Ethical Dilemmas in Take-Down Research

  • Tyler Moore
  • Richard Clayton
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7126)


We discuss nine ethical dilemmas which have arisen during the investigation of ‘notice and take-down’ regimes for Internet content. Issues arise when balancing the desire for accurate measurement to advance the security community’s understanding with the need to immediately reduce harm that is uncovered in the course of measurement. Research methods demand explanation to be accepted in peer-reviewed publications, yet the dissemination of knowledge may help miscreants improve their operations and avoid detection in the future. Finally, when researchers put forward solutions to problems they have identified, it is important that they ensure that their interventions demonstrably improve the situation and do not cause undue collateral damage.


Ethical Dilemma Intrusion Detection System Internet Content Mystery Shopper Copyright Violation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ahlert, C., Marsden, C., Yung, C.: How ‘Liberty’ disappeared from cyberspace: the mystery shopper tests Internet content self-regulation (2004),
  2. 2.
    Anderson, R., Moore, T.: The economics of information security. Science 314(5799), 610–613 (2006)CrossRefGoogle Scholar
  3. 3.
    Chao, L.: China Porn Measures Raise Fear Of Censors. Wall Street Journal, page A10 (December 17, 2009),
  4. 4.
    Clayton, R.: Anonymity and Traceability in Cyberspace. Technical Report UCAM-CL-TR-653, University of Cambridge Computer Laboratory (2005)Google Scholar
  5. 5.
    Dittrich, D., Leder, F., Werner, T.: A Case Study in Ethical Decision Making Regarding Remote Mitigation of Botnets. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) RLCPS, WECSR, and WLC 2010. LNCS, vol. 6054, pp. 216–230. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  6. 6.
    Dornseif, M.: Government mandated blocking of foreign web content. In: von Knop, J., Haverkamp, W., Jessen, E. (eds.): Security, E-Learning, E-Services: Proceedings of the 17. DFN-Arbeitstagung über Kommunikationsnetze, Düsseldorf, Lecture Notes in Informatics, pp. 617–648 (2003)Google Scholar
  7. 7.
    Franklin, J., Paxson, V., Perrig, A., Savage, S.: An inquiry into the nature and causes of the wealth of Internet miscreants. In: Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS), pp. 375–388. ACM Press, New York (2007)Google Scholar
  8. 8.
    Gill, C.: Hi-tech crime police quiz 19 people over Internet bank scam that netted hackers up to £20m from British accounts. Daily Mail (September 29, 2010),
  9. 9.
    Hobbs, A.C. (Tomlinson, C. (ed.)): Locks and Safes: The Construction of Locks. Virtue and Co., London (1853)Google Scholar
  10. 10.
    Kanich, C., Kreibich, C., Levchenko, K., Enright, B., Voelker, G.M., Paxson, V., Savage, S.: Spamalytics: an empirical analysis of spam marketing conversion. In: Proceedings of the 15th ACM CCS, pp. 3–14. ACM Press, New York (2008)Google Scholar
  11. 11.
    Kemmerer, R.: How to steal a botnet and what can happen when you do. Google Tech Talk (2009),
  12. 12.
    McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Transactions on Information and System Security 3(4), 262–294 (2000)Google Scholar
  13. 13.
    Moore, T.: How can we co-operate to tackle phishing? Light Blue Touchpaper (October 27, 2008),
  14. 14.
    Moore, T., Clayton, R.: Examining the impact of website take-down on phishing. In: 2nd Anti-Phishing Working Group eCrime Researchers Summit (APWG eCrime), pp. 1–13. ACM Press, New York (2007)CrossRefGoogle Scholar
  15. 15.
    Moore, T., Clayton, R.: The Impact of Incentives on Notice and Take-down. In: Eric Johnson, M. (ed.) Managing Information Risk and the Economics of Security, pp. 199–223. Springer, New York (2008)Google Scholar
  16. 16.
    Moore, T., Clayton, R.: The consequence of non-cooperation in the fight against phishing. In: Anti-Phishing Working Group eCrime Researchers Summit (APWG eCrime), pp. 1–14. IEEE (2008)Google Scholar
  17. 17.
    Moore, T., Clayton, R.: Evil Searching: Compromise and Recompromise of Internet Hosts for Phishing. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 256–272. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  18. 18.
    Moore, T., Clayton, R.: The impact of public information on phishing attack and defense. Communications and Strategies 81(1), 45–68 (2011)Google Scholar
  19. 19.
    Moran, T., Moore, T.: The Phish-Market Protocol: Securely Sharing Attack Data Between Competitors. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 222–237. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  20. 20.
    Mutton, P.: Mr-Brain: Stealing Phish from Fraudsters. Netcraft Blog (January 22, 2008),
  21. 21.
    Nas, S.: The Multatuli project: ISP notice & take down. In: SANE (2004),
  22. 22.
    Olsen, E.: A Contrary Perspective – Forced Data Sharing Will Decrease Performance and Reduce Protection. Cyveillance Blog (October 28, 2008),
  23. 23.
    Perrow, M.: Click’s botnet experiment. BBC Editors blog (March 13, 2009),
  24. 24.
    Masons, P.: BBC programme broke law with botnets, says lawyer. Out-law news (March 12, 2009),
  25. 25.
    Pocock, S.J.: When to stop a clinical trial. British Medical Journal 305(6847), 235–240 (1992)CrossRefGoogle Scholar
  26. 26.
    Provos, N., Mavrommatis, P., Rajab, M., Monrose, F.: All your iFrames point to us. In: 17th USENIX Security Symposium, pp. 1–15 (2008)Google Scholar
  27. 27.
    Rasmussen, R.: Personal Communication (August 13, 2010)Google Scholar
  28. 28.
    Rios, B.: Turning the Tables – Part I (September 27, 2010),
  29. 29.
    Spafford, E.H.: Are computer hacker break-ins ethical? Journal of Systems and Software 17(1), 41–48 (1992)CrossRefGoogle Scholar
  30. 30.
    Stone-Gross, B., Cova, M., Cavallaro, L., Gilbert, B., Szydlowski, M., Kemmerer, R., Kruegel, C., Vigna, G.: Your botnet is my botnet: analysis of a botnet takeover. In: Proceedings of the 16th ACM CCS, pp. 635–647. ACM Press, New York (2009)Google Scholar
  31. 31.
    US Department of Justice: Manhattan U.S. Attorney Charges 37 Defendants Involved in Global Bank Fraud Schemes that Used ‘Zeus Trojan’ and Other Malware to Steal Millions of Dollars from U.S. Bank Accounts (press release September 30, 2010),
  32. 32.
    Vixie, P.: Taking Back the DNS. CircleID (July 30, 2010),
  33. 33.
    Warner, G.: Is Russia joining the Zeus hunt? Cybercrime & Doing Time (October 4, 2010),
  34. 34.
    Weaver, R., Collins, M.P.: Fishing for phishes: applying capture-recapture methods to estimate phishing populations. In: Anti-Phishing Working Group eCrime Researchers Summit (APWG eCrime), pp. 14–25. ACM Press, New York (2007)CrossRefGoogle Scholar
  35. 35.
    Wilkins, J.: Mercury: Or the Secret and Swift Messenger. Maynard and Wilkins, London (1641)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Tyler Moore
    • 1
  • Richard Clayton
    • 2
  1. 1.Center for Research on Computation and SocietyHarvard UniversityUSA
  2. 2.Computer LaboratoryUniversity of CambridgeUK

Personalised recommendations