Skip to main content

Adaptive Multi-Factor Authentication

Dipankar Dasgupta

Multi-factor Authentication (MFA) is the current trend to genuinely identify authorized users (in multiple ways) through an authentication process via passwords, security tokens, biometrics, cognitive behavior metrics, software/hardware sensors, etc. Existing MFA systems typically use static policies for selecting authentication factors and do not consider dynamic aspects of the operating environment. We are developing an authentication framework for adaptive selection of multiple modalities at different operating environment so to make authentication strategy unpredictable to the hackers. This methodology, called adaptive multi-factor authentication (A-MFA) incorporates a novel approach of calculating trustworthy values of different authentication factors while being used under different user environmental settings. Accordingly, a subset of authentication factors are determined (at triggering events) on the fly thereby leaving no exploitable a priori pattern or clue for adversaries. Empirical studies are conducted with varying environmental settings and the performance of the adaptive MFA is compared with other selection strategies. The empirical results reflects that such a methodology of adaptive authentication can provide legitimacy to user transactions with an added layer of access protection that is not rely on a fixed set of authentication modalities. Robustness of the system is assured by designing the framework in such a way that if any modality data get compromised, the system can still perform flawlessly using other non-compromised modalities. Scalability can also be achieved by adding new and/or improved modalities with existing set of modalities and integrating the operating/configuration parameters for the added modality.

Speaker bio

Prof. Dipankar Dasgupta is a professor of Computer Science at the University of Memphis. His research interests are broadly in the area of scientific computing, design, and development of intelligent cyber security solutions inspired by biological processes. He contributed remarkably in applying bio-inspired approaches to various problems in cyber security. He is one of the founding fathers of the field of artificial immune systems, in which he has established himself. His latest book, “Immunological Computation”, is a graduate level textbook, was published by CRC press in 2009. He also edited two books: one on Evolutionary Algorithms in Engineering Applications and the other is entitled "Artificial Immune Systems and Their Applications", published by Springer-Verlag. The first AIS book is widely used as a reference book, and it was translated into Russian. Dr. Dasgupta is at the forefront of research in applying bio-inspired approaches to cyber defense, served as a program co-chair at the National Cyber Leap Year Summit was organized at the request of the White House Office of Science and Technology Directorate. Some of his groundbreaking works, like digital immunity, negative authentication, and cloud insurance model put his name in Computer World Magazine, and other News media. Prof. Dasgupta is an Advisory Board member of Geospatial Data Center (GDC), Massachusetts Institute of Technology since 2010, and worked on joint research projects with MIT. Dr. Dasgupta has received Four Best Paper Awards at international conferences (1996, 2006, 2009, and 2012) and Two Best Runner-Up paper Awards (2013 and 2014) one from ACM Information Security Curriculum Development in October 2013 and the other from ACM Cyber and Information Security Research (CISR-9) Conference at Oak Ridge, TN, April 2014. He is the recipient of 2012 Willard R. Sparks Eminent Faculty Award, the highest distinction and most prestigious honor given to a faculty member by the University of Memphis. Prof. Dasgupta received the 2014 ACM SIGEVO Impact Award. Due to his reputation as a top scholar, Dr. Dasgupta is frequently invited to speak (given more than 200 talks) at leading conferences and at other universities; he has been involved in the program organization and review structure of more than 150 international academic conferences, also serving as a speaker, panelist at many. Dr. Dasgupta is a Life Member of ACM, and published regularly in ACM conferences and professional activities. He is currently the Associate Editor-in-Chief of Immune Computation Journal and the editorial board of 4 other journals. In addition to Prof. Dasgupta’s research and creative activities, he also spearheads the University of Memphis’s education, training and outreach activities on Information Assurance (IA). He is the founding Director of the Center for Information Assurance (CfIA) (http://cfia.memphis.edu) which is a National Center for Academic Excellence in Information Assurance Education (CAE-IAE) and in Research (CAE-R). Under his leadership, the center developed (during 2006-2010) a comprehensive Cyber Security Online Training program (ACT Online) with 10 courses in three discipline-specific tracks General, Technical & Business), which was funded by DHS/FEMA, and is continually being updated and offered through FEMA website.

 

 

Share this: