The idea dawned on Glenn Kaufman one day in the lab. His computer was running a pattern-recognition biometrics program – a piece of software that measured how hard and fast he typed, then used it like a fingerprint to confirm his identity the next time he logged on.
Amid the clicking and clacking of keys, he remembered seeing something on the news about “smart guns” that know their owner’s grip and won’t fire for anybody else. He got to thinking: If that sort of thing works on computer keyboards and guns, it must work on other things, too.
“I thought that maybe if there was a pattern to gripping a gun grip, maybe there was a pattern to gripping a mouse,” he said.
Kaufman, a Raytheon cybersecurity engineer, got to work. Four years later, he was awarded U.S. Patent No. 8,762,734 for the “Biometric Pressure Grip” – a sensor that measures how hard and how tightly someone holds a mouse, then uses that information as part of a multi-step login process.
Kaufman’s invention is among hundreds of innovations Raytheon engineers are developing as the company’s cybersecurity business surges in an age of larger and increasingly destructive computer-system breaches.
A culture of creation
“Raytheon is a technology leader across all aspects of the cyber domain,” said Jeff Snyder, vice president of Raytheon’s cyber programs. “If we see a gap that we have in cyber technology, we will either invest internally to develop it … or we’ll find the right partner. And our leadership believes in this technology area as it is so critical to protect our products, Raytheon’s infrastructure, and our important cyber clients.”
Major Raytheon cybersecurity innovations include:
· SureView: Software that guards against “insider threats” or abuses of computer systems by people authorized to access them. The system alerts IT security to warning signs – such as employees downloading files at unusual times – and also provides a detailed, video-quality recording of computer users’ activity.
· Advanced Threat Protection (formerly RShield) – An advanced malware detection system that, for example, segregates incoming emails and downloads, putting them through a battery of tests to root out any malicious code. Raytheon announced at the 2014 Black Hat cybersecurity conference in Las Vegas that it is developing a major upgrade to the system.
· High Speed Guard – Software that provides fast, secure and automated transfer of complex data such as video between multiple classified networks. High Speed Guard has been shown to transfer data at rates of more than nine gigabits per second.
· Net Maneuver Commander – A “moving target” system that protects a network by constantly rearranging it through the use of randomization algorithms. The technique keeps weak spots on the move, forcing hackers to relearn the entire system and rebuild their malware every time the system redraws the network.
Kaufman’s mouse is not yet part of any specific security system. But inventions like his could have potential as part of a “layered” security system that uses a security token and a password or a passphrase.
Kaufman’s research showed a person’s mouse grip is a surprisingly effective biometric identifier. It turns out only about one in 10,000 people place their fingers in exactly the same spot and exert precisely the same amount of pressure.
“It’s not only a reliable identifier, but it’s also harder to defeat,” Kaufman said. “I can defeat fingerprints, because I can take it from something else like a glass … once I’ve done that, all I have to do is override the system by using a mockup of your fingerprint. Because this is a pattern-recognition biometric, it’s harder to defeat.”
Inventions like Kaufman’s smart mouse show Raytheon engineers are gearing up to meet the growing demands of cybersecurity, Snyder said. Private companies such as retailers and utility providers are realizing they need military-style protection for their data and networks, and Snyder said building that protection – assessing a client’s needs, designing a system and monitoring it around the clock – is something Raytheon already does for government agencies.
“That continuum, that delivery continuum, applies in the federal and commercial marketplace exactly the same,” he said. “No different – it’s all the same.”