How to Design Computer Security Experiments

  • Sean Peisert
  • Matt Bishop
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 237)


In this paper, we discuss the scientific method and how it can be applied to computer security experiments. We reiterate a number of general scientific principles, such as falsifiable hypotheses, scientific controls, reproducible results, and data quality.


Network Traffic Intrusion Detection System Computer Security Sunspot Cycle Network Trace 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [AriCE]
    Aristotle. Organon. 100 B.C.E.Google Scholar
  2. [Bis03]
    Matt Bishop. Computer Security: Art and Science. Addison-Wesley Professional, Boston, MA, 2003.Google Scholar
  3. [Boy61]
    Robert Boyle. The Unsuccessful Experiment. In Certain Physiological Essays. Henry Herringman, London, 1661.Google Scholar
  4. [Huf54]
    Darrell Huff. How to Lie With Statistics. Norton, 1954.Google Scholar
  5. [Kuh62]
    Thomas S. Kuhn. The Structure of Scientific Revolutions. University of Chicago Press, Chicago, 1962.Google Scholar
  6. [Lin53]
    James Lind. A Treatise of the Scurvy. Sands, Murray, and Cochran for A Kincaid and A Donaldson, 1753.Google Scholar
  7. [New87]
    Sir Isaac Newton. Philosophiae Naturalis Prmcipia Mathematica. The Royal Society, 1687.Google Scholar
  8. [Pop59]
    Karl Raimund Popper. The Logic of Scientific Discovery. Routledge, 1959.Google Scholar
  9. [Spi03]
    Lance Spitzner. The Honeynet Project: Trapping the Hackers. IEEE Security & Privacy, 1(2): 15–23, Mar–Apr 2003.Google Scholar
  10. [Wik07]
    The Free Encyclopedia Wikipedia. Scientific method., January 30 09:59 UTC 2007.Google Scholar

Copyright information

© International Federation for Information Processing 2007

Authors and Affiliations

  • Sean Peisert
    • 1
  • Matt Bishop
    • 2
  1. 1.Dept. of Computer Science & EngineeringUniversity of CaliforniaSan DiegoUSA
  2. 2.Department of Computer ScienceUniversity of CaliforniaDavisUSA

Personalised recommendations