Ttile: GA-Based User Identity Management
Abstract: Authentication with multiple factors is an emerging trend to secure access to the sensitive information of an organization. Multi-factor Authentication (MFA) being used to genuinely identify authorized users through an authentication process via passwords, security tokens, biometrics, cognitive behavior metrics, software/hardware sensors, etc. Existing MFA systems typically use static policies for selecting authentication factors and do not consider dynamic aspects of the operating environment. We developed a GA-based authentication and identity management framework for adaptive selection of multiple modalities at different operating environment so to make authentication strategy unpredictable to the hackers. This methodology, called adaptive multi-factor authentication (A-MFA) incorporates a novel approach of calculating trustworthy values of different authentication factors while being used under different user environmental settings. Accordingly, MOGA-based application is developed to determine an appropriate subset of authentication factors (at triggering events) on the fly thereby leaving no exploitable a priori pattern or clue for adversaries. Empirical studies are conducted with varying environmental settings and the performance of the adaptive MFA is compared with other selection strategies. These results reflect that such a methodology of adaptive authentication can provide legitimacy to user transactions with an added layer of access protection that is not rely on a fixed set of authentication modalities. Robustness of the system is assured by designing the GA-based framework in such a way that if any modality data get compromised, the system can still perform flawlessly using other non-compromised modalities and different operating modes. Scalability can also be achieved by adding new and/or improved modalities with existing set of modalities and integrating the operating/configuration parameters for the added modality. A Patent (#9,912,657, approved on March 6, 2018) on Adaptive Multi-Factor Authentication System is approved/allowed on November 2017.
Dr. Dipankar Dasgupta has been based at the University of Memphis, Tennessee as a professor of Computer Science since 1997. Prof. Dasgupta is the recipient of “2012 Willard R. Sparks Eminent Faculty Award” the uppermost recognition given to a faculty member by the University. He holds his study interests largely in the area of scientific computing, design, and development of intelligent cyber security solutions inspired by biological processes. He has made priceless contributions in applying bio-inspired approaches to numerous complications in cyber security. Dr. Dasgupta is at the lead of research in applying bio-inspired approaches to cyber defense. He also served as a program co-chair at the National Cyber Leap Year Summit that was organized at the request of the White House Office of Science and Technology Directorate. He is one of the founding fathers of the field of artificial immune systems, in which he has established himself. Dr. Dasgupta has been Advisory Board of Geospatial Data Center (GDC) at Massachusetts Institute of Technology (MIT) since 2010. He has received Best Paper Award in several international conferences in the years 1996, 2006, 2009, 2011 and 2013. He owns more than 220 publications in book chapters, journals, and international conferences which have been cited extensively. His Google Scholars profile indicates more than 4,500 citations since 2013.
Dr. Dasgupta is at the forefront of research in applying bio-inspired and machine learning approaches to cyber defense. Some of his groundbreaking works, like digital immunity, negative authentication, cloud insurance model, and Auth-Spectrum put his name in Computer World Magazine and other News media. Prof. Dasgupta is an Advisory Board member of Geospatial Data Center (GDC), Massachusetts Institute of Technology since 2010, and worked on joint research projects with MIT. Dr. Dasgupta published and two textbooks, two edited volumes and several co-edited journals and conference proceedings. His latest textbook on Advances in User Authentication is published by Springer-Verlag, August, 2017 (already having 2730 downloads according to Bookmetrix).. Dr. Dasgupta's multidisciplinary research resulted in more than 250 publications with 15000+ citations and having h-index of 57 as per Google scholar. He received five Best Paper Awards at international conferences (1996, 2006, 2009, 2012 and 2017) and two Best Runner-Up Paper Awards (2013 and 2014):. Among many other awards, he is the recipient of 2012 Willard R. Sparks Eminent Faculty Award, the highest distinction and most prestigious honor given to a faculty member by the University of Memphis. Prof. Dasgupta received the 2014 ACM SIGEVO Impact Award, and also designated as an ACM Distinguished Speaker. Since 2007 he has been organizing Symposium on Computational Intelligence in Cyber Security (CICS) at the IEEE Symposium Series on Computational Intelligence (SSCI) and annual Cyber Security Summit at Memphis. In addition to Prof. Dasgupta's research and creative activities, he also spearheads the University of Memphis's education, training and outreach activities on Information Assurance (IA). He is the founding Director of the Center for Information Assurance (CfIA) which is a National Center for Academic Excellence in Information Assurance Education (CAE-IAE) and in Research (CAE-R). He is leading the University's CAST (Cluster to Advance Cyber-Security and Testing) initiative (funded by the FedEx Corporation) in promoting cross-disciplinary information security research. He has been involved in forming the National Cybersecurity Preparedness Consortium (NCPC) and continually receiving DHS/FEMA projects. Because of the center's wide range of activities, the University of Memphis is in the forefront of information security research, education, and outreach in the state as well as in the region.