Remote experiments with human participants play an important role across multiple fields of studies, from medical science to engineering, as they allow for better representation of human participants and more realistic experimental environments, and ensure research continuity in exceptional circumstances, such as nationwide lockdowns. Yet cyber security has few standards for conducting experiments with human participants, let alone in a remote setting. In this paper, we introduce an end-to-end framework for remote experimentation in cyber security. This framework systematises design and deployment practices while preserving realistic, reproducible data collection and the safety and privacy of participants. We evaluate our framework using a case study involving Internetof-Things (IoT) devices deployed at remote locations and analyse the experience from the perspectives of both the researchers and the participants.
CCS CONCEPTS• Security and privacy → Social aspects of security and privacy; Usability in security and privacy;