Cognitive analysis of intrusion detection system

Бесплатный доступ

Usability evaluation methods have gained a substantial attention in networks particularly in Intrusion Detection System (IDS) as these evaluation methods are envisioned to achieve usability and define usability defects for a large number of practical software’s. Despite a good number of available survey and methods on usability evaluation, we feel that there is a gap in existing literature in terms of usability evaluation methods, IDS interfaces and following usability guidelines in IDS development. This paper reviews the state of the art for improving usability of networks that illustrates the issues and challenges in the context of design matters. Further, we propose the taxonomy of key issues in evaluation methods and usability problems. We also define design heuristics for IDS users and interfaces that improves detection of usability defects and interface usability compared to conventional evaluation heuristics. The similarities and differences of usability evaluation methods and usability problems are summarized on the basis of usability factors, current evaluation methods and interfaces loopholes.

Еще

Intrusion detection system, heuristics evaluation, ids interface, usability evaluation methods

Короткий адрес: https://sciup.org/146282429

IDR: 146282429

Список литературы Cognitive analysis of intrusion detection system

  • Allen M., Currie L. M., Bakken S., Patel V. L. & Cimino J. J. Heuristic evaluation of paper-based Web pages: A simplified inspection usability methodology. Journal of Biomedical Informatics, 2006, 39(4), 412-423. doi:10.1016/j jbi.2005.10.004
  • Almarashdeh I. A., Sahari N., Azan N. & Zin M. Heuristic Evaluation of Distance Learning Management System Interface, 2011, July.
  • Butt S. M., Fatimah W. & Ahmad W. Analysis and evaluation of cognitive behavior in Software Interfaces using an Expert System. Engineering, 2012, 5(1), 146-154.
  • Cannady J., & Harrell J. A comparative analysis of current intrusion detection technologies. Proceedings of the Fourth Technology for ... 2000. Retrieved from ftp://www.polinux.upv.es/viejo/ pub/doc/ids/A_Comparative_Analysis_of_Current_Intrusion_Detection_Technologies.pdf
  • Carvajal L., Moreno A. M., Sánchez-Segura M. I. & Seffah A. Usability through software design. IEEE Transactions on Software Engineering, 2013, 39, 1582-1596. doi:10.1109/TSE.2013.29
  • Chebrolu S., Abraham A. & Thomas J. P. Feature deduction and ensemble design of intrusion detection systems. Computers and Security, 2005, 24, 295-307. doi:10.1016/j.cose.2004.09.008
  • Cranor L. F. & Garfinkel S. Security and Usablity: Designing secure systems that people can use. Theory in practice, 2005, 714.
  • Dillon A. Beyond usability: process, outcome and affect in human-computer interactions. Canadian Journal of Library and Information Science, 2002, 26, 57-69. Retrieved from http://arizona. openrepository.com/arizona/handle/10150/106391
  • Fernandez A., Abrahao S. & Insfran E. A systematic review on the effectiveness of web usability evaluation methods. Evaluation Assessment in Software Engineering EASE2012 16th International Conference, 2012, 52-56. doi:10.1049/ic.2012.0007
  • Fernandez A., Abrahao S. & Insfran E. Empirical validation of a usability inspection method for model-driven Web development. The Journal of Systems & Software, 2013, 86(1), 161-186. doi:10.1016/jjss.2012.07.043
  • Folmer E., Van Welie M. & Bosch J. Bridging patterns: An approach to bridge gaps between SE and HCI. Information and Software Technology, 2006, 48, 69-89. doi:10.1016/j. infsof.2005.02.005
  • Furnell S. Making security usable: Are things improving? Elsevier Ltd, 2007, 26, 434-443. doi:10.1016/j.cose.2007.06.003
  • Goodall J. R., Lutters W. G. & Komlodi A. The Work of Intrusion Detection: Rethinking the Role of Security Analysts, 2004, August, 1421-1427.
  • Goodall J. R., Ozok A. A., Lutters W. G., Rheingans P. & Komlodi A. A user-centered approach to visualizing network traffic for intrusion detection. Proceedings of ACM CHI 2005 Conference on Human Factors in Computing Systems, 2005, 2, 1403-1406. doi:10.1145/1056808.1056927
  • Grabenbauer L. A., Fruhling A. L. & Windle J. R. Towards a Cardiology /EHR Interaction Workflow Usability Evaluation Method, 2014. doi:10.1109/HICSS.2014.331
  • Guenther J., Volk F. & Shaneck M. Proposing a multi-touch interface for intrusion detection environments. Proceedings of the Seventh ..., 2010, 13-21. Retrieved from http://dl.acm.org/citation. cfm?id=1850797
  • Hafiz M. D., Abdullah A. H., Ithnin N. & Mammi H. K. Towards Identifying Usability and Security Features of Graphical Password in Knowledge Based Authentication Technique, 2008. doi:10.1109/AMS.2008.136
  • Hanumansetty R. G. Model based approach for context aware and adaptive user interface generation. Scenario, 2004. Retrieved from http://scholar.lib.vt.edu/theses/available/etd-08242004-120131/
  • Heeren C. & Furnell S. Improving the Usability of Security Features within Tools and Applications. ... Computing, Networks and Security, 2011, 8, 137-145. Retrieved from http://books.google.com/books?hl=en&lr=&id=3NzOAwAAQBAJ&oi=fnd&pg=PA137&dq=Impro ving+the+Usability+of+Security+Features+within+Tools+and+Applications&ots=N3yVo6ezKh&s ig=KQMKlIzMJzZ3ro1I6dJiSyw_FP4
  • Holzinger A. Usability engineering methods for software developers. Communications of the ACM, 2005, 48, 71-74. doi:10.1145/1039539.1039541
  • Holzinger A. Usability engineering methods for software developers. Communications of the ACM, 2005. doi:10.1145/1039539.1039541
  • Huart J., Kolski C. & Sagar M. Evaluation of multimedia applications using inspection methods: The Cognitive Walkthrough case. Interacting with Computers, 2004, 16, 183-215. doi:10.1016/j.intcom.2003.12.005
  • Hwang K., Cai M., Chen Y. & Qin M. Hybrid intrusion detection with weighted signature generation over anomalous internet episodes. IEEE Transactions on Dependable and Secure Computing, 2007, 4, 41-55. doi:10.1109/TDSC.2007.9
  • International Organization for Standardization, & International Electrotechnical Commission. ISO/IEC9126-1. Software engineering, 2001. Product quality. Part 1: Quality model. Software Process: Improvement and Practice (Vol. 2, pp. 1-25). doi:10.1002/(SICI)1099-1670(199603)2:1-35:: AID-SPIP29>3.0.CO;2-3
  • Ivory M. Y. & Hearst M. A. The State of the Art in Automating Usability Evaluation of User Interfaces, 2001, 33(4), 470-516.
  • Jaferian P. & Hawkey K. Heuristics for evaluating IT security management tools. HumanComputer ..., 2014. Retrieved from http://www.tandfonline.com/doi/abs/10.1080/07370024.2013.81919
  • Jaferian P., Hawkey K. & Beznosov K. Challenges in evaluating complex IT security management systems, 2010.
  • Kennard R, & Leane, J. Towards a general purpose architecture for UI generation. Journal of Systems and Software, 2010, 83, 1896-1906. doi:10.1016/j.jss.2010.05.079
  • Khalid H. M. Embracing diversity in user needs for affective design. Applied Ergonomics, 2006, 37, 409-418. doi:10.1016/j.apergo.2006.04.005
  • Komlodi A., Goodall J. & Lutters W. An information visualization framework for intrusion detection. CHI'04 Extended Abstracts on ..., 2004, 1743-1746. doi:10.1145/985921.1062935
  • Kraemer S., Carayon P. & Clem J. Human and organizational factors in computer and information security: Pathways to vulnerabilities. Computers & Security, 2009, 28(7), 509-520. doi:10.1016/j.cose.2009.04.006
  • Macik M., Cerny T. & Slavik P. Context-sensitive, cross-platform user interface generation. Journal on Multimodal User Interfaces, 2014, 8(2), 217-229. doi:10.1007/s12193-013-0141-0
  • Mahatody T., Sagar M. & Kolski C. State of the Art on the Cognitive Walkthrough Method, Its Variants and Evolutions. International Journal of Human-Computer Interaction, 2010. doi:10.1080/10447311003781409
  • Memmel T., Box D. & Reiterer H. Agile Human-Centered Software Engineering, 2007.
  • Memmel T., Gundelsweiler F. & Reiterer H. CRUISER: A Cross-Discipline User Interface and Software Engineering Lifecycle, 2007, 174-183.
  • Moustafa F. & Furnell S. M. Assessing the Usability of Security Features in Tools and Applications, 1975, 98-106.
  • Nielsen J. & Molich R. Heuristic evaluation of user interfaces. Proceedings of the SIGCHI conference on Human factors in computing systems Empowering people - CHI '90, 1990, 249-256. doi:10.1145/97243.97281
  • Norman K. L. & Panizzi E. Levels of automation and user participation in usability testing. Interacting with Computers, 2006, 18, 246-264. doi:10.1016/j.intcom.2005.06.002
  • Nurmuliani N., Zowghi D. & Williams S. P. Using card sorting technique to classify requirements change. Proceedings. 12th IEEE International Requirements Engineering Conference, 2004. doi:10.1109/ICRE.2004.1335681
  • Patil T., Bhutkar G. & Tarapore N. Usability Evaluation Using Specialized Heuristics with, 2012, 317-328.
  • Paz F., Villanueva D., Rusu C., Roncagliolo S., Pow-sang J. A. Experimental Evaluation of Usability Heuristics, 2013, 119-126. doi:10.1109/ITNG.2013.23
  • Pyla P. & Pérez-Quiñones M. Towards a model-based framework for integrating usability and software engineering life cycles, 2004. arXiv Preprint Cs/ ... Retrieved from http://arxiv.org/abs/cs/0402036
  • Ramli R. B. M. & Jaafar A. B. e-RUE: A cheap possible solution for usability evaluation. Proceedings - International Symposium on Information Technology, 2008, ITSim, 4.
  • Sauer J., Seibel K. & Rüttinger B. The influence of user expertise and prototype fidelity in usability tests. Applied Ergonomics, 2010, 41, 130-140. doi:10.1016/j.apergo.2009.06.003
  • Sauer J. & Sonderegger A. The influence of prototype fidelity and aesthetics of design in usability tests: Effects on user behaviour, subjective evaluation and emotion. Applied Ergonomics, 2009, 40(4), 670-677. doi:10.1016/j.apergo.2008.06.006
  • Sefelin R., Tscheligi M. & Giller V. Paper prototyping - what is it good for?: a comparison of paper- and computer-based low-fidelity prototyping. CHI '03 Extended Abstracts on Human Factors in Computing Systems, 2003, 778-779. doi:10.1145/765891.765986
  • Seffah A., Donyaee M., Kline R. B. & Padda H. K. Usability measurement and metrics: A consolidated model. Software Quality Journal, 2006, 14, 159-178. doi:10.1007/s11219-006-7600-8
  • Seffah A. & Metzker E. The obstacles and myths of usability and software engineering. Communications of the ACM, 2004. doi:10.1145/1035134.1035136
  • Seibel K. & Ru B. The influence of user expertise and prototype fidelity in usability tests, 2010, 41, 130-140. doi:10.1016/j.apergo.2009.06.003
  • Silva T. S. da, Martin A., Maurer F. & Silveira M. User-Centered Design and Agile Methods: A Systematic Review. AGILE Conference, 2011, 77-86. doi:10.1109/AGILE.2011.24
  • Sivaji A., Abdullah M. R., Downe A. G., Fatimah W. & Ahmad W. Hybrid Usability Methodology: Integrating Heuristic Evaluation with Laboratory Testing across the Software Development Lifecycle, 2013. doi:10.1109/ITNG.2013.60
  • Sivaji A., Soo S. & Abdullah M. R. Automated Heuristic Evaluation System, 2011. doi:10.1109/ CICSyN.2011.23
  • Sonderegger A. & Sauer J. The influence of design aesthetics in usability testing: Effects on user performance and perceived usability. Applied Ergonomics, 2010, 41(3), 403-410. doi:10.1016/j. apergo.2009.09.002
  • Soomro S., Fatimah W., Ahmad W. F. W., Sulaiman S., Wan Ahmad W. F. & Wan Ahmed W. F. Evaluation of Mobile Games Using Playability Heuristics. Information System International Conference, 2013 (ISIC02013), 2, 2-7. doi:10.1109/ICCISci.2012.6297177
  • Sutcliffe A. Assessing the reliability of heuristic evaluation for Web site attractiveness and usability. Proceedings of the 35th Annual Hawaii International Conference on System Sciences, 2002. doi:10.1109/HICSS.2002.994098
  • Thompson R. S., Rantanen E. M., Yurcik W. & Bailey B. P. Command line or pretty lines?: comparing textual and visual interfaces for intrusion detection. Proceedings of ACM CHI 2007 Conference on Human Factors in Computing Systems, 2007, 1, 1205-1214. Retrieved from http://doi. acm.org/10.1145/1240624.1240807
  • Tran V., Kolp M., Vanderdonckt J., Wautelet Y. & Faulkner S. Agent-based user interface generation from combined task, context and domain models. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2010, 5963 LNCS, 146-161. doi:10.1007/978-3-642-11797-8_12
  • Tuch A. N., Roth S. P., Hornbsk K., Opwis K. & Bargas-avila J. A. Computers in Human Behavior Is beautiful really usable? Toward understanding the relation between usability, aesthetics, and affect in HCI. Computers in Human Behavior, 2012, 28(5), 1596-1607. doi:10.1016/j.chb.2012.03.024
  • Van Den Bergh J. & Coninx K. Towards Modeling Context-Sensitive Interactive Applications: the Context-Sensitive User Interface Profile (CUP). Proceedings of the 2005 ACM symposium on Software visualization, 2005, 87-94. doi:10.1145/1056018.1056030
  • Wang Baldonado M. Q., Woodruff A. & Kuchinsky A. Guidelines for using multiple views in information visualization. Proceedings of the Working Conference on Advanced Visual Interfaces -AVI '00, 2000, 110-119. doi:10.1145/345513.345271
  • Werlinger R., Hawkey K., Muldner K. & Jaferian P. The Challenges of Using an Intrusion Detection System: Is It Worth the Effort?, 2006, 1.
  • Yee K. P. Aligning security and usability. IEEE Security and Privacy, 2004. doi:10.1109/ MSP.2004.64
  • Yin X., Yurcik W., Treaster M., Li Y. & Lakkaraju K. VisFlowConnect: netflow visualizations of link relationships for security situational awareness. Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security, 2004, 26-34. doi:10.1145/1029208.1029214
  • Zhou A. T. Improving intrusion detection systems, 2004, 1641-1644.
Еще
Статья научная