Assessing the Usability of End-User Security Software

  • Tarik Ibrahim
  • Steven M. Furnell
  • Maria Papadaki
  • Nathan L. Clarke
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6264)


From a previous study we have determined that commercial security products can suffer from a usability perspective, lacking the necessary attention to design in relation to their alert interfaces. The aim of the paper is to assess the usability of alerts in some of the leading Internet security packages, based upon a related set of usability criteria. The findings reveal that the interface design combined with the user’s relative lack of security knowledge are two major challenges that influence their decision making process. The analysis of the alert designs showed that four of the criteria are not addressed in any of the selected security measures and it would be desirable to consider the user’s previous decisions on similar alerts, and modify alerts according to the user’s previous behaviour.


Security Usability Human Computer Interaction (HCI) Home Users Intrusion Detection Systems Security Software Network Scanning 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Symantec: Symantec Internet Security Threat Report. Trends for January 07 – June 07, Symantec Enterprise Security, vol. XII (September 2007)Google Scholar
  2. 2.
    House of Lords. Science and Technology Committee. 5th Report of Session 2006–07. Personal Internet Security. United Kingdom Parliament. HL Paper 165–I. London: The Stationery Limited, (accessed: 15/11/2009)
  3. 3.
    Ibrahim, T., Furnell, S.M., Papadaki, M., Clarke, N.L.: Assessing the Challenges of Intrusion Detection Systems. In: Proceedings of the 7th Annual Security Conference. Las Vegas, USA (June 2-3, 2008)Google Scholar
  4. 4.
    Lai, K., Wren, D.: Antivirus, Internet Security and Total Security Performance Benchmarking,
  5. 5.
    Ibrahim, T., Furnell, S.M., Papadaki, M., Clarke, N.L.: Assessing the Usability of Personal Internet Security Tools. In: Proceedings of the 8th European Conference on Information Warfare and Security (ECIW 2009), Military Academy, Lisbon & the University of Minho, Braga, Portugal (July 6-7, 2009)Google Scholar
  6. 6.
    Nielsen, J.: Enhancing the explanatory power of usability heuristics. In: Proceedings of ACM CHI’94 Conference, Boston, Massachusetts, USA, April 24-28, pp. 152–158 (1994)Google Scholar
  7. 7.
    Nielsen, J.: Ten usability heuristics, (accessed: 14/12/2008)
  8. 8.
    Johnston, J., Eloff, J.H.P., Labuschagne, L.: Security and human computer interfaces. Computers & Security 22(8), 675–684 (2003)CrossRefGoogle Scholar
  9. 9.
    Top Security Software, (accessed: 26/01/2009)
  10. 10.
    Barnett, R.J., Irwin, B.: Towards a Taxonomy of Network Scanning Techniques. In: Proceedings of the 2008 Annual Research Conference of the South African Institute of Computer Scientists and Information Technologists on IT Research in Developing Countries: Riding the Wave of technology (SAICSIT ’08), Wilderness, South Africa, October 6-8, pp. 1–7 (2008)Google Scholar
  11. 11.
    Nessus. The Network Vulnerability Scanner, (accessed: 26/01/2009)
  12. 12.
    Nmap. Nmap Security Scanner, (accessed: 26/01/2009)
  13. 13.
    Siraj, A., Vaughn, R.: A Dynamic Fusion Approach for Security Situation Assessment. In: Proceedings of the Fourth IASTED International Conference on Communication, Network, and Information Security (CNIS 2007), Berkeley, California (September 24-26, 2007)Google Scholar
  14. 14.
    Chiasson, S., van Oorschot, P.C., Biddle, R.: Even experts deserve usable security: Design guidelines for security management systems. In: Proceedings of Symposium on Usable Privacy and Security (SOUPS ’07), Pittsburgh, PA, July 18-20 (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Tarik Ibrahim
    • 1
    • 2
  • Steven M. Furnell
    • 1
    • 3
  • Maria Papadaki
    • 1
  • Nathan L. Clarke
    • 1
    • 3
  1. 1.Centre for Security, Communications & Network ResearchUniversity of PlymouthPlymouthUnited Kingdom
  2. 2.Department of Mathematics, Faculty of ScienceAssiut UniversityAssiutEgypt
  3. 3.School of Computer and Security ScienceEdith Cowan UniversityPerth

Personalised recommendations