Abstract
Contrary to the prevailing belief, we show that user authentication based on biometrics is vulnerable to dictionary attacks. We show the problem is particularly significant for partial prints used in smartphones and increasingly adopted for authentication tasks ranging from unlocking the devices screen up to payment authorization. We also show that speaker verification systems are also vulnerable to dictionary attacks. We then discuss ways to mitigate such attacks.
Brief Biography
Nasir Memon is Vice Dean for Academics and Student Affairs and a Professor of Computer Science and Engineering at the New York University Tandon School of Engineering. He is an affiliate faculty at the Computer Science department in NYU's Courant Institute of Mathematical Sciences, and department head of NYU Tandon Online. He introduced cyber security studies to NYU Tandon in 1999, making it one of the first schools to implement the program at the undergraduate level. He is a co-founder of NYU's Center for Cyber Security (CCS) at New York as well as NYU Abu Dhabi. He is the founder of the OSIRIS Lab, CSAW, The Bridge to Tandon Program as well as the Cyber Fellows program at NYU. He has received several best paper awards and awards for excellence in teaching. He has been on the editorial boards of several journals, and was the Editor-In-Chief of the IEEE Transactions on Information Security and Forensics. He is an IEEE Fellow and an SPIE Fellow for his contributions to image compression and media security and forensics. His research interests include digital forensics, biometrics, data compression, network security and security and human behavior.