Authentication

Many physical characteristics, such as face, fingerprints, and iris as well as behavioral characteristics such as voice, gait, and keystroke dynamics, are believed to be unique to an individual. Hence, biometric analysis offers a reliable solution to the problem of identity verification. It is now widely acknowledged that biometric systems are vulnerable to manipulation where the true biometric is falsified using various attack strategies; such attacks are referred to as Presentation Attacks (PAs).

Many physical characteristics, such as face, fingerprints, and iris as well as behavioral characteristics such as voice, gait, and keystroke dynamics, are believed to be unique to an individual. Hence, biometric analysis offers a reliable solution to the problem of identity verification. It is now widely acknowledged that biometric systems are vulnerable to manipulation where the true biometric is falsified using various attack strategies; such attacks are referred to as Presentation Attacks (PAs).

Common smartphone authentication mechanisms such as PINs, graphical passwords, and fingerprint scans offer limited security. They are relatively easy to guess or spoof, and are ineffective when the smartphone is captured after the user has logged in. Multi-modal active authentication addresses these challenges by frequently and unobtrusively authenticating the user via behavioral biometric signals, such as touchscreen interaction, hand movements, gait, voice, and phone location.

Attacks on computer networks are an all too familiar event, leaving operators with little choice but to deploy a myriad of monitoring devices to ensure dependable and stable service on the networks they operate. However, as networks grow bigger and faster, staying ahead of the constant deluge of attack traffic is becoming increasingly difficult. A case in point is the attacks on enterprise name servers that interact with the Domain Name System (DNS). These name servers are critical infrastructure, busily translating human readable domain names to IP addresses.

Every time someone uses a phone or computer to connect to an Internet site, software determines whether the connection is safe or being intercepted by attackers. Unfortunately, this software is error-prone, leaving users vulnerable to having their privacy violated or their personal information stolen due to phishing attacks, identity theft, and unauthorized inspection of their encrypted traffic. A number of solutions are being proposed, but the software is fragmented across many platforms and redundantly or incorrectly implemented.