Facial Recognition Might Stop the Next Brussels

Keeping terrorists away from crowded spaces requires recognizing them before they get there, is no easy task. 
    
The departments of Defense and Homeland Security have invested in technology to prevent attacks like the one in Brussels, including facial recognition technology that can spot and flag a suspected terrorist in a car heading toward an airport or crowded subway. But bringing that technology out of the lab and getting it to airports and street corners is a lot harder than just snapping a photo.

Just hours after two bombs exploded in the public departure area of Zaventem airport and a third at the Maelbeek metro station, grainy closed-circuit television footage surfaced showing three men at the airport. Two wore black gloves on their left hands, the third a white coat. Security experts said that footage showed the likely attackers and that the gloves might have concealed detonators.

The attack on Zaventem doesn’t point to a specific weakness in airport security, said one DHS official who spoke anonymously because they were not authorized to discuss the incident with media. “The reality is, they did it in a public area of the airport. The assumption that they determined that it would be too difficult to get any deeper into the airport is a reasonable assumption to make,” the official said. “When events like this happen, we play extraordinarily close attention to them. Could it happen here? If so, how could we interdict it?”

In order to thwart an attack, a facial-recognition-based system must have access to a database that already contains the would-be perpetrator’s face, sensors that can obtain usable snapshots of people approaching the protected area, and a way to alert guards or otherwise cut off access to the target. Getting all three of those at once is the challenge of securing a place like an airport’s departure area or a metro station.

 “The reality is you’re not going to lock down the public access areas of the world, the same way you lock down a boarding area in an airport. The public wouldn’t tolerate it,” said the official.

But the US government is nearing the ability to get useful systems in place.

In 2014, the military tested a General Electric high-speed, multi-resolution camera capable of capturing a facial image even at an angle. The system was designed to ID someone in a moving car headed toward a base, but could be deployed on city streets or on the road to an airport.

“The high-resolution image can be panned and tilted using an internal device and the system is designed to capture images at a standoff range of 22 to 33 meters.  That’s up to 108 feet,” John Boyd, director of Defense Biometrics and Forensics, said in 2014. “The … images are then outputted to a machine-vision algorithm to continuously track the location of the vehicle. 

The vehicle coordinates are then used to estimate the time of arrival of the vehicle to four fixed catcher zones along a calibrated track. Some 20 high-resolution images are captured per zone as the vehicle travels five miles per hour, five to ten. The high-resolution frames are then automatically analyzed and match scores are fused into an average score to positively identify the individuals in the vehicle; and this is with tinted glass, among other things.”

In tests at Fort Belvoir, the system worked, but slowly, a Defense Department official said at the time.

“It was a demonstration sort of environment, so the van would make its approach but then have to slow down so that the computer, which was not optimized” could ingest the data. The official called the system “not deployable” but “a very positive step.” He said, “We were able to identify people in a moving vehicle. There is the feasibility of the technology being further advanced and then point it at a normal post.”

Image capture technology has advanced since then. In 2016, you don’t even need a whole face. Iris scans can provide a more useful identifier and are becoming easier to collect.

“There is some interesting capabilities in industry now where instead of doing something semi-invasive like a laser just scanning the eye, they’re actually using video,” the DHS official said.

High-definition video cameras today allow dual iris authentication at 20 to 30 feet, according to the official, who described the technology as “emerging” and said that DHS was actively testing it.

“So if someone is walking down an airport jet way, can we do iris identification and say, ‘This person has been authenticated; they’re allowed to go in the fast-track lane on the right. This person has not; they have to go the secondary screening on the left’? 

Can that device be built into the computer itself so that it’s not an add-on device, like a mouse? The answer is yes,” he said. “Years from now, we’ll look back and say, ‘Remember when we thought dual-iris [verification] with video at 20 feet was the be-all, end-all? How funny that is 20 years later when we’re doing something even better.”

In Brussels, closed-circuit cameras in the airport and the metro clearly did not deter the perpetrators, but did capture images that are being used in the investigation. Early reports indicate the men took a taxi to the airport. Could networked cameras on the road leading to Zaventem, peering into the backseat of that cab, (or in the cab itself) have saved lives? Perhaps. But image capture and iris scanning do you no good if the picture in the photo doesn’t match to a suspect in a database.

One way to populate that database is by collecting iris scans at checkpoints, as the United States has begun doing at a border crossing in Mexico. The United States also collects fingerprint samples on refugees entering the country. Of course, people don’t have warm feelings about surrendering biometric data to the government. But they might feel better about giving it away to a device that they own to unlock it. Device makers from Apple to Fujitsu are making biometric owner identification a security feature in new smartphones. This could provide a less invasive means of collecting bio data in the future, according to the DHS official.

“There’s a market reality that this is becoming consumerized. The consumer now wants these now. That makes it far more possible for industry to adapt, especially once assured-iris identification comes out on every laptop and every cell phone that you buy, or in every rearview mirror in every car. Those are the kind of things we’re monitoring,” said the official.

The Brussels bombings could provide lawmakers and border security professionals with extra cover to seek more biometric data. That could come, not in the form of a scan at the airport, but as a simple “opt-in” notification, on your phone. Giving biometric information away to the government could become much simpler. Whether doing so will actually make cities safer remains to be seen.

DefenseOne

 

« Cybercrime Is Changing
Clinton Emails Suggest Google's Assistance In Undermining Assad »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

RangeForce

RangeForce

RangeForce delivers the only integrated cybersecurity simulation and skills analysis platform that combines a virtual cyber range with hand-on training.

Zuratrust

Zuratrust

Zuratrust provide protection for all kinds of email related cyber attacks.

Trustelem

Trustelem

Trustelem offers European and global companies a ready-to-use access management service that respects the principles of sovereignty, territoriality and privacy.

ConvergeOne

ConvergeOne

ConvergeOne is a leading global IT services provider of collaboration and technology solutions including cybersecurity.

US-Africa Cybersecurity Group (USAFCG)

US-Africa Cybersecurity Group (USAFCG)

USAFCG provides cybersecurity consulting services and delivers training programs for capacity building in Africa.

Lionfish Cyber Security

Lionfish Cyber Security

Lionfish Cyber Evolution & Empowerment Model™ empowers SMBs to prepare and protect themselves against cyber threats using a unique combination of on-demand training, support and managed services.

ITTAS

ITTAS

ITTAS is a multidisciplinary company specializing in information security and software and hardware protection software.

CyGlass

CyGlass

CyGlass simply and effectively identifies, detects, and responds to threats to your network without requiring any additional hardware, software, or people.

UTMStack

UTMStack

UTMStack is a Unified Security Management system that includes SIEM, Vulnerability Management, Network and Host IDS/IPS, Asset Discovery, Endpoint Protection and Incident Response.

GAVS Technologies

GAVS Technologies

GAVS is a global IT services provider with focus on AI-led Managed Services and Digital Transformation.

Appsec Phoenix

Appsec Phoenix

Appsec Phoenix is an end to end vulnerability management platform that focuses on workflows, threat feed, and real time data.

Anonomatic

Anonomatic

Anonomatic’s mission is to make data privacy secure, simple and cost effective. We are Data and Privacy Experts who are passionate about helping organizations solve PII compliance.

VectorRock

VectorRock

Save Your Business From Cyber Criminals. We specialize in uncovering cyber risks which threaten your organization and fixing them.

ShellBoxes

ShellBoxes

ShellBoxes are a leading Web3 company focused on providing top-notch blockchain security and development services.

Sentar

Sentar

Sentar is a cyber intelligence company, applying advanced analytics and systems engineering expertise to protect our national security by securing mission-critical assets.

Security Risk Advisors (SRA)

Security Risk Advisors (SRA)

Security Risk Advisors deliver cybersecurity services to leading companies in the Financial Services, Healthcare, Pharmaceuticals, Technology and Retail industries.