Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Todd Lewellen
April 2016 - Technical Report 2016 Emerging Technology Domains Risk Survey

Topics: Pervasive Mobile Computing

This 2016 report provides a snapshot of our current understanding of future technologies.

October 2013 - Technical Note Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time

Topics: Insider Threat

In this report, the authors describe how an insider threat control can monitor an organization's web request traffic for text-based data exfiltration.

March 2013 - Technical Note Detecting and Preventing Data Exfiltration Through Encrypted Web Sessions via Traffic Inspection

Topics: Digital Intelligence and Investigation, Incident Management, Insider Threat

In this report, the authors present methods for detecting and preventing data exfiltration using a Linux-based proxy server in a Microsoft Windows environment.

January 2013 - Technical Note Insider Threat Control: Using Universal Serial Bus (USB) Device Auditing to Detect Possible Data Exfiltration by Malicious Insiders

Topics: Insider Threat

In this report, the authors present methods for auditing USB device use in a Microsoft Windows environment.

December 2012 - White Paper Chronological Examination of Insider Threat Sabotage: Preliminary Observations

Topics: Insider Threat

In this paper, the authors examine 15 cases of insider threat sabotage of IT systems to identify points in the attack time-line.

October 2012 - White Paper Spotlight On: Insider Threat from Trusted Business Partners Version 2: Updated and Revised

Topics: Insider Threat

In this article, the authors focus on cases in which the malicious insider was employed by a trusted business partner of the victim organization.

July 2012 - Special Report Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector

Topics: Insider Threat

In this report, the authors describe insights and risk indicators of malicious insider activity in the banking and finance sector.