CAE Tech Talk: Securing Data and Dictionary Attacks

Posted on 9/12/19 8:52 AM

Mark your calendars and come join your friends in the Center of Academic Excellence (CAE) community for a Tech Talk. CAE Tech Talks are free and conducted live in real-time over the internet, so no travel is required.

Capitol Technology University hosts the presentations using Adobe Connect, which employs slides, VOIP, and chat for live interaction. Just log in as “Guest” and enjoy the presentation(s).

Thursday, September 19, 2019

Topic: Secure Data Transmission over smartphones

Time: 1:00–1:50 pm

Location: Zoom Meeting

Audience: Students, Professors, Government

Presenter(s): John Yoon, Mercy College

Description: In this talk, the presenter will introduce a few implementation issues for iPhone application security. The apps that this talk consider are not those using data easily available only on a local device, but those provided from a remote server and sharing with several users. The goal implementation is to develop an access control mechanism that is adaptive to a cell device user and sensitive to the data transmitted from remote servers. Access control at each iPhone device is determined based on user data. As such, the user data may be available on a local cell device or that can be provided from a remote server. Those data may be in plaintext or in JSON from a remote database.

Topic: Dictionary Attacks on Biometrics Systems

Time: 2:00–2:40 p.m.

Location: Zoom Meeting

Audience: Students, Professors, Government

Presenter(s): Nasir Memon, New York University

Description: Contrary to the prevailing belief, we show that user authentication based on biometrics is vulnerable to dictionary attacks. We show the problem is particularly significant for partial prints used in smartphones and increasingly adopted for authentication tasks ranging from unlocking the devices screen up to payment authorization. We also show that speaker verification systems are also vulnerable to dictionary attacks. We then discuss ways to mitigate such attacks.

Conference information

A recording of the live presentations will be available online

Contact us at: caetechtalk@nsa.gov

See the official Tech Talk flyer.