Enigma 2023 has ended
Back To Schedule
Wednesday, January 25 • 2:40pm - 3:10pm
Why Is Our Security Research Failing? Five Practices to Change!

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Everybody complains about the current cybersecurity state. Regardless of the reason, nobody is fully satisfied. I don't think "security is broken". In fact, we have "more" security nowadays than at any time in the past. However, it is true that the field has a lot to progress. Therefore, in this talk, I assume the methodological position that security research is failing and I present my discoveries when trying to understand which aspects of security could have been failing and thus might be enhanced. I support my investigation with results from a published systematic literature review of 400+ papers from the last 20 years of published malware research in the most reputable venues. I identified more than 20 challenges and pitfalls in security research and categorized them into 5 high-level categories that will be discussed in this talk: (i) the lack of diversity in study types; (ii) researchers not looking to the market and industry when needed; (iii) researchers focus too much on the industry and market; (iv) the lack of guidelines in the field; and (v) the reproducibility crisis that cybersecurity and almost all fields face. I close the talk with suggestions that one might adopt to mitigate these problems. My recommendations are divided according to the multiple stakeholders in the field and they range from (i) researchers developing more longitudinal studies with representative populations; to (ii) the field establishing more guidelines for experiment development; and (iii) venues clearly welcoming diversified study types.

avatar for Marcus Botacin

Marcus Botacin

Texas A&M University
Marcus is a Computer Science Assistant Professor at Texas A&M University (TAMU). Marcus holds a Computer Science PhD (Federal University of Paraná, Brazil, 2021), Master in Computer Science (University of Campinas, Brazil, 2017), and a Computer Engineering Bachelor (University of... Read More →

Wednesday January 25, 2023 2:40pm - 3:10pm PST
Santa Clara Ballroom