain: Stealing Phish from Fraudsters. Netcraft Blog (January 22, 2008), http://news.netcraft.com/archives/2008/01/22/mrbrain_stealing_phish_from_fraudsters.html

  21. Nas, S.: The Multatuli project: ISP notice & take down. In: SANE (2004), http://www.bof.nl/docs/researchpaperSANE.pdf

  22. Olsen, E.: A Contrary Perspective – Forced Data Sharing Will Decrease Performance and Reduce Protection. Cyveillance Blog (October 28, 2008), http://www.cyveillanceblog.com/phishing/a-contrary-perspective-%E2%80%93-forced-data-sharing-will-decrease-performance-and-reduce-protection

  23. Perrow, M.: Click’s botnet experiment. BBC Editors blog (March 13, 2009), http://www.bbc.co.uk/blogs/theeditors/2009/03/click_botnet_experiment.html

  24. Masons, P.: BBC programme broke law with botnets, says lawyer. Out-law news (March 12, 2009), http://www.out-law.com/page-9863

  25. Pocock, S.J.: When to stop a clinical trial. British Medical Journal 305(6847), 235–240 (1992)

    Article  Google Scholar 

  26. Provos, N., Mavrommatis, P., Rajab, M., Monrose, F.: All your iFrames point to us. In: 17th USENIX Security Symposium, pp. 1–15 (2008)

    Google Scholar 

  27. Rasmussen, R.: Personal Communication (August 13, 2010)

    Google Scholar 

  28. Rios, B.: Turning the Tables – Part I (September 27, 2010), http://xs-sniper.com/blog/2010/09/27/turning-the-tables/

  29. Spafford, E.H.: Are computer hacker break-ins ethical? Journal of Systems and Software 17(1), 41–48 (1992)

    Article  Google Scholar 

  30. Stone-Gross, B., Cova, M., Cavallaro, L., Gilbert, B., Szydlowski, M., Kemmerer, R., Kruegel, C., Vigna, G.: Your botnet is my botnet: analysis of a botnet takeover. In: Proceedings of the 16th ACM CCS, pp. 635–647. ACM Press, New York (2009)

    Google Scholar 

  31. US Department of Justice: Manhattan U.S. Attorney Charges 37 Defendants Involved in Global Bank Fraud Schemes that Used ‘Zeus Trojan’ and Other Malware to Steal Millions of Dollars from U.S. Bank Accounts (press release September 30, 2010), http://newyork.fbi.gov/dojpressrel/pressrel10/nyfo093010.html

  32. Vixie, P.: Taking Back the DNS. CircleID (July 30, 2010), http://www.circleid.com/posts/20100728_taking_back_the_dns/

  33. Warner, G.: Is Russia joining the Zeus hunt? Cybercrime & Doing Time (October 4, 2010), http://garwarner.blogspot.com/2010/10/is-russia-joining-zeus-hunt.html

  34. Weaver, R., Collins, M.P.: Fishing for phishes: applying capture-recapture methods to estimate phishing populations. In: Anti-Phishing Working Group eCrime Researchers Summit (APWG eCrime), pp. 14–25. ACM Press, New York (2007)

    Chapter  Google Scholar 

  35. Wilkins, J.: Mercury: Or the Secret and Swift Messenger. Maynard and Wilkins, London (1641)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Research on Computation and Society, Harvard University, USA

    Tyler Moore

  2. Computer Laboratory, University of Cambridge, UK

    Richard Clayton

Authors
  1. Tyler Moore
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Richard Clayton
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microsoft Research Cambridge, Roger Needham Building, 7 J J Thomson Avenue, CB3 0FB, Cambridge, UK

    George Danezis

  2. Department of Computer Science, Stevens Institute of Technology, Castle Point on Hudson, 07030, Hoboken, NJ, USA

    Sven Dietrich

  3. Central Research Laboratories, NEC Corporation, 1753 Shimonumabe Nakahara, 211-8666, Kawasaki, Japan

    Kazue Sako

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Moore, T., Clayton, R. (2012). Ethical Dilemmas in Take-Down Research. In: Danezis, G., Dietrich, S., Sako, K. (eds) Financial Cryptography and Data Security. FC 2011. Lecture Notes in Computer Science, vol 7126. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29889-9_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29889-9_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29888-2

  • Online ISBN: 978-3-642-29889-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation