In the face of a wide range of attacks. Intrusion Detection Systems (IDS) and other Internet
security tools represent potentially valuable safeguards to identify and combat the problems
facing online systems. However, despite the fact that a variety o f commercial and open source
solutions are available across a range of operating systems and network platforms, it is notable
that the deployment of IDS is often markedly less than other well-known network security
countermeasures and other tools may often be used in an ineffective manner.
This thesis considers the challenges that users may face while using IDS, by conducting a web-based
questionnaire to assess these challenges. The challenges that are used in the questionnaire
were gathered from the well-established literature. The participants responses varies between
being with or against selecting them as challenges but all the listed challenges approved that
they are consider problems in the IDS field.
The aim of the research is to propose a novel set of Human Computer Interaction-Security
(HCI-S) usability criteria based on the findings of the web-based questionnaire. Moreover,
these criteria were inspired from previous literature in the field of HCI. The novelty of the
criteria is that they focus on the security aspects. The new criteria were promising when they
were applied to Norton 360, a well known Internet security suite. Testing the alerts issued by
security software was the initial step before testing other security software. Hence, a set of security software were selected and some alerts were triggered as a result of performing a
penetration test conducted within a test-bed environment using the network scanner Nmap. The
findings reveal that four of the HCI-S usability criteria were not fully addressed by all of these
security software.
Another aim of this thesis is to consider the development of a prototype to address the HCI-S
usability criteria that seem to be overlooked in the existing security solutions. The thesis
conducts a practical user trial and the findings are promising and attempt to find a proper
solution to solve this problem. For instance, to take advantage of previous security decisions, it
would be desirable for a system to consider the user's previous decisions on similar alerts, and
modify alerts accordingly to account for the user's previous behaviour. Moreover, in order to
give users a level of fiexibility, it is important to enable them to make informed decisions, and
to be able to recover from them if needed. It is important to address the proposed criteria that
enable users to confirm / recover the impact of their decision, maintain an awareness of system
status all the time, and to offer responses that match users' expectations.
The outcome of the current study is a set of a proposed 16 HCI-S usability criteria that can be
used to design and to assess security alerts issued by any Internet security suite. These criteria
are not equally important and they vary between high, medium and low.
Date of Award | 2011 |
---|
Original language | English |
---|
Awarding Institution | |
---|
Sponsors | The embassy of the arab republic of Egypt (cultural centre & educational bureau) in London |
---|
Supervisor | Steve Furnell (Other Supervisor) |
---|
- Security
- Usability
- HCI
- HCI-S
- IDS
Improving Intrusion Prevention, Detection and Response
Ibrahim, T. M. A. (Author). 2011
Student thesis: PhD