Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Todd Lewellen
April 2016 - Technical Report 2016 Emerging Technology Domains Risk Survey

Topics: Pervasive Mobile Computing

Authors: Christopher King, Dan J. Klinedinst, Todd Lewellen, Garret Wassermann

This report provides a snapshot in time of our current understanding of future technologies.

October 2013 - Technical Note Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time

Topics: Insider Threat

Authors: Todd Lewellen, George Silowash, Daniel L. Costa

In this report, the authors describe how an insider threat control can monitor an organization's web request traffic for text-based data exfiltration.

March 2013 - Technical Note Detecting and Preventing Data Exfiltration Through Encrypted Web Sessions via Traffic Inspection

Topics: Digital Intelligence and Investigation, Incident Management, Insider Threat

Authors: George Silowash, Todd Lewellen, Joshua W. Burns, Daniel L. Costa

In this report, the authors present methods for detecting and preventing data exfiltration using a Linux-based proxy server in a Microsoft Windows environment.

January 2013 - Technical Note Insider Threat Control: Using Universal Serial Bus (USB) Device Auditing to Detect Possible Data Exfiltration by Malicious Insiders

Topics: Insider Threat

Authors: George Silowash, Todd Lewellen

In this report, the authors present methods for auditing USB device use in a Microsoft Windows environment.

December 2012 - White Paper Chronological Examination of Insider Threat Sabotage: Preliminary Observations

Topics: Insider Threat

Authors: William R. Claycomb, Carly L. Huth, Lori Flynn, David McIntire, Todd Lewellen

In this paper, the authors examine 15 cases of insider threat sabotage of IT systems to identify points in the attack time-line.

October 2012 - White Paper Spotlight On: Insider Threat from Trusted Business Partners Version 2: Updated and Revised

Topics: Insider Threat

Authors: Todd Lewellen, Andrew P. Moore, Dawn Cappelli, Randall F. Trzeciak, Derrick Spooner, Robert Weiland (Carnegie Mellon University)

In this article, the authors focus on cases in which the malicious insider was employed by a trusted business partner of the victim organization.

July 2012 - Special Report Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector

Topics: Insider Threat

Authors: Adam Cummings, Todd Lewellen, David McIntire, Andrew P. Moore, Randall F. Trzeciak

In this report, the authors describe insights and risk indicators of malicious insider activity in the banking and finance sector.