Labs

Suspend Disbelief

Innovation starts by envisioning answers to questions that haven’t been asked or reimagining new ways to solve old problems. At Allure Labs we transform blue-sky ideas into reality. Our research has been supported by Columbia University, the National Science Foundation, DARPA, DHS, and others willing to take a chance on big ideas.

Here are a few of the questions we’ve been thinking about.

 

Can your behavior be used as a biometric password?

We entrust passwords to keep our information safe and private online, but most password structures aren’t designed for how people really think. Humans rely on patterns to remember information, not complex strings of characters. And most passwords only require you to authenticate once, which means your information is vulnerable if someone else gets control of your machine or device. We were challenged to develop technology that continuously and seamlessly authenticates individuals based on their unique characteristics. With support from the DARPA Active Authentication program, we developed the RUU technology, an authentication solution that uses your behavior as a biometric password. Read more about our research at the resources below.

Selected Academic Papers

On the Use of Decoy Applications for Continuous Authentication on Mobile Devices

System level user behavior biometrics using Fisher features and Gaussian mixture models

Modeling User Search Behavior for Masquerade Detection

How can you detect a hacker from the inside?

As hackers have become increasingly sophisticated, security has had to move beyond building bigger walls and look at security from the inside out. How do you detect a hacker on the inside? And how do you ensure employees don’t unwittingly grant access to sensitive information? Funded by the DARPA ADAMS program we developed decoy technology that dupes would-be thieves into stealing fake data. When a decoy file is touched, an alert is generated that informs the security pro where and when the file was opened or removed. The attacker leaves with worthless data and leaves behind forensics that help track the source of the leak.

Selected Academic Papers

Fox in the Trap: Thwarting Masqueraders via Automated Decoy Document Deployment

Fog Computing: Mitigating Insider Data Theft Attacks in the Cloud

Measuring the Human Factor of Cyber Security

Baiting Inside Attackers Using Decoy Documents