Skip to main content
SpringerLink
Log in

Usability of Antivirus Tools in a Threat Detection Scenario

  • Conference paper
  • First Online:
ICT Systems Security and Privacy Protection (SEC 2022)

Part of the book series: IFIP Advances in Information and Communication Technology ((IFIPAICT,volume 648))

  • 874 Accesses

Abstract

Usability of antivirus (AV) tools has not received much attention yet. We conducted a laboratory study with 34 German students to investigate how they experience notifications and interventions of their AV when a threat is detected. During the study, a specifically designed harmless file triggered AV on participants’ laptops. Out of 34 participants, 19 users noticed AV messages, and 8 of them understood that the message communicated threat detection concerning a specific file. Moreover, only 6 users understood that this file was removed by the AV tool. Additionally, most participants were distracted by Windows OS messages that were unintelligible to them. We investigate reasons for incomprehension in our sample, and give recommendations for improved user interaction design of AV tools.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 119.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.cs1.tf.fau.de/research/human-factors-in-security-and-privacy-group/antivirus-usability.

  2. 2.

    Due to a collision of several unfortunate circumstances, the research team found resources for writing up the results only in 2021.

  3. 3.

    https://www.torproject.org.

  4. 4.

    https://support.virustotal.com/hc/en-us/articles/115002146809-Contributors.

  5. 5.

    https://www.teamviewer.com.

  6. 6.

    https://www.cs1.tf.fau.de/research/human-factors-in-security-and-privacy-group/antivirus-usability.

  7. 7.

    None of the participants felt frightened or blamed us for the unsafe USB drive. All participants called us if they could not proceed with the task.

  8. 8.

    If the participants could not use their own laptop (e.g., they forgot to bring it, or had technical issues), they used a “fallback” laptop with Windows 10 and the AV tool Sophos. Our university requires Sophos on university computers.

  9. 9.

    Four participants that used the fallback computer are excluded from these analyses.

References

  1. Almuhimedi, H., Felt, A.P., Reeder, R.W., Consolvo, S.: Your reputation precedes you: History, reputation, and the chrome malware warning. In: Symposium on Usable Privacy and Security (2014)

    Google Scholar 

  2. Anti-Malware Testing Standards Organization (2021). https://www.amtso.org

  3. Anderson, B.B., Kirwan, C.B., Jenkins, J.L., Eargle, D., Howard, S., Vance, A.: How polymorphic warnings reduce habituation in the brain: insights from an fMRI study. In: ACM Conference on Human Factors in Computing Systems (2015)

    Google Scholar 

  4. AV Test Modules (2021). https://www.av-test.org/en/about-the-institute/test-procedures/test-modules-under-windows-usability/

  5. The best antivirus software for Windows Home User (2021). https://www.av-test.org/en/antivirus/home-windows

  6. Bauer, L., Bravo-Lillo, C., Cranor, L., Fragkaki, E.: Warning design guidelines. Technical report CMU-CyLab-13-002 (2013)

    Google Scholar 

  7. Bravo-Lillo, C., Cranor, L.F., Downs, J., Komanduri, S.: Bridging the gap in computer security warnings: a mental model approach. IEEE Secur. Priv. 9(2), 18–26 (2010)

    Article  Google Scholar 

  8. Busse, K., Schäfer, J., Smith, M.: Replication: no one can hack my mind revisiting a study on expert and non-expert security practices and advice. In: Fifteenth Symposium on Usable Privacy and Security (2019)

    Google Scholar 

  9. Christin, N., Egelman, S., Vidas, T., Grossklags, J.: It’s all about the benjamins: an empirical study on incentivizing users to ignore security advice. In: Danezis, G. (ed.) Financial Cryptography and Data Security, FC 2011. LNCS, vol. 7035, pp. 16–30. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27576-0_2

  10. Distler, V., Zollinger, M.L., Lallemand, C., Roenne, P.B., Ryan, P.Y., Koenig, V.: Security-visible, yet unseen? In: ACM Conference on Human Factors in Computing Systems (2019)

    Google Scholar 

  11. Edwards, W.K., Poole, E.S., Stoll, J.: Security automation considered harmful? In: Proceedings of the 2007 Workshop on New Security Paradigms (2008)

    Google Scholar 

  12. Egelman, S., Cranor, L.F., Hong, J.: You’ve been warned: an empirical study of the effectiveness of web browser phishing warnings. In: ACM Conference on Human Factors in Computing Systems (2008)

    Google Scholar 

  13. Fahl, S., Harbach, M., Muders, T., Smith, M., Sander, U.: Helping Johnny 2.0 to encrypt his Facebook conversations. In: Symposium on Usable Privacy and Security (2012)

    Google Scholar 

  14. Felt, A.P., et al.: Improving SSL warnings: comprehension and adherence. In: ACM Conference on Human Factors in Computing Systems (2015)

    Google Scholar 

  15. Forget, A., et al.: Do or do not, there is no try: user engagement may not improve security outcomes. In: Symposium on Usable Privacy and Security (2016)

    Google Scholar 

  16. Goodin, D.: Antivirus pioneer Symantec declares AV “dead" and “doomed to failure". Ars Technica (2014)

    Google Scholar 

  17. Herley, C.: More is not the answer. IEEE Secur. Priv. 12(1), 14–19 (2013)

    Article  Google Scholar 

  18. Ion, I., Reeder, R., Consolvo, S.: ...No one can hack my mind: comparing expert and non-expert security practices. In: Symposium on Usable Privacy and Security (2015)

    Google Scholar 

  19. Jenkins, J.L., Anderson, B.B., Vance, A., Kirwan, C.B., Eargle, D.: More harm than good? How messages that interrupt can make us vulnerable. Inf. Syst. Res. 27(4), 880–896 (2016)

    Article  Google Scholar 

  20. Kauer, M., Günther, S., Storck, D., Volkamer, M.: A comparison of American and German folk models of home computer security. In: Marinos, L., Askoxylakis, I. (eds.) Human Aspects of Information Security, Privacy, and Trust, HAS 2013. LNCS, vol. 8030, pp. 100–109. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39345-7_11

  21. Krol, K., Moroz, M., Sasse, M.A.: Don’t work. can’t work? Why it’s time to rethink security warnings. In: International Conference on Risk and Security of Internet and Systems (CRiSIS) (2012)

    Google Scholar 

  22. Krol, K., Spring, J.M., Parkin, S., Sasse, M.A.: Towards robust experimental design for user studies in security and privacy. In: Learning from Authoritative Security Experiment Results (LASER) (2016)

    Google Scholar 

  23. Lalonde Levesque, F., Nsiempba, J., Fernandez, J.M., Chiasson, S., Somayaji, A.: A clinical study of risk factors related to malware infections. In: ACM SIGSAC Conference on Computer and Communications Cecurity (2013)

    Google Scholar 

  24. Modic, D., Anderson, R.: Reading this may harm your computer: the psychology of malware warnings. Comput. Hum. Behav. 41, 71–79 (2014)

    Article  Google Scholar 

  25. O’Callahan, R.: Disable Your Antivirus Software (Except Microsoft’s) (2017). http://robert.ocallahan.org/2017/01/disable-your-antivirus-software-except.html

  26. Popa, B.: Microsoft’s Antivirus Defending More than Half of Windows PCs (2019). Softpedia

  27. Purdy, K., Klosowski, T.: You Don’t Need to Buy Antivirus Software. Wirecutter (2020). https://www.nytimes.com/wirecutter/blog/best-antivirus/

  28. Redmiles, E.M., Kross, S., Mazurek, M.L.: How i learned to be secure: a census-representative survey of security advice sources and behavior. In: ACM SIGSAC Conference on Computer and Communications Security (2016)

    Google Scholar 

  29. Redmiles, E.M., Malone, A., Mazurek, M.L.: I think they’re trying to tell me something: advice sources and selection for digital security. In: IEEE Symposium on Security and Privacy (2016)

    Google Scholar 

  30. Redmiles, E.M., et al.: A comprehensive quality evaluation of security and privacy advice on the web. In: USENIX Security (2020)

    Google Scholar 

  31. Reeder, R.W., Ion, I., Consolvo, S.: 152 simple steps to stay safe online: security advice for non-tech-savvy users. IEEE Secur. Priv. 15(5), 55–64 (2017)

    Article  Google Scholar 

  32. Schechter, S.E., Dhamija, R., Ozment, A., Fischer, I.: The emperor’s new security indicators. In: IEEE Symposium on Security and Privacy (2007)

    Google Scholar 

  33. Sharif, M., et al.: A field study of computer-security perceptions using anti-virus customer-support chats. In: ACM Conference on Human Factors in Computing Systems (2019)

    Google Scholar 

  34. Sunshine, J., Egelman, S., Almuhimedi, H., Atri, N., Cranor, L.F.: Crying wolf: an empirical study of SSL warning effectiveness. In: USENIX Security (2009)

    Google Scholar 

  35. Tung, L.: Top Windows Defender expert: these are the threats security hasn’t yet solved. ZDNet (2019)

  36. Vance, A., Eargle, D., Jenkins, J.L., Kirwan, C.B., Anderson, B.B.: The fog of warnings: how non-essential notifications blur with security warnings. In: Symposium on Usable Privacy and Security (2019)

    Google Scholar 

  37. Wash, R.: Folk models of home computer security. In: Symposium on Usable Privacy and Security (2010)

    Google Scholar 

  38. Wash, R., Rader, E.: Too much knowledge? Security beliefs and protective behaviors among united states internet users. In: Symposium on Usable Privacy and Security (2015)

    Google Scholar 

  39. Wu, M., Miller, R.C., Garfinkel, S.L.: Do security toolbars actually prevent phishing attacks? In: ACM Conference on Human Factors in Computing Systems (2006)

    Google Scholar 

Download references

Acknowledgments

We thank Thilo Voigt for essential support in conducting the user study, Katrin Proschek for support in the usability lab and for the idea of the cover story, Martin Ortlieb and Stefan Brandenburg for help with study design, Stella Wohnig for assistance with data analysis, the anonymous reviewers for their valuable comments, and Simone Fischer-Hübner for shepherding.

Author information

Authors and Affiliations

  1. Friedrich-Alexander-Universität Erlangen-Nürnberg, Erlangen, Germany

    Michael Körber, Anatoli Kalysch, Werner Massonne & Zinaida Benenson

Authors
  1. Michael Körber
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anatoli Kalysch
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Werner Massonne
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Zinaida Benenson
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zinaida Benenson .

Editor information

Editors and Affiliations

  1. Technical University of Denmark, Lyngby, Denmark

    Weizhi Meng

  2. Karlstad University, Karlstad, Sweden

    Simone Fischer-Hübner

  3. Technical University of Denmark, Lyngby, Denmark

    Christian D. Jensen

Rights and permissions

Reprints and permissions

Copyright information

© 2022 IFIP International Federation for Information Processing

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Körber, M., Kalysch, A., Massonne, W., Benenson, Z. (2022). Usability of Antivirus Tools in a Threat Detection Scenario. In: Meng, W., Fischer-Hübner, S., Jensen, C.D. (eds) ICT Systems Security and Privacy Protection. SEC 2022. IFIP Advances in Information and Communication Technology, vol 648. Springer, Cham. https://doi.org/10.1007/978-3-031-06975-8_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-06975-8_18

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-06974-1

  • Online ISBN: 978-3-031-06975-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation