Todd Lewellen
CERT
Publications by Todd Lewellen
-
2016 Emerging Technology Domains Risk Survey
April 08, 2016 • Technical Report
Christopher KingDan J. KlinedinstTodd Lewellen
This 2016 report provides a snapshot of our current understanding of future technologies.
read -
Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time
October 03, 2013 • Technical Note
Todd LewellenGeorge SilowashDaniel L. Costa
In this report, the authors describe how an insider threat control can monitor an organization's web request traffic for text-based data exfiltration.
read -
Detecting and Preventing Data Exfiltration Through Encrypted Web Sessions via Traffic Inspection
March 01, 2013 • Technical Note
George SilowashTodd LewellenJoshua W. Burns
In this report, the authors present methods for detecting and preventing data exfiltration using a Linux-based proxy server in a Microsoft Windows environment.
read -
Insider Threat Control: Using Universal Serial Bus (USB) Device Auditing to Detect Possible Data Exfiltration by Malicious Insiders
January 01, 2013 • Technical Note
George SilowashTodd Lewellen
In this report, the authors present methods for auditing USB device use in a Microsoft Windows environment.
read -
Chronological Examination of Insider Threat Sabotage: Preliminary Observations
December 01, 2012 • White Paper
William R. ClaycombCarly L. HuthLori Flynn
In this paper, the authors examine 15 cases of insider threat sabotage of IT systems to identify points in the attack time-line.
read -
Spotlight On: Insider Threat from Trusted Business Partners Version 2: Updated and Revised
October 01, 2012 • White Paper
Todd LewellenAndrew P. MooreDawn Cappelli
In this article, the authors focus on cases in which the malicious insider was employed by a trusted business partner of the victim organization.
read -
Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector
July 01, 2012 • Special Report
Adam CummingsTodd LewellenDavid McIntire
In this report, the authors describe insights and risk indicators of malicious insider activity in the banking and finance sector.
read