10 Pages Posted: 5 Dec 2012
Date Written: December 4, 2012
It is the nature of research that knowledge gained from one study is built upon in succeeding studies. The lessons learned – be they good or bad – help future researchers to find their path. At the same time, publication of research results is difficult when publishing imposes page limits that require leaving things out. Such restrictions in what can/can’t be included may leave unstated very important issues regarding risks to avoid, harms that were mitigated, or responsible conduct of research procedures that those who are new to a field would benefit from knowing.
This paper considers some of the ethical issues surrounding the study of malicious activity in social networks, specifically using a technique known as social honeypots combined with deception. This is a potentially touchy area of study that is common to social and behavioral research that is well understood to fall within the boundaries of human subjects research that is regulated in the United States and reviewed by Institutional Review Boards, but is not well understood by computer security researchers or those in the private sector.
Keywords: social networks, honeypots, social honeypots, privacy, ethics, malware, botnets, phishing, computer security, fraud
Suggested Citation: Suggested Citation