Giffin meets with students in his office.

POTSDAM -- Clarkson University assistant professor of mathematics Adom Giffin collaborated on a project for the Cyber Fast Track Program sponsored by the Defense Advanced Research Projects Agency (DARPA).

Adom Giffin collaborated with others in the field on the four-month project to create the multi-factor authentication system that DARPA, an agency of the U.S. Department of Defense, is adding to its short-term security projects.

“The Cyber Fast Track Program originally was intended to fund hackers,” Giffin notes, “but it was changed to provide small grants for short-term cyber security projects. Instead of funding a few large research projects, DARPA changed its strategy and turned to hackers and garage computer enthusiasts for many ideas that can be quickly implemented. If even a few of these ideas work, the government has invested very little money and the quick turnaround will help thwart attempts to break in to secure information sites. This broad-application approach also will encourage businesses to use this technology so they will benefit from enhanced security as well.”

Unfortunately, given enough time and resources, everything can be hacked, Giffin says. The best defense is to make it more difficult, more expensive and more time-consuming for criminals to do so.

That's where his multi-factor authentication comes in. The professor uses the everyday process of a password and verification question as an example of simple multi-factor authentication. Basically, you need to go through more than one step to identify yourself as the rightful user of an account. Suppose a hacker discovers your password, but then he or she must answer personal questions about your childhood. That will delay or stop them. More intensive security might require voice recognition, a fingerprint or an iris scan.

“With this multi-factor system, people who should be authenticated have more than one chance to get in, but each step makes it more difficult for criminals to hack in,” he says. “That's what we did for DARPA -- write a software program using authentication factors. The work was new and innovative on this end, using something called Bayes Factors.”

ProvenSecure Solutions, a private New Jersey-based Cyber Security Solutions firm, was awarded $128,230 in support the project, and the firm sought out Giffin for his expertise. Giffin received a $50,000 sub-award for his involvement and redirected an additional $30,000 to other subcontractors working with him. Cyber security is one of Clarkson's research focuses, and Giffin was recognized last fall for his first sponsored-research project.

Giffin also used some of the funds to support a summer workshop on the project for selected undergraduate students.

In a news release, ProvenSecure Solutions CTO Rao Bhamidipati pointed out that security threats to government facilities as well as incidents of aggressive industrial espionage are on the increase.

He added: “This cyber security research and technology are critical and broadly applicable to all enterprises that need to protect intellectual property or customer information; including companies in the financial services, healthcare, telecommunications, media, engineering and technology consulting, innovative small enterprises, as well as the SmartGrid and physical infrastructure industries like utilities, oil and gas etc., to ensure safety and privacy of assets and people.”