Using Camouflaged Cyber Simulations as a Model to Ensure Validity in Cybersecurity Experimentation

Abstract: Experimental research methods describe standards to safeguard scientific integrity and reputability. These methods have been extensively integrated into traditional scientific disciplines and studied in the philosophy of science. The field of cybersecurity is just beginning to develop preliminary research standards and modeling practices. As such, the science of cybersecurity routinely fails to meet empirical research criteria, such as internal validity, external validity, and construct validity. These standards of experimentation enable the development of metrics, create assurance of experimental soundness, and aid in the generalizability of results. To facilitate such empirical experimentation in cybersecurity, we propose the adaptation of camouflaged cyber simulations as an approach for cybersecurity research. This research tool supports this mechanistic method of experimentation and aids in the construction of general cybersecurity research best practices.