From Passwords to Behavioral Analysis: the evolution of user authentication

Date: Wed 14 May 2025 at 15:00
Venue: Room S1, Building E, Viale Regina Elena, 295
Speaker: Prof. Robert Dillon

Title
From Passwords to Behavioral Analysis: the evolution of user authentication

Abstract
While the tech industry often references a 'passwordless future,' the reality is that passwords are still the backbone of online security and aren't going away anytime soon. This seminar discusses how best practices for password management have evolved, with a crucial focus on the human side of cybersecurity. We'll explore how increasingly complex password rules impact user behavior, drawing on the latest research, and suggest practical tips for protecting sensitive data. Nonetheless, it is clear that, today, passwords alone are no longer sufficient to safeguard our information and identities.

Among alternative and complementary approaches, the rise of behavioral analysis is establishing itself as a powerful tool for enhancing security. This technology offers a transparent way to bolster user authentication within a Multifactor Authentication (MFA) framework. Specifically, a potential approach is presented using the unique patterns of how individuals type free-text on a keyboard. This analysis provides a deeper layer of security without adding significant friction for the user, addressing the growing need for robust, yet less intrusive, protection in today's digital landscape.

Bio
Associate Professor Robert Dillon is an (ISC)² Professional Member, an IEEE Senior Member, and the author of six books published by A.K. Peters, CRC Press, and Springer. He holds a Master's and a Ph.D. degree in Computer Engineering from the University of Genoa, a postgraduate level Certificate in Cybersecurity from the Rochester Institute of Technology, and a Certificate in Higher Education Teaching from Harvard University.

Currently, he serves as the Academic Head for the School of Science and Technology at James Cook University's Singapore Campus, where he established a dedicated Cybersecurity degree program in 2020 and founded Southeast Asia's first permanent Computer Games Museum in 2013. Before joining JCU, he held academic positions in institutions such as The Royal Institute of Technology (KTH), Nanyang Technological University, and the DigiPen Institute of Technology.

A keen supporter and developer of FOSS (Free Open-Source Software), his research interests focus on different areas of cybersecurity such as UEBA (User and Entity Behavior Analytics), OSINT (Open-Source Intelligence), and threat intelligence. As a professor and educator, he is also very passionate about enhancing capacity building for the next generation of cybersecurity experts in Southeast Asia by designing new curricula and innovative gamified training tools.