InfoSec Seminar: Meta-Issues in Information Security: Ethical Issues in Network Measurement

Speaker: Shehar Bano

Date/Time: 22-Mar-2018, 16:00 UTC

Venue: Main Quad Pop-Up 102



Sound science and evidence-based decision making hinge on empiricism - insights derived from rigorous measurements. As our lives increasingly depend on digital devices and online communication, a diverse set of domains ranging from human behaviour studies, through malware analysis, to characterisation of information controls make use of data collected via network measurements. Such measurements introduce new challenges for ethical research due to their scale, speed of information dissemination, indirect interaction and complex dependencies between entities, opacity, and so forth. The research community has made efforts such as the Menlo Report to re-contextualise and extend existing ethical guidelines (e.g., the 1979 Belmont Report widely used in the biomedical and behavioural sciences). However, apt interpretation of these guidelines against the backdrop of an evolving technical, legal and social landscape is far from simple.    

In this talk, I will walk the audience through a selection of network measurement case studies, with the goal to highlight ethical challenges, the choices made, and possible alternatives. This will mostly be an interactive discussion, and will include (at least some of) the following topics:

  • Is approval from Institutional Review Board (IRB) / Research Ethics
    Board (REB) enough?
  • Do users with different technical abilities share similar
    interpretation of risks?
  • Do the same ethical guidelines apply to measurement process, and the
    results generated?
  • Do ethical guidelines apply to pre-existing data?
  • What about pre-existing data that was obtained by illicit means?
  • What about co-opted measurements (getting third-parties to indirectly generate measurements towards the targets)?
  • When to obtain consent (when is post facto consent ok)?
  • Is what’s deemed legal also ethical?
  • Does legality of method imply safety for implicated subjects?
  • Should academia use higher standards for performing measurement research?



(Shehar) Bano is a postdoctoral researcher in the Information Security Research Group at University College London. Her research interests centre on networked systems, particularly in the context of security and measurement. Currently, she is working on the design, scalability and applications of blockchains with George Danezis and Sarah Meiklejohn as part of the EU DECODE and EPSRC Glass Houses projects. She is a member of IC3 (Initiative for cryptocurrency and Contract) and The UCL Centre for Blockchain Technologies (CBT).

Network measurements form a key part of Bano’s research work - ranging from lower-layer network phenomena such as characterization of IP liveness via active Internet scans, to understanding online ecosystems in the context of security and information control. She received her Ph.D. degree ("Characterization of Internet Censorship from Multiple Perspectives") from the University of Cambridge in 2017 under the supervision of Prof. Jon Crowcroft (and co-supervised by Dr. Steven Murdoch, Prof. Vern Paxson, and Prof. Ross Anderson) where she was an Honorary Cambridge Trust Scholar, and was awarded the Mary Bradburn Scholarship by the British Federation of Women Graduates for her research work. Previously she worked on Intrusion Detection Systems (Bro), and wrote an open-source software for botnet detection (BotFlex). She interned at ICSI, UC Berkeley in 2012 and 2013. She received her Master's degree in Computer and Communication Security from National University of Science and Technology, Pakistan in 2013 for which she was awarded the President's Gold Medal. Her work has been published in the Network and Distributed System Security Symposium, the ACM Internet Measurement Conference, the Symposium on Privacy Enhancing Technologies, and other well-respected venues.

Add to Calendar

This page was last modified on 27 Mar 2014.