Feeds

Knee X-ray biometrics plan to fight spoofing

Accuracy is 'much better than random', apparently

SANS - Survey on application security programs

US federal eggheads have proposed a novel method of preventing biometric ID systems being spoofed by the use of such things as contact lenses, fake fingerprints etc. Instead of easily-fooled systems of this sort, people should instead be identified using X-ray photographs of their knees.

Lior Shamir of the US National Institutes of Health and computer engineer Salim Rahimi of the State University of New York propose that knee X-rays be analysed automatically by the publicly-available "wnd-charm" algorithm, normally used for diagnosing medical problems in the knee joints.

According to the two researchers:

The advantage of using a biometric identification process based on this kind of imaging is that it would be so much more difficult for a fraudster to spoof the knees or other internal body part in the way that they might with artificial fingerprints or contact lenses ... the algorithm can correctly identify a given pair of knees and match it to a specific individual in the database even if the original X-ray were taken several years earlier. Identifiable features correspond to specific persons, rather than the present clinical condition of the joint.

Shamir and Rahimi tried out their theory on a dataset of 1700 kneebone X-rays, scanning them as 8 megapixel images and using the algorithm on a central area of 700x500 pixels.

Apparently the below-the-belt bone probe gear isn't actually very reliable: it isn't as accurate as iris or fingerprint scans. But it is "much better than random results", according to the two men.

They suggest that accuracy could be improved by refining the algorithm. The problem of possible knee cancer in frequent flyers caused by incessant kilt-level X raying at passport control might be dealt with using "an alternative imaging process such as terahertz".

Shamir and Rahimi's paper Biometric identification using knee X-rays is to be published in the International Journal of Biometrics. ®

Top three mobile application threats

More from The Register

next story
Red-faced LOHAN team 'fesses up in blown SPEARS fuse fiasco
Standing in the corner, big pointy 'D' hats
KILLER SPONGES menacing California coastline
Surfers are safe, crustaceans less so
LOHAN's Punch and Judy show relaunches Thursday
Weather looking good for second pop at test flights
Discovery time for 200m WONDER MATERIALS shaved from 4 MILLENNIA... to 4 years
Alloy, Alloy: Boffins in speed-classification breakthrough
Curiosity finds not-very-Australian-shaped rock on Mars
File under 'messianic pastries' and move on, people
Elon Musk's LEAKY THRUSTER gas stalls Space Station supply run
Helium seeps from Falcon 9 first stage, delays new legs for NASA robonaut
Top Secret US payload launched into space successfully
Clandestine NRO spacecraft sets off on its unknown mission
New FEMTO-MOON sighted BIRTHING from Saturn's RING
Icy 'Peggy' looks to be leaving the outer rings
Melting permafrost switches to nasty, high-gear methane release
Result? 'Way more carbon being released into the atmosphere as methane'
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.