{"id":"https://openalex.org/W1976815164","doi":"https://doi.org/10.1145/1408664.1408679","title":"The challenges of using an intrusion detection system","display_name":"The challenges of using an intrusion detection system","publication_year":2008,"publication_date":"2008-07-23","ids":{"openalex":"https://openalex.org/W1976815164","doi":"https://doi.org/10.1145/1408664.1408679","mag":"1976815164"},"language":"en","primary_location":{"id":"doi:10.1145/1408664.1408679","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1408664.1408679","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 4th symposium on Usable privacy and security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5087005536","display_name":"Rodrigo Werlinger","orcid":null},"institutions":[{"id":"https://openalex.org/I141945490","display_name":"University of British Columbia","ror":"https://ror.org/03rmrcq20","country_code":"CA","type":"education","lineage":["https://openalex.org/I141945490"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Rodrigo Werlinger","raw_affiliation_strings":["University of British Columbia, Vancouver, Canada"],"affiliations":[{"raw_affiliation_string":"University of British Columbia, Vancouver, Canada","institution_ids":["https://openalex.org/I141945490"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091571857","display_name":"Kirstie Hawkey","orcid":null},"institutions":[{"id":"https://openalex.org/I141945490","display_name":"University of British Columbia","ror":"https://ror.org/03rmrcq20","country_code":"CA","type":"education","lineage":["https://openalex.org/I141945490"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Kirstie Hawkey","raw_affiliation_strings":["University of British Columbia, Vancouver, Canada"],"affiliations":[{"raw_affiliation_string":"University of British Columbia, Vancouver, Canada","institution_ids":["https://openalex.org/I141945490"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026476203","display_name":"Kasia M\u00fcldner","orcid":"https://orcid.org/0000-0003-4660-5315"},"institutions":[{"id":"https://openalex.org/I141945490","display_name":"University of British Columbia","ror":"https://ror.org/03rmrcq20","country_code":"CA","type":"education","lineage":["https://openalex.org/I141945490"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Kasia Muldner","raw_affiliation_strings":["University of British Columbia, Vancouver, Canada"],"affiliations":[{"raw_affiliation_string":"University of British Columbia, Vancouver, Canada","institution_ids":["https://openalex.org/I141945490"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012036131","display_name":"Pooya Jaferian","orcid":null},"institutions":[{"id":"https://openalex.org/I141945490","display_name":"University of British Columbia","ror":"https://ror.org/03rmrcq20","country_code":"CA","type":"education","lineage":["https://openalex.org/I141945490"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Pooya Jaferian","raw_affiliation_strings":["University of British Columbia, Vancouver, Canada"],"affiliations":[{"raw_affiliation_string":"University of British Columbia, Vancouver, Canada","institution_ids":["https://openalex.org/I141945490"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5035380853","display_name":"Konstantin Beznosov","orcid":"https://orcid.org/0000-0002-1327-7477"},"institutions":[{"id":"https://openalex.org/I141945490","display_name":"University of British Columbia","ror":"https://ror.org/03rmrcq20","country_code":"CA","type":"education","lineage":["https://openalex.org/I141945490"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Konstantin Beznosov","raw_affiliation_strings":["University of British Columbia, Vancouver, Canada"],"affiliations":[{"raw_affiliation_string":"University of British Columbia, Vancouver, Canada","institution_ids":["https://openalex.org/I141945490"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5087005536"],"corresponding_institution_ids":["https://openalex.org/I141945490"],"apc_list":null,"apc_paid":null,"fwci":5.4992,"has_fulltext":false,"cited_by_count":65,"citation_normalized_percentile":{"value":0.95868237,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"107","last_page":"118"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9958999752998352,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.8342030048370361},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7083634734153748},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6788286566734314},{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.6629942059516907},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.6316717267036438},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.5323888063430786},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.49964451789855957},{"id":"https://openalex.org/keywords/intrusion-prevention-system","display_name":"Intrusion prevention system","score":0.4624377191066742},{"id":"https://openalex.org/keywords/work","display_name":"Work (physics)","score":0.4475932717323303},{"id":"https://openalex.org/keywords/honeypot","display_name":"Honeypot","score":0.42738714814186096},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.15032872557640076},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.06930810213088989}],"concepts":[{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.8342030048370361},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7083634734153748},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6788286566734314},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.6629942059516907},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.6316717267036438},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.5323888063430786},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.49964451789855957},{"id":"https://openalex.org/C27061796","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion prevention system","level":3,"score":0.4624377191066742},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.4475932717323303},{"id":"https://openalex.org/C191267431","wikidata":"https://www.wikidata.org/wiki/Q911932","display_name":"Honeypot","level":2,"score":0.42738714814186096},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.15032872557640076},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.06930810213088989},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1408664.1408679","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1408664.1408679","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 4th symposium on Usable privacy and security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.5299999713897705}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":30,"referenced_works":["https://openalex.org/W147592836","https://openalex.org/W1496114626","https://openalex.org/W1498728415","https://openalex.org/W1780581636","https://openalex.org/W1967042038","https://openalex.org/W1967187672","https://openalex.org/W1971741211","https://openalex.org/W1976539193","https://openalex.org/W1981681059","https://openalex.org/W1986793627","https://openalex.org/W1999448603","https://openalex.org/W2013762348","https://openalex.org/W2040804482","https://openalex.org/W2041114254","https://openalex.org/W2066410062","https://openalex.org/W2073104441","https://openalex.org/W2105779206","https://openalex.org/W2108118522","https://openalex.org/W2121513440","https://openalex.org/W2133800002","https://openalex.org/W2139684605","https://openalex.org/W2159165123","https://openalex.org/W2169691657","https://openalex.org/W2293921399","https://openalex.org/W2346085410","https://openalex.org/W2398411232","https://openalex.org/W2678934292","https://openalex.org/W6614226208","https://openalex.org/W6638148830","https://openalex.org/W6660629145"],"related_works":["https://openalex.org/W2376886931","https://openalex.org/W2351448539","https://openalex.org/W1992118813","https://openalex.org/W1495178644","https://openalex.org/W2383892082","https://openalex.org/W2185594426","https://openalex.org/W2374845301","https://openalex.org/W2357927603","https://openalex.org/W4200619826","https://openalex.org/W2376791828"],"abstract_inverted_index":{"An":[0],"intrusion":[1,17],"detection":[2,18],"system":[3],"(IDS)":[4],"can":[5,114],"be":[6,120],"a":[7,81,171],"key":[8],"component":[9],"of":[10,26,117,146,192],"security":[11,38,66,93,131],"incident":[12],"response":[13],"within":[14,170,196],"organizations.":[15],"Traditionally,":[16],"research":[19,88],"has":[20,31],"focused":[21],"on":[22],"improving":[23],"the":[24,33,37,42,51,115,143,160,190],"accuracy":[25],"IDSs,":[27,135],"but":[28],"recent":[29],"work":[30],"recognized":[32],"need":[34],"to":[35,155,158,164,183],"support":[36,182],"practitioners":[39,67,94,132,151],"who":[40,68],"receive":[41],"IDS":[43,119,147,161,195],"alarms":[44],"and":[45,56,73,107,111,127,162,188],"investigate":[46],"suspected":[47],"incidents.":[48],"To":[49],"examine":[50],"challenges":[52,187],"associated":[53],"with":[54,64,71,174],"deploying":[55,80],"maintaining":[57],"an":[58,78,97,109,118,194,197],"IDS,":[59],"we":[60],"analyzed":[61],"9":[62],"interviews":[63],"IT":[65],"have":[69,133],"worked":[70],"IDSs":[72],"performed":[74],"participatory":[75],"observations":[76],"in":[77],"organization":[79],"network":[82],"IDS.":[83],"We":[84,177],"had":[85],"three":[86],"main":[87],"questions:":[89],"(1)":[90],"What":[91,100],"do":[92,102],"expect":[95],"from":[96],"IDS?;":[98,110],"(2)":[99],"difficulties":[101],"they":[103],"encounter":[104],"when":[105],"installing":[106],"configuring":[108],"(3)":[112],"How":[113],"usability":[116],"improved?":[121],"Our":[122],"analysis":[123],"reveals":[124],"both":[125],"positive":[126],"negative":[128],"perceptions":[129],"that":[130],"for":[134,168,180],"as":[136,138],"well":[137],"several":[139],"issues":[140],"encountered":[141],"during":[142],"initial":[144],"stages":[145],"deployment.":[148],"In":[149],"particular,":[150],"found":[152],"it":[153,167],"difficult":[154],"decide":[156],"where":[157],"place":[159],"how":[163],"best":[165],"configure":[166],"use":[169],"distributed":[172],"environment":[173],"multiple":[175],"stakeholders.":[176],"provide":[178],"recommendations":[179],"tool":[181],"help":[184],"mitigate":[185],"these":[186],"reduce":[189],"effort":[191],"introducing":[193],"organization.":[198]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2021,"cited_by_count":3},{"year":2020,"cited_by_count":7},{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":4},{"year":2015,"cited_by_count":6},{"year":2014,"cited_by_count":7},{"year":2013,"cited_by_count":2},{"year":2012,"cited_by_count":7}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}