Spring, J;
Illari, PK;
(2019)
Building General Knowledge of Mechanisms in Information Security.
Philosophy & Technology
, 32
(4)
pp. 627-659.
10.1007/s13347-018-0329-z.
Preview |
Text
Spring-Illari_2018_building-general-K.pdf - Published Version Download (917kB) | Preview |
Abstract
We show how more general knowledge can be built in information security, by the building of knowledge of mechanism clusters, some of which are multifield. By doing this, we address in a novel way the longstanding philosophical problem of how, if at all, we come to have knowledge that is in any way general, when we seem to be confined to particular experiences. We also address the issue of building knowledge of mechanisms by studying an area that is new to the mechanisms literature: the methods of what we shall call mechanism discovery in information security. This domain offers a fascinating novel constellation of challenges for building more general knowledge. Specifically, the building of stable communicable mechanistic knowledge is impeded by the inherent changeability of software, which is deployed by malicious actors constantly changing how their software attacks, and also by an ineliminable secrecy concerning the details of attacks not just by attackers (black hats), but also by information security defenders (white hats) as they protect their methods from both attackers and commercial competitors. We draw out ideas from the work of the mechanists Darden, Craver, and Glennan to yield an approach to how general knowledge of mechanisms can be painstakingly built. We then use three related examples of active research problems from information security (botnets, computer network attacks, and malware analysis) to develop philosophical thinking about building general knowledge using mechanisms, and also apply this to develop insights for information security. We show that further study would be instructive both for practitioners (who might welcome the help in conceptualizing what they do) and for philosophers (who will find novel insights into building general knowledge of a highly changeable domain that has been neglected within philosophy of science).
| Type: | Article |
|---|---|
| Title: | Building General Knowledge of Mechanisms in Information Security |
| Open access status: | An open access version is available from UCL Discovery |
| DOI: | 10.1007/s13347-018-0329-z |
| Publisher version: | https://doi.org/10.1007/s13347-018-0329-z |
| Language: | English |
| Additional information: | This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. |
| Keywords: | Mechanistic explanation, General knowledge, Multifield mechanisms, Building mechanistic knowledge, Computer security incident response |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Maths and Physical Sciences UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Maths and Physical Sciences > Dept of Science and Technology Studies |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10057147 |
Archive Staff Only
 |
View Item |
