Tag: LSU | SpinSafe

BATON ROUGE, La., March 07, 2023 (GLOBE NEWSWIRE) — Every day, smartphone users utilize biometric data like their fingerprint, facial ID, PIN number, and/or voice recognition to unlock their devices. They also use such data to login to apps, make online purchases, pay bills, etc.

But what if that information could be duplicated and reused? Because such biometrics are static and unchanged, once they are leaked, they would never be secure to use for future authentication.

That dilemma is at the heart of LSU Computer Science Assistant Professor Chen Wang’s developing research into hand gripping as a verification method. Last year, with the help of a grant from the Louisiana Board of Regents, Wang’s research focused on notification privacy and using a smartphone’s own musical sounds/vibrations during notification for verification. This time around, and with the backing of a National Science Foundation grant of more than $470,000, his focus has expanded to include a variety of smartphone functions, as well as notification privacy.

“This research focuses on addressing two long-standing issues in mobile device authentication, obtrusiveness and replay threats,” Wang said. “The aim is to reduce the user effort involved in authentication so that they can handle in-situation privacy provisions and to make biometric data not reusable so that an adversary cannot replay your biometrics to spoof your identity.

“The current 3D scanning and printing technologies can forge your fingers, hands, and face. Besides, if the transmission and the storage of your biometric data are not carefully secured, such data could be leaked and reused by an adversary. The biometric data required [for authentication] is all static and never changed. This means that if the biometric data is leaked, an adversary can reuse it to access your device and online accounts.”

So, how does using one’s hand grip for authentication work? When authentication is requested, the smartphone sends barely inaudible ultrasounds encoded into multiple narrow frequency bands within 17-22 KHz. This encoded acoustic signal propagates on the phone’s surface and is absorbed and reflected by the user’s hand. Because of the hand’s unique biometric…

Source…

A 25-year-old LSU student was arrested Friday for allegedly installing malware on 169 University devices over the course of two years, according to WBRZ.

LSU Media Relations Director Ernie Ballard said LSUPD arrested the student and booked him into East Baton Rouge Parish Prison Friday.

A campus technology services employee found a USB drive allegedly left by Carlos Munoz-Salazar in an infected computer. Police said the University was able to use the USB to determine when Salazar next logged onto a campus computer. An employee then found him at the infected computer and took a picture of his Tiger ID.

Police said the software found on the computers allegedly allowed Salazer to remotely control the University devices and download programs which enabled him to mine cryptocurrency. Since his arrest, Salazer admitted to making approximately $2,500 from mining virtual currency on LSU computers.

There are reports dating back to June 2018 when this specific software was used, and the attacks continued up until July 23, 2020, when the University’s IT department blocked the software.

Salazar was booked on 169 counts of computer tampering and computer fraud and is awaiting trial.

Source…

Tag Archive for: LSU

LSU Computer Science Faculty Furthering Research Into Smartphone Security

Report: LSU student arrested for installing malware on University computers | News