The Department of Homeland Security’s Science and Technology directorate awarded three companies nearly $5 million to research novel user authentication technology on mobile devices.
Malibu, California-based HRL Laboratories; Hartford, Connecticut-based United Technologies Research Center; and McLean, Virginia-based Northrop Grumman were given awards under the directorate’s cybersecurity division’s five-year Broad Agency Announcement. HRL was given $2.2 million, Northrop Grumman was given $1.7 million and UTRC was given $790,000.
Each award is devoted to accelerating the adoption of secure mobility practices in the federal government and private sector. All three awards are focused on a form of secure authentication that will provide a new protection against emerging threats without taking away from a device’s performance.
HRL will be working on a low-power anomaly detection system that is based on a “brain-inspired” algorithm of learning user behaviors. Researchers hope the system will detect behavioral anomalies from native mobile device sensors and separate false positives from actual user behavior, resulting in “unobtrusive, continuous behavior-based authentication.”
“Given the recent cyber intrusions, it’s even more important to enable secure mobile authentication for our mobile devices,” said Vincent Sritapan, a DHS cybersecurity division program manager. “With performers like HRL Labs, we can build innovative secure technologies that leverage sensors on the device, use breakthrough low power technologies, and provide new forms of mobile access control that defends against adversaries.”
UTRC will be working on a system that provides continuous risk assessment and flexible credential management. The Context-Aware Security Technology for Responsive and Adaptive Protection, or CASTRA, will provide context-aware authentication, using the processing and sensing capabilities of mobile devices while aiming to stay away from degrading the user experience.
Northrop Grumman will be working on a system that tracks user behavior, using machine learning to compare recent behaviors while operating in the background. Users will be prompted to authenticate if anomalies are detected. The system will lock or wipe devices if it cannot unlocked.
“Mobile devices have become critical tools for government personnel to accomplish our mission,” DHS Undersecretary for Science and Technology Reginald Brothers said. “Developing and implementing security technology on the mobile device is key to protecting sensitive information. This project will provide an innovative solution for making sure information is kept safe.”