Thomas Maillart

Learn More
Zipf's power law is a ubiquitous empirical regularity found in many systems, thought to result from proportional growth. Here, we establish empirically the usually assumed ingredients of stochastic growth models that have been previously conjectured to be at the origin of Zipf's law. We use exceptionally detailed data on the evolution of open source(More)
Tracking changes in feature distributions is very important in the domain of network anomaly detection. Unfortunately, these distributions consist of thousands or even millions of data points. This makes tracking, storing and visualizing changes over time a difficult task. A standard technique for capturing and describing distributions in a compact form is(More)
In a variety of open source software projects, we document a superlinear growth of production intensity (R ~ c(β)) as a function of the number of active developers c, with a median value of the exponent β ≃ 4/3, with large dispersions of β from slightly less than 1 up to 3. For a typical project in this class, doubling of the group size multiplies typically(More)
Authenticating users of computer systems based on their brainwave signals is now a realistic possibility, made possible by the increasing availability of EEG (electroencephalography) sensors in wireless headsets and wearable devices. This possibility is especially interesting because brainwave-based authentication naturally meets the criteria for two-factor(More)
From biotechnology to cyber-risks, most extreme technological risks cannot be reliably estimated from historical statistics. Engineers resort to probability safety analysis (PSA), which consists in developing models to simulate accidents, potential scenarios, their severity and frequency. However, even the best safety analysis struggles to account for(More)
The dynamics of technological, economic and social phenomena is controlled by how humans organize their daily tasks in response to both endogenous and exogenous stimulations. Queueing theory is believed to provide a generic answer to account for the often observed power-law distributions of waiting times before a task is fulfilled. However, the general(More)
Bug bounty programs offer a modern platform for organizations to crowdsource their software security and for security researchers to be fairly rewarded for the vulnerabilities they find. Little is known however on the incentives set by bug bounty programs: How they drive new bug discoveries, and how they supposedly improve security through the progressive(More)
Every day, security engineers cope with a flow of cyber security incidents. While most incidents trigger routine reactions, others require orders of magnitude more effort to investigate and resolve. How security operation teams in organizations should tune their response to tame extreme events remains unclear. Analyzing the statistical properties of sixty(More)
This paper exhibits two methods for decreasing the time associated with training a machine learning classifier on biometric signals. Using electroencephalography (EEG) data obtained from a consumer-grade headset with a single electrode, we show that these methods produce significant gains in the computational performance and calibration time of a simple(More)
We develop a stylized model that describes government surveillance, its effect on rational government actions, and the implications for citizens. Our model treats government as a rational actor that chooses how much to abuse its power, to prevent being voted out or overthrown. Starting with only limited directional assumptions, we prove a robust implication(More)