Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Dave Mundie
December 2014 - Technical Note Pattern-Based Design of Insider Threat Programs

Topics: Insider Threat

Authors: Andrew P. Moore, Matthew L. Collins, Dave Mundie, Robin Ruefle, David McIntire

In this report, the authors describe a pattern-based approach to designing insider threat programs that could provide a better defense against insider threats.

November 2014 - Conference Paper An Incident Management Ontology

Topics: Incident Management

Authors: Dave Mundie, Robin Ruefle, Audrey J. Dorofee, John McCloud, Samuel J. Perl, Matthew L. Collins

In this paper, the authors describe the shortcomings of the incident management meta-model and how an incident management ontology addresses those shortcomings.

November 2013 - Webinar Overview of the Threat Posed by Insiders to Critical Assets

Topics: Insider Threat

Authors: Randall F. Trzeciak, Dave Mundie

In this 2013 webinar, Randy Trzeciak and David Mundie discuss the challenges organizations face as they try to address insider threat.

October 2013 - Conference Paper Four Insider IT Sabotage Mitigation Patterns and an Initial Effectiveness Analysis

Topics: Insider Threat

Authors: Lori Flynn, Jason W. Clark, Andrew P. Moore, Matthew L. Collins, Eleni Tsamitis, Dave Mundie, David McIntire

In this paper, the authors describe four patterns of insider IT sabotage mitigation and initial results from 46 relevant cases for pattern effectiveness.

May 2013 - Podcast Using a Malware Ontology to Make Progress Towards a Science of Cybersecurity

Topics: Malware Analysis

Authors: Dave Mundie, Julia H. Allen

In this podcast, Dave Mundie explains why a common language is essential to developing a shared understanding to better analyze malicious code.

March 2013 - Technical Note Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders

Topics: Insider Threat

Authors: Andrew P. Moore, David McIntire, Dave Mundie, David Zubrow

In this report, the authors justify applying the pattern “Increased Review for Intellectual Property (IP) Theft by Departing Insiders.”

February 2013 - Technical Note The MAL: A Malware Analysis Lexicon

Topics: Incident Management

Authors: Dave Mundie, David McIntire

In this report, the authors present results of the Malware Analysis Lexicon (MAL) initiative, which developed the first common vocabulary for malware analysis.

September 2012 - White Paper Building an Incident Management Body of Knowledge

Topics: Incident Management

Authors: Dave Mundie, Robin Ruefle

In this paper, the authors describe the components of the CERT Incident Management Body of Knowledge (CIMBOK) and how they were constructed.

April 2012 - Technical Report A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders

Topics: Insider Threat

Authors: Andrew P. Moore, Michael Hanley, Dave Mundie

In this report, the authors present techniques for helping organizations plan, prepare, and implement means to mitigate insider theft of intellectual property.

February 2001 - Technical Note K-BACEE: A Knowledge-Based Automated Component Ensemble Evaluation Tool

Authors: Robert C. Seacord, Dave Mundie, Somjai Boonsiri

This 2001 report describes an automated approach to evaluating ensembles of componentswithin the context of a system requirements specification.