The percentage of women in computer science has not improved since the late 1970

A description of some algorithms to detect flesh tones in images.  The focus of the algorithms is on a first responder tool that depends more on speed that comprehensiveness.

Many different demands can be made of intrusion detection systems. An important requirement is that it be effective i.e. that it should detect a substantial percentage of intrusions into the supervised system, while still keeping the false alarm rate at an acceptable level.  This paper aims to demonstrate that, for a reasonable set of assumptions, the false alarm rate is the limiting factor for the performance of an intrusion detection system. This is due to the base-rate fallacy phenomenon, that in order to achieve- a perhaps unattainably low- false alarm rate. A selection of reports of intrusion detection performance are reviewed, and the conclusion is reached that there are indications that at least some types of intrusion detection have far to go before they can attain such low false alarm rates.

This paper proposes a theoretical solution to the problem of Social Engineering (SE)  attacks perpetrated over the phone lines.  As a byproduct real time attack signatures are generated, which can be used in a cyber forensic analysis of such attacks.  Current methods of SE attack detection and prevention rely on policy and personnel training, which fails because the root of the problem, people, are still involved.  The proposed solution relies on computer systems to analyze phone conversations in real time and determine if the caller is deceiving the receiver.  This Social Engineering Defense Architecture (SEDA) is completely theoretical as the technologies employed are only in the proof of concept phase, but they are all proven to be tractable problems.

The iPod is the most popular digital music device. The newest versions of the iPod have become more PDA like then ever before. With this new functionality the iPod has recently found its way into the criminal world. With the continued growth of the digital music device market, the iPod

We describe a DRM smartcard-based scheme in which content access requests are not linked to a user’s identity or smartcard, and in which compromised cards can be revoked without the need to communicate with any card (whether revoked or not).  The scheme has many other features, such as efficiency and requiring minimal interaction to process an access request (no complex interactive protocols), forward and backward security, stateless receivers, and under certain cryptographic constructions collusion-resistance.  The above is achieved while requiring the smartcard to store only a single key and to perform a single modular exponentiation per revocation. Furthermore, our solution introduces a combinatorial problem that is of independent interest.

We propose modeling Group Support System (GSS) search tasks with Genetic Algorithms. Using explicit mathematical models for Genetic Algorithms (GAs), we show how to estimate the underlying GA parameters from an observed GSS solution path. Once these parameters are estimated, they may be related to GSS variables such as group composition and membership, leadership presence, the specific GSS tools available, incentive structure, and organizational culture. The estimated Genetic Algorithm parameters can be used with the mathematical models for GAs to compute or simulate expected GSS process outcomes.

Digital Rights Protection (DRP) is the broad class of technological, legal, and other regulatory means used to protect the rights of the owners of digital content, while simultaneously protecting the usage rights and the privacy of the users. This article briefly discusses the technological aspect of the issue.

The number of location-aware mobile devices has been rising for several years. As this trend continues, these devices may be able to use their location information to provide interesting applications for their owners. Possible applications for such devices include: i) planning a route that brings the owner near a coffee shop or ii) a route that would allow the owner to intersect one of their friends

In an open environment such as the Internet, the decision to collaborate with a stranger (e.g., by granting access to a resource) is often based on the characteristics (rather than the identity) of the requester, via digital credentials: Access is granted if Alice

As privacy becomes a major concern for both consumers and enterprises, many research efforts have been devoted to the development of privacy protecting technology. We recently proposed a privacy preserving access control model for relational databases, where purpose information associated with a given data element specifies the intended use of the data element. In this paper, we extend our previous work to handle other advanced data management systems, such as the ones based on XML and the ones based on the object-relational data model. Another contribution of our paper is that we address the problem of how to determine the purpose for which certain data are accessed by a given user. Our proposed solution relies on the well-known RBAC model as well as the notion of conditional role which is based on the notions of role attribute and system attribute.

As organizations increasingly rely on information systems as the primary way to conduct operations, keeping such systems (and the associated data) secure receives increasing emphasis. However, the prevalent model within many organizations appears to be an ad hoc approach to security, where the latest breach becomes the model for future occurrences. For example, Microsoft issued over 80 critical patches for its IIS Web Server software over the past three years. Despite the low initial cost of the software, the maintenance costs over time are prohibitive [2]. A well-designed and maintained security policy potentially can reduce such costly forays, as well as provide protection from disaster.