Abstract
Usability of antivirus (AV) tools has not received much attention yet. We conducted a laboratory study with 34 German students to investigate how they experience notifications and interventions of their AV when a threat is detected. During the study, a specifically designed harmless file triggered AV on participants’ laptops. Out of 34 participants, 19 users noticed AV messages, and 8 of them understood that the message communicated threat detection concerning a specific file. Moreover, only 6 users understood that this file was removed by the AV tool. Additionally, most participants were distracted by Windows OS messages that were unintelligible to them. We investigate reasons for incomprehension in our sample, and give recommendations for improved user interaction design of AV tools.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
Due to a collision of several unfortunate circumstances, the research team found resources for writing up the results only in 2021.
- 3.
- 4.
- 5.
- 6.
- 7.
None of the participants felt frightened or blamed us for the unsafe USB drive. All participants called us if they could not proceed with the task.
- 8.
If the participants could not use their own laptop (e.g., they forgot to bring it, or had technical issues), they used a “fallback” laptop with Windows 10 and the AV tool Sophos. Our university requires Sophos on university computers.
- 9.
Four participants that used the fallback computer are excluded from these analyses.
References
Almuhimedi, H., Felt, A.P., Reeder, R.W., Consolvo, S.: Your reputation precedes you: History, reputation, and the chrome malware warning. In: Symposium on Usable Privacy and Security (2014)
Anti-Malware Testing Standards Organization (2021). https://www.amtso.org
Anderson, B.B., Kirwan, C.B., Jenkins, J.L., Eargle, D., Howard, S., Vance, A.: How polymorphic warnings reduce habituation in the brain: insights from an fMRI study. In: ACM Conference on Human Factors in Computing Systems (2015)
AV Test Modules (2021). https://www.av-test.org/en/about-the-institute/test-procedures/test-modules-under-windows-usability/
The best antivirus software for Windows Home User (2021). https://www.av-test.org/en/antivirus/home-windows
Bauer, L., Bravo-Lillo, C., Cranor, L., Fragkaki, E.: Warning design guidelines. Technical report CMU-CyLab-13-002 (2013)
Bravo-Lillo, C., Cranor, L.F., Downs, J., Komanduri, S.: Bridging the gap in computer security warnings: a mental model approach. IEEE Secur. Priv. 9(2), 18–26 (2010)
Busse, K., Schäfer, J., Smith, M.: Replication: no one can hack my mind revisiting a study on expert and non-expert security practices and advice. In: Fifteenth Symposium on Usable Privacy and Security (2019)
Christin, N., Egelman, S., Vidas, T., Grossklags, J.: It’s all about the benjamins: an empirical study on incentivizing users to ignore security advice. In: Danezis, G. (ed.) Financial Cryptography and Data Security, FC 2011. LNCS, vol. 7035, pp. 16–30. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27576-0_2
Distler, V., Zollinger, M.L., Lallemand, C., Roenne, P.B., Ryan, P.Y., Koenig, V.: Security-visible, yet unseen? In: ACM Conference on Human Factors in Computing Systems (2019)
Edwards, W.K., Poole, E.S., Stoll, J.: Security automation considered harmful? In: Proceedings of the 2007 Workshop on New Security Paradigms (2008)
Egelman, S., Cranor, L.F., Hong, J.: You’ve been warned: an empirical study of the effectiveness of web browser phishing warnings. In: ACM Conference on Human Factors in Computing Systems (2008)
Fahl, S., Harbach, M., Muders, T., Smith, M., Sander, U.: Helping Johnny 2.0 to encrypt his Facebook conversations. In: Symposium on Usable Privacy and Security (2012)
Felt, A.P., et al.: Improving SSL warnings: comprehension and adherence. In: ACM Conference on Human Factors in Computing Systems (2015)
Forget, A., et al.: Do or do not, there is no try: user engagement may not improve security outcomes. In: Symposium on Usable Privacy and Security (2016)
Goodin, D.: Antivirus pioneer Symantec declares AV “dead" and “doomed to failure". Ars Technica (2014)
Herley, C.: More is not the answer. IEEE Secur. Priv. 12(1), 14–19 (2013)
Ion, I., Reeder, R., Consolvo, S.: ...No one can hack my mind: comparing expert and non-expert security practices. In: Symposium on Usable Privacy and Security (2015)
Jenkins, J.L., Anderson, B.B., Vance, A., Kirwan, C.B., Eargle, D.: More harm than good? How messages that interrupt can make us vulnerable. Inf. Syst. Res. 27(4), 880–896 (2016)
Kauer, M., Günther, S., Storck, D., Volkamer, M.: A comparison of American and German folk models of home computer security. In: Marinos, L., Askoxylakis, I. (eds.) Human Aspects of Information Security, Privacy, and Trust, HAS 2013. LNCS, vol. 8030, pp. 100–109. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39345-7_11
Krol, K., Moroz, M., Sasse, M.A.: Don’t work. can’t work? Why it’s time to rethink security warnings. In: International Conference on Risk and Security of Internet and Systems (CRiSIS) (2012)
Krol, K., Spring, J.M., Parkin, S., Sasse, M.A.: Towards robust experimental design for user studies in security and privacy. In: Learning from Authoritative Security Experiment Results (LASER) (2016)
Lalonde Levesque, F., Nsiempba, J., Fernandez, J.M., Chiasson, S., Somayaji, A.: A clinical study of risk factors related to malware infections. In: ACM SIGSAC Conference on Computer and Communications Cecurity (2013)
Modic, D., Anderson, R.: Reading this may harm your computer: the psychology of malware warnings. Comput. Hum. Behav. 41, 71–79 (2014)
O’Callahan, R.: Disable Your Antivirus Software (Except Microsoft’s) (2017). http://robert.ocallahan.org/2017/01/disable-your-antivirus-software-except.html
Popa, B.: Microsoft’s Antivirus Defending More than Half of Windows PCs (2019). Softpedia
Purdy, K., Klosowski, T.: You Don’t Need to Buy Antivirus Software. Wirecutter (2020). https://www.nytimes.com/wirecutter/blog/best-antivirus/
Redmiles, E.M., Kross, S., Mazurek, M.L.: How i learned to be secure: a census-representative survey of security advice sources and behavior. In: ACM SIGSAC Conference on Computer and Communications Security (2016)
Redmiles, E.M., Malone, A., Mazurek, M.L.: I think they’re trying to tell me something: advice sources and selection for digital security. In: IEEE Symposium on Security and Privacy (2016)
Redmiles, E.M., et al.: A comprehensive quality evaluation of security and privacy advice on the web. In: USENIX Security (2020)
Reeder, R.W., Ion, I., Consolvo, S.: 152 simple steps to stay safe online: security advice for non-tech-savvy users. IEEE Secur. Priv. 15(5), 55–64 (2017)
Schechter, S.E., Dhamija, R., Ozment, A., Fischer, I.: The emperor’s new security indicators. In: IEEE Symposium on Security and Privacy (2007)
Sharif, M., et al.: A field study of computer-security perceptions using anti-virus customer-support chats. In: ACM Conference on Human Factors in Computing Systems (2019)
Sunshine, J., Egelman, S., Almuhimedi, H., Atri, N., Cranor, L.F.: Crying wolf: an empirical study of SSL warning effectiveness. In: USENIX Security (2009)
Tung, L.: Top Windows Defender expert: these are the threats security hasn’t yet solved. ZDNet (2019)
Vance, A., Eargle, D., Jenkins, J.L., Kirwan, C.B., Anderson, B.B.: The fog of warnings: how non-essential notifications blur with security warnings. In: Symposium on Usable Privacy and Security (2019)
Wash, R.: Folk models of home computer security. In: Symposium on Usable Privacy and Security (2010)
Wash, R., Rader, E.: Too much knowledge? Security beliefs and protective behaviors among united states internet users. In: Symposium on Usable Privacy and Security (2015)
Wu, M., Miller, R.C., Garfinkel, S.L.: Do security toolbars actually prevent phishing attacks? In: ACM Conference on Human Factors in Computing Systems (2006)
Acknowledgments
We thank Thilo Voigt for essential support in conducting the user study, Katrin Proschek for support in the usability lab and for the idea of the cover story, Martin Ortlieb and Stefan Brandenburg for help with study design, Stella Wohnig for assistance with data analysis, the anonymous reviewers for their valuable comments, and Simone Fischer-Hübner for shepherding.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 IFIP International Federation for Information Processing
About this paper
Cite this paper
Körber, M., Kalysch, A., Massonne, W., Benenson, Z. (2022). Usability of Antivirus Tools in a Threat Detection Scenario. In: Meng, W., Fischer-Hübner, S., Jensen, C.D. (eds) ICT Systems Security and Privacy Protection. SEC 2022. IFIP Advances in Information and Communication Technology, vol 648. Springer, Cham. https://doi.org/10.1007/978-3-031-06975-8_18
Download citation
DOI: https://doi.org/10.1007/978-3-031-06975-8_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-06974-1
Online ISBN: 978-3-031-06975-8
eBook Packages: Computer ScienceComputer Science (R0)