Research Methods for Cyber Security

Research Methods for Cyber Security teaches scientific methods for generating impactful knowledge, validating theories, and adding critical rigor to the cyber security field. This book shows how to develop a research plan, beginning by starting research with a question, then offers an introduction to the broad range of useful research methods for cyber security research: observational, mathematical, experimental, and applied. Each research method chapter concludes with recommended outlines and suggested templates for submission to peer reviewed venues. This book concludes with information on cross-cutting issues within cyber security research.

Cyber security research contends with numerous unique issues, such as an extremely fast environment evolution, adversarial behavior, and the merging of natural and social science phenomena. Research Methods for Cyber Security addresses these concerns and much more by teaching readers not only the process of science in the context of cyber security research, but providing assistance in execution of research as well.

• Presents research methods from a cyber security science perspective
• Catalyzes the rigorous research necessary to propel the cyber security field forward
• Provides a guided method selection for the type of research being conducted, presented in the context of real-world usage

About the Authors

Thomas Edgar is a Senior Cyber Security Research Scientist at the Pacific Northwest National Laboratory. He has completed research in the areas of secure communication protocols, cryptographic trust management, critical infrastructure protection, and developing a scientific approach to cyber security. Edgar’s research interests include the scientific underpinnings of cyber security and applying scientific based cyber security solutions to enterprise and critical infrastructure environments. His expertise lies in scientific process, critical infrastructure security, protocol development, cyber forensics, network security, and testbed and experiment construction. Edgar has a BS and MS in Computer Science from the University of Tulsa with a specialization in information assurance.

David Manz is currently a Senior Cyber Security Scientist in the National Security Directorate at the Pacific Northwest National Laboratory. He holds a B.S. in Computer and Information Science from the Robert D. Clark Honors College at the University of Oregon and a Ph.D. in Computer Science from the University of Idaho. David's work at PNNL includes enterprise resilience and cyber security, secure control system communication, and critical infrastructure security. Enabling his research is an application of relevant research methods for cyber security (Cyber Security Science). Prior to his work at PNNL, David spent five years as a researcher on Group Key Management Protocols for the Center for Secure and Dependable Systems at the University of Idaho (U of I). David also has experience teaching undergraduate and graduate computer science courses at U of I, and as an adjunct faculty at Washington State University. David has co-authored numerous papers and presentations on cyber security, control system security, and cryptographic key management.