A First Look at the Usability of OpenVAS Vulnerability Scanner
Proceedings 2019 Workshop on Usable Security(2019)
摘要
Vulnerability scanning is a fundamental step for assuring system security. It is also an integral component of IT system risk assessment to manage the identified vulnerabilities in a timely and prioritized way. It is critical that the tools for vulnerability scanning are usable so that cybersecurity practitioners get the most out of them. In this work, we evaluate the usability of a commonly used open source vulnerability scanning tool − OpenVAS 9.0. For this purpose, we carry out expertbased and user-based testings. Expert-based testing is carried out by employing the heuristic analysis and cognitive walkthrough approaches. User-based testing is performed by selecting 10 cybersecurity experts as participants. As a result, we identify pitfalls that lead to insecurity or false sense of security and suggest improvements to overcome them. We also discuss the effectiveness of the methodologies employed for usability testing. Lastly, a set of heuristics compiled from the existing work and adapted to our case is provided to be reused in similar studies.
更多查看译文
关键词
openvas vulnerability scanner,usability
AI 理解论文
溯源树
样例
![](https://originalfileserver.aminer.cn/sys/aminer/pubs/mrt_preview.jpeg)
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要