The proliferation of smart home devices has heightened cybersecurity risks for non-expert users, yet conventional intrusion detection systems (IDS) generate technical alerts that are difficult for laypersons to interpret and act upon. This paper proposes leveraging large language models (LLMs) to transform IDS alerts into natural-language security notifications. Through an online experiment involving 130 participants, we systematically evaluate how notification length and complexity affect user comprehension, preference, and intent to act. Results show that medium-complexity notifications yield optimal overall performance; novices prefer longer, more explanatory versions, whereas experts favor concise ones. To our knowledge, this is the first empirical study to characterize design trade-offs in security notifications for heterogeneous user populations. Our findings provide data-driven, human-centered design principles and practical guidelines for developing accessible, actionable security interfaces for smart homes.

The proliferation of smart home devices has increased convenience but also introduced cybersecurity risks for everyday users, as many devices lack robust security features. Intrusion Detection Systems are a prominent approach to detecting cybersecurity threats. However, their alerts often use technical terms and require users to interpret them correctly, which is challenging for a typical smart home user. Large Language Models can bridge this gap by translating IDS alerts into actionable security notifications. However, it has not yet been clear what an actionable cybersecurity notification should look like. In this paper, we conduct an experimental online user study with 130 participants to examine how the length and complexity of LLM-generated notifications affect user likability, understandability, and motivation to act. Our results show that intermediate-complexity notifications are the most effective across all user groups, regardless of their technological proficiency. Across the board, users rated beginner-level messages as more effective when they were longer, while expert-level messages were rated marginally more effective when they were shorter. These findings provide insights for designing security notifications that are both actionable and broadly accessible to smart home users.