Assessing the usability of personal internet security tools

Document Type

Conference Proceeding


Academic Publishing Limited


Faculty of Computing, Health and Science


School of Computer and Security Science / Centre for Security Research




Ibrahim, T., Furnell, S. M., Papadaki, M., & Clarke, N. L. (2009). Assessing the usability of personal internet security tools. In Proceedings of the 8th European Conference on Information Warfare and Security (ECIW 2009), Military Academy, Lisbon & the University of Minho, Braga, Portugal (July 6-7, 2009). Available here


The popularity of the Internet and all the services it provides has driven the demand for computers in the home. Unfortunately, these home users typically represent a group of users who are generally poorly educated about the dangers and threats that exist when connected to the Internet. To this end, security vendors have provided a variety of integrated security solutions that provide Anti-Virus, Firewalls and Intrusion Detection Systems to enable home users to become better protected. However, the need to rely upon users to make decisions about potential threats they have little or no information about is concerning at best. An analysis of user interfaces that relate to security have shown they frequently lack in providing usable interfaces that users are able to make informed decisions from. The aim of the paper is to support these home users by proposing a set of novel design criteria to enable the development of usable security alerts which are triggered by home security mechanisms. Drawing from literature, the criteria that are proposed take into account the unique usability issues that exist when dealing with information security: explicit and useful information, the ability to make a timely response and a consistent presentation of information. A walkthrough using a potentially problematic dialog from Norton 360 is used as a case study to highlight the current issues with the interfaces and to evaluate the proposed criteria. The findings of the evaluation reveal that the novel criteria are promising and the assessment of other security tools are required to make consistent and valuable recommendations.