Lab notebook
In-depth analyses of malware samples, technique deep-dives, and lab notes from the field. Long-form, technical, no fluff.
41 articles in "research-methodology" — page 2 of 5
Most research-integrity offices organise misconduct into three categories abbreviated FFP. What makes the security-domain versions worth studying separately is that the downstream consequences — defences that do not work, benchmarks that cannot be replicated — affect people who never read the paper that contained the misconduct.
A published paper and the algorithm it describes are protected differently — and conflating the two is one of the most common student errors in this area. Understanding the three forms of intellectual property, the specific limit Section 3(k) of the Patents Act places on algorithm patents, and what the MIT, GPL, and Apache licences each require turns IP knowledge into something practically useful for a researcher.
Security research carries a tension built into its subject matter: work that helps defenders — a working exploit, a detailed vulnerability write-up — can equally help attackers. Responsible disclosure norms exist to manage this tension. The EternalBlue case shows what happens at government scale when those norms are not followed.
Five units, read in sequence, form one continuous journey. Chapter 5 asks the question every earlier step assumed a good answer to: was the research collected, analysed, and published in a way that respects the people, organisations, and property the study touched?
Informed consent is not a signature on a form. It is a specific sequence of obligations — disclosure, comprehension, voluntariness, competence — and it applies even when the study involves deception, as long as a debrief follows. In India, two additional legal frameworks now sit alongside the ethics committee: the DPDP Act 2023 and the CERT-In six-hour mandatory incident reporting rule.
IMRaD is not a bureaucratic template. Each section has a job: the introduction asks a question, the methods explain how it was investigated, the results report what was found, and the discussion explains what it means. Knowing the job makes writing the section easier.
An introduction has four jobs: establish the context, identify a specific gap or problem, position the present study as the answer to that problem, and tell the reader what is coming. Most student introductions do only the first one.
A literature review is not a list of summaries. It is an argument. The argument runs: here is what has been done, here is what it cannot yet answer, and here is the gap the present study fills. Every paragraph should serve that argument.
The methodology chapter has one job: give another researcher enough information to replicate the study and get the same result. Everything in it — design choice, instrument, sample, analysis tool — needs a justification, not just a name.