Ethics in IT security research

Track: Presentation



Sebastian Neuner, Martin Mulazzani and Sebastian Schrittwieser


Veronika Nowak, sba Research, Vienna


Research in IT security often comes with decisions and possibilities that may or may not be considered ethical. However, it is often hard for young researchers to estimate the impact of their work, possible consequences and overall morality, as well as to where to draw the line. In some cases it is likely that more than hundreds of thousands of users will be affected, and it is unclear what is in their best interest: removal of a threat? Or rather a deeper analysis of the threat, which could prevent further vulnerabilities or attacks that are similar? In most cases, this decision is then left to the advisor who may have conflicting interests.