{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,6]],"date-time":"2026-02-06T20:52:20Z","timestamp":1770411140219,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":38,"publisher":"ACM","license":[{"start":{"date-parts":[[2008,7,23]],"date-time":"2008-07-23T00:00:00Z","timestamp":1216771200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2008,7,23]]},"DOI":"10.1145\/1408664.1408679","type":"proceedings-article","created":{"date-parts":[[2008,9,4]],"date-time":"2008-09-04T21:44:44Z","timestamp":1220564684000},"page":"107-118","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":36,"title":["The challenges of using an intrusion detection system"],"prefix":"10.1145","author":[{"given":"Rodrigo","family":"Werlinger","sequence":"first","affiliation":[{"name":"University of British Columbia, Vancouver, Canada"}]},{"given":"Kirstie","family":"Hawkey","sequence":"additional","affiliation":[{"name":"University of British Columbia, Vancouver, Canada"}]},{"given":"Kasia","family":"Muldner","sequence":"additional","affiliation":[{"name":"University of British Columbia, Vancouver, Canada"}]},{"given":"Pooya","family":"Jaferian","sequence":"additional","affiliation":[{"name":"University of British Columbia, Vancouver, Canada"}]},{"given":"Konstantin","family":"Beznosov","sequence":"additional","affiliation":[{"name":"University of British Columbia, Vancouver, Canada"}]}],"member":"320","published-online":{"date-parts":[[2008,7,23]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"February","year":"2007","unstructured":"Argus intrusion detection and prevention. http:\/\/www.qosient.com\/argus\/ , February 2007 . Argus intrusion detection and prevention. http:\/\/www.qosient.com\/argus\/, February 2007."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1031607.1031672"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.aei.2004.11.001"},{"key":"e_1_3_2_1_4_1","unstructured":"Base: Basic analysis and security engine. http:\/\/sourceforge.net\/projects\/secureideas February 2008.  Base: Basic analysis and security engine. http:\/\/sourceforge.net\/projects\/secureideas February 2008."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1280680.1280693"},{"key":"e_1_3_2_1_6_1","volume-title":"February","year":"2008","unstructured":"Bro intrusion detection system. http:\/\/bro-ids.org , February 2008 . Bro intrusion detection system. http:\/\/bro-ids.org, February 2008."},{"key":"e_1_3_2_1_7_1","volume-title":"Constructing Grounded Theory. SAGE publications","author":"Charmaz K.","year":"2006","unstructured":"K. Charmaz . Constructing Grounded Theory. SAGE publications , 2006 . K. Charmaz. Constructing Grounded Theory. SAGE publications, 2006."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2004.09.008"},{"key":"e_1_3_2_1_9_1","volume-title":"Ethnography: Step by Step","author":"Fetterman D. M.","year":"1998","unstructured":"D. M. Fetterman . Ethnography: Step by Step . Sage Publications Inc ., 1998 . D. M. Fetterman. Ethnography: Step by Step. Sage Publications Inc., 1998."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1353-4858(04)00035-2"},{"key":"e_1_3_2_1_11_1","volume-title":"Proc. of Human Aspects of Information Security and Assurance (HAISA) (to appear, 10 pages)","author":"Gagn\u00e9 A.","year":"2008","unstructured":"A. Gagn\u00e9 , K. Muldner , and K. Beznosov . Identifying differences between security and other IT professionals: a qualitative analysis . In Proc. of Human Aspects of Information Security and Assurance (HAISA) (to appear, 10 pages) , Plymouth, England , July 2008 . A. Gagn\u00e9, K. Muldner, and K. Beznosov. Identifying differences between security and other IT professionals: a qualitative analysis. In Proc. of Human Aspects of Information Security and Assurance (HAISA) (to appear, 10 pages), Plymouth, England, July 2008."},{"key":"e_1_3_2_1_12_1","first-page":"1421","volume-title":"Proc of the Americas Conference on Information Systems (AMCIS)","author":"Goodall J.","year":"2004","unstructured":"J. Goodall , W. Lutters , and A. Komlodi . The work of intrusion detection: Rethinking the role of security analysts . In Proc of the Americas Conference on Information Systems (AMCIS) , pages 1421 -- 1427 , 2004 . J. Goodall, W. Lutters, and A. Komlodi. The work of intrusion detection: Rethinking the role of security analysts. In Proc of the Americas Conference on Information Systems (AMCIS), pages 1421--1427, 2004."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1031607.1031663"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1234772.1234774"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1358628.1358905"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/MIC.2008.61"},{"key":"e_1_3_2_1_17_1","volume-title":"Sand Castles. In SOUPS '06: Proceedings of the second symposium on Usable privacy and security","author":"Hill A.","year":"2006","unstructured":"A. Hill . Shortcuts, Habits, and Sand Castles. In SOUPS '06: Proceedings of the second symposium on Usable privacy and security , Pittsburgh, Pennsylvania , 2006 . Invited talk. A. Hill. Shortcuts, Habits, and Sand Castles. In SOUPS '06: Proceedings of the second symposium on Usable privacy and security, Pittsburgh, Pennsylvania, 2006. Invited talk."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2007.9"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/775047.775101"},{"key":"e_1_3_2_1_20_1","first-page":"357","volume-title":"Security and Usability: Designing Secure Systems that People Can Use","author":"Kandogan E.","year":"2005","unstructured":"E. Kandogan and E. M. Haber . Security administration tools and practices . In Security and Usability: Designing Secure Systems that People Can Use , chapter 18, pages 357 -- 378 . O'Reilly Media, Inc. , Sebastapol , 2005 . E. Kandogan and E. M. Haber. Security administration tools and practices. In Security and Usability: Designing Secure Systems that People Can Use, chapter 18, pages 357--378. O'Reilly Media, Inc., Sebastapol, 2005."},{"key":"e_1_3_2_1_21_1","volume-title":"Incident management","author":"Killcrece G.","year":"2005","unstructured":"G. Killcrece , K.-P. Kossakowski , R. Ruefle , and M. Zajicek . Incident management , 2005 . G. Killcrece, K.-P. Kossakowski, R. Ruefle, and M. Zajicek. Incident management, 2005."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/VIZSEC.2005.1"},{"issue":"1","key":"e_1_3_2_1_23_1","first-page":"69","article-title":"lynn Thomson and R. von Solms. Information security obedience: a definition. Computers &","volume":"24","author":"K","year":"2005","unstructured":"K . lynn Thomson and R. von Solms. Information security obedience: a definition. Computers & Security , 24 ( 1 ): 69 -- 75 , 2005 . K. lynn Thomson and R. von Solms. Information security obedience: a definition. Computers & Security, 24(1):69--75, 2005.","journal-title":"Security"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1179576.1179600"},{"key":"e_1_3_2_1_25_1","volume-title":"In 2nd Workshop on Securing Voice over IP","author":"McGann S.","year":"2005","unstructured":"S. McGann and D. C. Sicker . An analysis of security threats and tools in sip-based voip systems . In In 2nd Workshop on Securing Voice over IP , June 2005 . S. McGann and D. C. Sicker. An analysis of security threats and tools in sip-based voip systems. In In 2nd Workshop on Securing Voice over IP, June 2005."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1108\/09685220710831116"},{"key":"e_1_3_2_1_27_1","volume-title":"February","year":"2008","unstructured":"Open source host-based intrusion detection system. www.ossec.net , February 2008 . Open source host-based intrusion detection system. www.ossec.net, February 2008."},{"key":"e_1_3_2_1_28_1","volume-title":"The cathedral and the bazaar. First Monday, 3(3)","author":"Raymond E. S.","year":"1998","unstructured":"E. S. Raymond . The cathedral and the bazaar. First Monday, 3(3) , 1998 . E. S. Raymond. The cathedral and the bazaar. First Monday, 3(3), 1998."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.5555\/2835547.2835548"},{"issue":"4","key":"e_1_3_2_1_30_1","first-page":"334","article-title":"Whatever happened to qualitative description? Research in Nursing &","volume":"23","author":"Sandelowski M.","year":"2000","unstructured":"M. Sandelowski . Whatever happened to qualitative description? Research in Nursing & Health , 23 ( 4 ): 334 -- 340 , 2000 . M. Sandelowski. Whatever happened to qualitative description? Research in Nursing & Health, 23(4):334--340, 2000.","journal-title":"Health"},{"key":"e_1_3_2_1_31_1","volume-title":"Guide to intrusion detection and prevention systems (idps). Technical report","author":"Scarfone K.","year":"2007","unstructured":"K. Scarfone and P. Mell . Guide to intrusion detection and prevention systems (idps). Technical report , NIST : National Instutute of Standards and Technology, U.S. Department of Commerce , 2007 . K. Scarfone and P. Mell. Guide to intrusion detection and prevention systems (idps). Technical report, NIST: National Instutute of Standards and Technology, U.S. Department of Commerce, 2007."},{"key":"e_1_3_2_1_32_1","volume-title":"February","year":"2008","unstructured":"Squil. sguil.sourceforge.net , February 2008 . Squil. sguil.sourceforge.net, February 2008."},{"key":"e_1_3_2_1_33_1","volume-title":"February","year":"2007","unstructured":"Snort intrusion detection and prevention. http:\/\/www.snort.org\/ , February 2007 . Snort intrusion detection and prevention. http:\/\/www.snort.org\/, February 2007."},{"key":"e_1_3_2_1_34_1","unstructured":"StillSecure. Strataguard ids\/ips protection system. http:\/\/www.stillsecure.com\/strataguard\/index.php February 2008.  StillSecure. Strataguard ids\/ips protection system. http:\/\/www.stillsecure.com\/strataguard\/index.php February 2008."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1177\/154193120605000511"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1240624.1240807"},{"key":"e_1_3_2_1_37_1","volume-title":"Proc of. HASIA'08: Human Aspects of Information Security and Assurance (to appear, 10 pages)","author":"Werlinger R.","year":"2008","unstructured":"R. Werlinger , K. Hawkey , and K. Beznosov . Human, Organizational and Technological Challenges of Implementing IT Security in Organizations . In Proc of. HASIA'08: Human Aspects of Information Security and Assurance (to appear, 10 pages) , July 2008 . R. Werlinger, K. Hawkey, and K. Beznosov. Human, Organizational and Technological Challenges of Implementing IT Security in Organizations. In Proc of. HASIA'08: Human Aspects of Information Security and Assurance (to appear, 10 pages), July 2008."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1358628.1358931"}],"event":{"name":"SOUPS '08: The fourth Symposium on Usable Privacy and Security","location":"Pittsburgh Pennsylvania USA","acronym":"SOUPS '08"},"container-title":["Proceedings of the 4th symposium on Usable privacy and security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1408664.1408679","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1408664.1408679","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:57:44Z","timestamp":1750255064000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1408664.1408679"}},"subtitle":["is it worth the effort?"],"short-title":[],"issued":{"date-parts":[[2008,7,23]]},"references-count":38,"alternative-id":["10.1145\/1408664.1408679","10.1145\/1408664"],"URL":"https:\/\/doi.org\/10.1145\/1408664.1408679","relation":{},"subject":[],"published":{"date-parts":[[2008,7,23]]},"assertion":[{"value":"2008-07-23","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}