Network


Latest external collaboration on country level. Dive into details by clicking on the dots.

Hotspot


Dive into the research topics where Lori Flynn is active.

Publication


Featured researches published by Lori Flynn.


state of the art in java program analysis | 2014

Android taint flow analysis for app sets

William Klieber; Lori Flynn; Amar Bhosale; Limin Jia; Lujo Bauer

One approach to defending against malicious Android applications has been to analyze them to detect potential information leaks. This paper describes a new static taint analysis for Android that combines and augments the FlowDroid and Epicc analyses to precisely track both inter-component and intra-component data flow in a set of Android applications. The analysis takes place in two phases: given a set of applications, we first determine the data flows enabled individually by each application, and the conditions under which these are possible; we then build on these results to enumerate the potentially dangerous data flows enabled by the set of applications as a whole. This paper describes our analysis method, implementation, and experimental results.


2012 Third Worldwide Cybersecurity Summit (WCS) | 2012

Best practices against insider threats for all nations

Lori Flynn; Carly L. Huth; Randy Trzeciak; Palma Buttles

Individuals in any nation can use this paper as 1. An exploration of international policy issues related to insider threats and other cybersecurity concerns; and 2. A succinct educational guide to practices for stopping insider threats. A framework for international analysis of cybersecurity practices is introduced. Based on its analysis of more than 700 case studies, the CERT® Insider Threat Center recommends 19 best practices for preventing, detecting, and responding to harm from insider threats. This paper summarizes each practice, explains its importance, and provides an international policy perspective on the practice.


international carnahan conference on security technology | 2013

Identifying indicators of insider threats: Insider IT sabotage

William R. Claycomb; Carly L. Huth; Brittany Phillips; Lori Flynn; David McIntire

This paper describes results of a study seeking to identify observable events related to insider sabotage. We collected information from actual insider threat cases, created chronological timelines of the incidents, identified key points in each timeline such as when attack planning began, measured the time between key events, and looked for specific observable events or patterns that insiders held in common that may indicate insider sabotage is imminent or likely. Such indicators could be used by security experts to potentially identify malicious activity at or before the time of attack. Our process included critical steps such as identifying the point of damage to the organization as well as any malicious events prior to zero hour that enabled the attack but did not immediately cause harm. We found that nearly 71% of the cases we studied had either no observable malicious action prior to attack, or had one that occurred less than one day prior to attack. Most of the events observed prior to attack were behavioral, not technical, especially those occurring earlier in the case timelines. Of the observed technical events prior to attack, nearly one third involved installation of software onto the victim organizations IT systems.


international conference on systems | 2015

Workshop preview of the 3rd international workshop on mobile development lifecycle (MobileDeLi 2015)

Aharon Abadi; Lori Flynn; Jeff Gray

The goal of the MobileDeli 2015 workshop is to establish a vibrant research community of researchers and practitioners for sharing work and leading further research and development in the area of mobile software engineering. At the workshop, we will discuss how other technologies (e.g., DSLs, cloud computing) drive new capabilities in mobile software development. The workshop attendees will also examine the lifecycle of mobile software development and how it relates to the software engineering lifecycle. There will also be working group discussions and activities where attendees will explore and evaluate existing techniques, patterns, and best practices of mobile software development. Additional information about the workshop (e.g., photos, presentations, schedule) can be found at the MobileDeli workshop website: http:// sysrun.haifa.il.ibm.com/hrl/mobiledeli2015


Archive | 2012

Common Sense Guide to Mitigating Insider Threats 4 th Edition

George J. Silowash; Dawn M. Cappelli; Andrew P. Moore; Randall F. Trzeciak; Timothy J. Shimeall; Lori Flynn


JoWUA | 2012

Chronological Examination of Insider Threat Sabotage: Preliminary Observations

William R. Claycomb; Carly L. Huth; Lori Flynn; David McIntire; Todd Lewellen


Archive | 2014

Cloud Service Provider Methods for Managing Insider Threats: Analysis Phase 2, Expanded Analysis and Recommendations

Lori Flynn; Greg Porter; Chas DiFatta


Archive | 2015

Making DidFail Succeed: Enhancing the CERT Static Taint Analyzer for Android App Sets

Jonathan Burket; Lori Flynn; William Klieber; Jonathan Lim; Wei Shen; William Snavely


2016 IEEE Cybersecurity Development (SecDev) | 2016

Static Analysis Alert Audits: Lexicon & Rules

David Svoboda; Lori Flynn; Will Snavely


PLoP '13 Proceedings of the 20th Conference on Pattern Languages of Programs | 2013

Four insider IT sabotage mitigation patterns and an initial effectiveness analysis

Lori Flynn; Jason W. Clark; Andrew P. Moore; Matthew Collins; Eleni Tsamitis; David A. Mundie; David McIntire

Collaboration


Dive into the Lori Flynn's collaboration.

Top Co-Authors

Avatar

Carly L. Huth

Software Engineering Institute

View shared research outputs
Top Co-Authors

Avatar

William Klieber

Software Engineering Institute

View shared research outputs
Top Co-Authors

Avatar

David McIntire

Carnegie Mellon University

View shared research outputs
Top Co-Authors

Avatar

David Svoboda

Carnegie Mellon University

View shared research outputs
Top Co-Authors

Avatar

Andrew P. Moore

Software Engineering Institute

View shared research outputs
Top Co-Authors

Avatar
Top Co-Authors

Avatar

Limin Jia

Carnegie Mellon University

View shared research outputs
Top Co-Authors

Avatar

Lujo Bauer

Carnegie Mellon University

View shared research outputs
Top Co-Authors

Avatar

Randy Trzeciak

Software Engineering Institute

View shared research outputs
Top Co-Authors

Avatar

Will Snavely

Software Engineering Institute

View shared research outputs
Researchain Logo
Decentralizing Knowledge