A Socio-Technical Windows 11 Hardening Framework Integrating Ferret-Windows and CIS Benchmarks
DOI:
https://doi.org/10.15408/jti.v19i1.46816Keywords:
protection, operating system, Windows 11, CIS standard, ferretAbstract
The high level of vulnerability in the Windows operating system requires implementing a hardening strategy that focuses not only on technical security but also on end-user convenience. This study, using a Design Science Research (DSR) methodology, aims to design and evaluate a Windows-based host security configuration by applying 35 parameters developed by integrating the Ferret-Windows open-source tool and the Microsoft Windows 11 Benchmark CIS standard. The research method includes a descriptive study to analyze the effectiveness of the tool and its parameter formulation, and a prescriptive study to formulate a combined configuration. The evaluation was carried out through functional testing and usability measurements using the System Usability Scale (SUS) instrument for 31 end-users (e.g., staff and students) in a public institution context, using the System Usability Scale (SUS) instrument on a standardized test laptop. The results showed that the configured system obtained an average SUS score of 73.63, which falls within the "good" category according to the standard interpretation scale, indicating that the resulting system is usable by most users. These findings indicate that the proposed hardening framework results in a system configuration that achieves acceptable usability without significant user sacrifice. While the study’s limitations include a focus on usability rather than quantitative pre-/post-security validation, it provides a practical contribution, a socio-technical hardening framework adaptable for public institutions.
References
[1] B. Fischer, D. Meissner, R. Nyuur, and D. Sarpong, “Cyber-attacks, strategic cyber-foresight, and security,” IEEE Transactions on Engineering Management, vol. 69, no. 6, pp. 3660–3663, Dec. 2022, doi: 10.1109/TEM.2022.3204165.
[2] D. Hendler, S. Kels, and A. Rubin, “AMSI-based detection of malicious PowerShell code using contextual embeddings,” in Proc. 15th ACM Asia Conf. Computer and Communications Security (ASIA CCS), New York, NY, USA, Oct. 2020, pp. 679–693, doi: 10.1145/3320269.3384742.
[3] A. B. Ajmal, M. A. Shah, C. Maple, M. N. Asghar, and S. U. Islam, “Offensive security: Towards proactive threat hunting via adversary emulation,” IEEE Access, vol. 9, pp. 126023–126033, 2021, doi: 10.1109/ACCESS.2021.3104260.
[4] V. Duta, C. Giuffrida, H. Bos, and E. V. D. Kouwe, “PIBE: Practical kernel control-flow hardening with profile-guided indirect branch elimination,” in Proc. ASPLOS, New York, NY, USA, Apr. 2021, pp. 743–757, doi: 10.1145/3445814.3446740.
[5] N. Mohamed, “Study of bypassing Microsoft Windows security using the MITRE CALDERA framework,” F1000Research, vol. 11, p. 422, Apr. 2022, doi: 10.12688/f1000research.109148.
[6] S. Akter, K. Khalil, and M. Bayoumi, “A survey on hardware security: Current trends and challenges,” IEEE Access, vol. 11, pp. 77543–77565, 2023, doi: 10.1109/ACCESS.2023.3288696.
[7] U. Lee and C. Park, “SofTEE: Software-based trusted execution environment for user applications,” IEEE Access, vol. 8, pp. 121874–121888, 2020, doi: 10.1109/ACCESS.2020.3006703.
[8] P. L. Gorski, L. L. Iacono, and M. Smith, “Eight lightweight usable security principles for developers,” IEEE Security & Privacy, vol. 21, no. 1, pp. 20–26, Jan. 2023, doi: 10.1109/MSEC.2022.3205484.
[9] J. Saldaña, *The Coding Manual for Qualitative Researchers*, 3rd ed. London, U.K.: SAGE Publications, 2016.
[10] J. Mahmod and M. Hicks, “UnTrustZone: Systematic accelerated aging to expose on-chip secrets,” in Proc. IEEE Symp. Security and Privacy (SP), 2024, pp. 4107–4124, doi: 10.1109/SP54263.2024.00069.
[11] J. A. Halderman et al., “Lest we remember: Cold-boot attacks on encryption keys,” Communications of the ACM, vol. 52, no. 5, pp. 91–98, 2009, doi: 10.1145/1506409.1506429.
[12] P. Stewin, “A primitive for revealing stealthy peripheral-based attacks on the computing platform’s main memory,” in *Research in Attacks, Intrusions, and Defenses*, Berlin, Germany: Springer, 2013, pp. 1–20, doi: 10.1007/978-3-642-41284-4_1.
[13] Himanshu, M. Sharma, and G. Sujatha, “Enhanced Windows fuzzy firewall for DoS attack prevention,” in Proc. ICERCS, 2023, pp. 1–4, doi: 10.1109/ICERCS57948.2023.10434091.
[14] I. Odun-Ayo et al., “Comparative review of vulnerability analysis tools,” in Proc. SEB4SDG, 2024, pp. 1–6, doi: 10.1109/SEB4SDG60871.2024.10630138.
[15] [M. Tamizi, M. Weinstein, and M. Cukier, “Automated checking for Windows host vulnerabilities,” in Proc. ISSRE, 2005, pp. 139–148, doi: 10.1109/ISSRE.2005.11.
[16] P. H. Ambika and G. Sujatha, “System hardening using CIS benchmarks,” in Proc. ACCAI, 2024, pp. 1–6, doi: 10.1109/ACCAI61061.2024.10602274.
[17] Center for Internet Security, *CIS Microsoft Windows 11 Stand-alone Benchmark v3.0.0*, Center for Internet Security, 2024. [Online]. Available: https://www.cisecurity.org/benchmark/microsoft_windows/
[18] R. Marcilly et al., “Comparison of the validity, perceived usefulness, and usability of I-MeDeSA and TEMAS,” International Journal of Medical Informatics, vol. 175, p. 105091, Jul. 2023, doi: 10.1016/j.ijmedinf.2023.105091.
[19] J. Brooke, “SUS: A ‘quick and dirty’ usability scale,” in *Usability Evaluation in Industry*, P. W. Jordan, B. Thomas, and I. L. McClelland, Eds. London, U.K.: Taylor & Francis, 1996, pp. 207–212.
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Prasetyo Adi Wibowo Putro, Ray Novita Yasa, Mochammad Latief Reswandana Musonip, Dimas Nugroho Putro, Agry Zharfa
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
