* Research Sites *
Dr. Dipankar Dasgupta
333 Dunn Hall
Memphis, TN 38152-3240
phone: (901) 678-4147
fax: (901) 678-1506
dasgupta@memphis.edu

     

Elevated to IEEE Fellow(Batch of 2015)
Distinguished ACM Speaker
Recipient of 2012 Willard R. Sparks Eminent Faculty Award.


Advisory Board Member of MIT in Cyber Security

Editorial Board of journals


Announcement:

* Principal Investigator *
Dr. Dasgupta will Organize IEEE Symposium on Computational Intelligence in Cyber Security (CICS 2017) at Hawaii, USA from November 27-December 1, 2017. Program Committee Member of the 1st IEEE International Workshop on Cyber Resiliency Economics (CRE 2016) , Vienna, Austria, August 1-3, 2016. Prof. Dasgupta will give an invited talk at the Computer Science Department, University of Tennessee, Knoxville, TN, April 7, 2016     Prof. Dasgupta will present a research paper at 11th Annual Cyber and Information Security Research (CISR) Conference will be held at the conference center at Oak Ridge National Laboratory, Oak Ridge, TN, April 4 - 6, 2016.     Prof. Dasgupta will give invited talk at Regional Symposium "Graduate Education and Research in Information Security",'GERIS'16, on March 8, 2016, at Binghamton University,Binghamton, New York.     Announcement for the available position in Research Assitant Professor (in Cyber Security)     Prof. Dasgupta was interviewed by a local TV Channel (FOX 13) and telecast on Feb. 19, 2016. Click here for Video.     Organized "Cybersecurity Certificate Course" foundational program at FedEx Institute of Technology,UofM, February 1-5, 2016.     Prof. Dasgupta gave an invited talk on 5th International Conference on Fuzzy and Neural Computing, FANCCO-2015, December 16-19, 2015.     Cluster to Advance Cyber Security & Testing (CAST) hosted Cybersecurity Lightning Talks at the FedEx Institute of Technology, afternoon of December 3, 2015     CfIA Receives Cyber Security Training Grant from FEMA     UofM's CfIA Will Develop Course for Mobile Device Security and Privacy Issues     Prof. Dasgupta gave an invited talk on Adaptive Multi-Factor Authentication at the Department of Electrical Engineering and Computer Science and CASE Center, Syracuse University, Syracuse, NY 13224-5040 November 18, 2015     Organize a Symposium on Computational Intelligence in Cyber Security (CICS) at IEEE Symposium Series on Computational Intelligence (SSCI,), December 7-10, 2015 at Cap Town, South Africa     Gave keynote speech at St. Louis at Cyber Security workshop (STL-CyberCon), University of Missouri-St. Louis, November 20, 2015     Prof. Dasgupta attended the NIST-NICE conference at San Diego from November 1-4, 2015     Prof. Dasgupta gave an invited talk at 9th International Research Workshop on Advances and Innovations in Systems Testing at FedEx Institute of Technology, the University of Memphis, October 20, 2015     Our Cyber Security Team got a second position on Cyber Defense Competition @CANSec 2015, held on 24th October at University of Arkansas at Little Rock

What is a Negative Authentication System?

(Concept Demo)

By D. Dasgupta, Director, Center for Information Assurance.

Password authentication is very critical for secure access to company servers as it verifies the identity of computer users and processes. Most authentication systems use some form Positive Identification (PI) to identify legitimate users. Specifically, these systems use a password profile containing all the user passwords that are authorized to access the system (or the server). The negative counterpart (non-self/anti-password space) represents all strings that are not in the password file (which can possibly be exploited by hackers using password guessing or cracking tools). The purpose is to keep the Anti- Password checking as the first line of Authentication (invisible to users) and be kept in a separate machine (probably outside the secure perimeter), while the positive authentication system should be inside the highly secure region).
While this Anti-Password (Anti-P) space appears to be very large, our technique utilizes a form of implicit clustering to generate a small set of Anti-P detectors to cover this password guessing space. The developed system demonstrated it is hard (if not impossible) to discover any individual password even though Anti-P detectors are being compromised. Thus, the system can filter out all illegitimate users (hackers, crackers, etc.) before allowing them to access the positive password verification system, providing an additional layer of protection (invisible) to the user. It can provide a robust solution in immunizing authentication systems (local, remote or online) by putting an additional layer of protection (invisible) to the user. The prototype system called Password Immunizer is developed by Prof. D. Dasgupta and his research group at the University of Memphis, USA. In short, it is a non-obvious bio-inspired tool for user authentication that creates the Anti-P protection shield to filter out invalid access requests.
A demo illustrating the concept is available at Password immunizer (patent pending).

See Archive of Comments/Queries.

Send your comments/queries to; dasgupta@memphis.edu.