EpochZero Learn
EpochZero LearnMulti-Domain Tech Learning Hub
Courses
LeaderboardAbout
Dashboard
EpochZero
EpochZero Learn
Multi-Domain Tech Learning Hub

Structured learning for Reverse Engineering, Cloud Security, Cryptography, and Web Development. Articles, videos, tests, and peer discussion.

Learn

  • Learning Path
  • All Articles
  • Video Lessons
  • Podcast
  • eBooks & PDFs
  • Question Banks
  • Cheatsheets
  • MCQ Banks

Tests & Forum

  • All Tests
  • REMA Tests
  • Cloud Tests
  • Forum
  • REMA Forum
  • Cloud Forum
  • Crypto Forum
  • Web Dev Forum

Campus

  • REMA Club
  • Full Stack Dev Club
  • Extension Activity
  • Events
  • CTF Competitions
  • Workshops
  • Industrial Visits

Platform

  • Dashboard
  • Leaderboard
  • About
  • Verify Certificate

© 2026 EpochZero Learn. Educational content for learning purposes.

Course Instructor: Ashish Revar

All articles
research-methodologyresearch-basicsresearch-design

Types of Research

Fundamental or applied? Qualitative or quantitative? Experimental or merely observational? Most studies sit on all three scales at once -- and confusing observational data with an experiment is one of the most common mistakes in security research.

Ashish Revar6 July 20268 min read11 views
Quick Bite

⚡ Quick Bite · 40s

Types of Research: 3 Scales Every Study Must Use

Not all research is the same. The three independent scales every study sits on — Fundamental vs. Applied, Qualitative vs. Quantitative, and Experimental vs. Observational — and why control matters for proving causation.

Watch this 40-second summary before diving into the full article. Sign in to earn 5 leaderboard points.

Three Scales, Not Three Boxes

A single study is almost always placed on more than one of the following scales at once. There's no rule that a project has to pick exactly one label.

Fundamental and Applied Research

Fundamental research is enquiry aimed at extending what is known, without a specific application in mind at the time. A new mathematical bound on how quickly an encryption scheme can be broken by brute force is fundamental research — its value lies in the knowledge itself.

Applied research is enquiry aimed at solving a specific, practical problem, usually by drawing on fundamental knowledge that already exists. Building a classifier that flags phishing URLs at a bank's mail gateway is applied research: it takes established learning theory and puts it to work on a live operational problem.

This isn't a ranking of one over the other. A field only advances when both kinds of work continue together. Fundamental research supplies the theory that applied work later tests against messy field data, and applied work routinely surfaces anomalies that send theorists back to their equations.

Qualitative and Quantitative Research

Qualitative research is concerned with meaning and context, usually recorded in words. Open interviews with SOC analysts about why they ignore certain alerts is qualitative work — the output is a set of themes, not a number.

Quantitative research is concerned with measurable quantities, analysed through statistics. Comparing the false-positive rate of two intrusion-detection rule sets on the same traffic capture is quantitative work.

Experimental Research — and Why It's Not the Same as Quantitative

Experimental research is enquiry where the investigator deliberately changes one condition while holding the rest fixed, to see its effect on an outcome. Running the same malware sample against three different sandbox configurations, and comparing what behaviour each one reveals, is experimental because the configuration is under the researcher's control.

Not every quantitative study is experimental, and this distinction trips people up constantly. Going back through three years of a CERT's incident records to look for a seasonal pattern in ransomware reports is quantitative — but it's observational: nothing in the data was manipulated. A causal claim needs an experimental design. Observational work can only show that two things move together, and it has to say so plainly rather than implying a causation it hasn't earned.

Matching Type to Question

TypeA question it suits
FundamentalCan a bound be proved on how many attempts a key-search attack needs?
AppliedCan ransomware's file-encryption behaviour be flagged on an endpoint within three seconds?
QualitativeWhy do SOC analysts distrust automated alert triage?
QuantitativeBy how much does a new feature improve detection accuracy?
ExperimentalDoes balancing a training dataset change the false-negative rate, everything else held fixed?

Plotting a Study on the Grid

Fundamental/applied and qualitative/quantitative are independent axes — a single study can land anywhere on this grid, not just at one label:

  • Applied + quantitative: measuring an IDS rule set's accuracy
  • Fundamental + quantitative: proving a bound on a cipher's key-search space
  • Applied + qualitative: interviewing analysts on alert fatigue
  • Fundamental + qualitative: a grounded-theory study of how analysts read disassembly

Check Your Understanding

Distinguish fundamental from applied research using an example from your own coursework in malware analysis or cloud security. Which of the four research objectives from the previous topic does your example serve?

Sign in to mark this article as read and track your progress.

More articlesTest your knowledge