Making Experiments Dependable

  • Roy Maxion
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6875)


In computer science and computer security we often do experiments to establish or compare the performance of one approach vs another to some problem, such as intrusion detection or biometric authentication. An experiment is a test or an assay for determining the characteristics of the item under study, and hence experimentation involves measurements.

Measurements are susceptible to various kinds of error, any one of which could make an experimental outcome invalid and untrustworthy or undependable. This paper focuses on one kind of methodological error – confounding – that can render experimental outcomes inconclusive, but often without the investigator knowing it. Hence, valuable time and other resources can be expended for naught. We show examples from the domain of keystroke biometrics, explaining several different examples of methodological error, their consequences, and how to avoid them.


Experimentation Measurement Operational definitions Validity 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bryan, W.L., Harter, N.: Studies in the physiology and psychology of the telegraphic language. Psychological Review 4(1), 27–53 (1897)CrossRefGoogle Scholar
  2. 2.
    Feynman, R.P., Leighton, R.B., Sands, M.: The Feynman Lectures on Physics, vol. 1, pp. 1–1. Addison-Wesley, Reading (1963)zbMATHGoogle Scholar
  3. 3.
    Killourhy, K., Maxion, R.: The effect of clock resolution on keystroke dynamics. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 331–350. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  4. 4.
    Killourhy, K.S., Maxion, R.A.: Comparing anomaly-detection algorithms for keystroke dynamics. In: IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2009), pp. 125–134. IEEE Computer Society Press, Los Alamitos (2009)CrossRefGoogle Scholar
  5. 5.
    Maxion, R.A., Killourhy, K.S.: Keystroke biometrics with number-pad input. In: IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2010), pp. 201–210. IEEE Computer Society Press, Los Alamitos (2010)CrossRefGoogle Scholar
  6. 6.
    Microsoft Developer Network: EVENTMSG structure (2008), Scholar
  7. 7.
    Peacock, A., Ke, X., Wilkerson, M.: Typing patterns: A key to user identification. IEEE Security and Privacy 2(5), 40–47 (2004)CrossRefGoogle Scholar
  8. 8.
    Shadish, W.R., Cook, T.D., Campbell, D.T.: Experimental and Quasi-Experimental Designs for Generalized Causal Inference. Houghton Mifflin, Boston (2002)Google Scholar
  9. 9.
    Taylor, B.N., Kuyatt, C.E.: Guidelines for evaluating and expressing the uncertainty of NIST measurement results. NIST Technical Note, 1994 Edition 1297, National Institute of Standards and Technology (NIST), Gaithersburg, Maryland 20899-0001 (September 1994)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Roy Maxion
    • 1
  1. 1.Dependable Systems Laboratory, Computer Science DepartmentCarnegie Mellon UniversityPittsburghUSA

Personalised recommendations