Wednesday, July 29, 2009

Bang goes the theory: biometrics

The new OU and BBC series Bang Goes the Theory hit the airwaves on Monday and by coincidence the the opening segments dealt with subject matter which has been periodically covered at b2fxxx over the years - cctv and biometrics. The nature of the show is to introduce the hard science and technology and make it accessible to a wide audience and if my ten year old's reaction to it is any measure it was certainly accessible and entertaining. He particularly enjoyed the frying of the egg in a sheet of newspaper and the vortex cannon sections. Though he was totally freaked out by Craig Venter's plans to create new forms of life and did feel slightly cheated by being led to expect that the cannon would blow down a house of bricks and then finding it was a wall of bricks which didn't even have mortar hold them together! The sight of the shape of the vortex ring blasting through the top of the wall compensated slightly however.

Certainly shades of his other current favorite programme, Top Gear, in there.

Getting back to biometric matters and specifically the gait recognition segment of the show I penned a follow up piece for the Bang blog, to explain some of the issues associated with the use of biometrics for surveillance and offer links to more in depth analyses. A copy of those thoughts follows:

The idea of gait recognition has been around for a long time. In G.K. Chesterton’s short story The Queer Feet, Father Brown prevents a crime by “merely by listening to a few footsteps in a passage.” Gait analysis has been widely deployed in professional sports and medicine, enabling sports stars to improve their golf swing, running stance or cycling position and helping in the design of prosthetic limbs for example.

As a means of identifying someone at a distance, without any need to inconvenience the people being analysed, it would appear to be a useful proposition. It is important to note, however, that identifying someone in a crowded city square and verifying that someone is one of 200 people who have walked down a colourful corridor with clear contrast under carefully controlled laboratory conditions, are two entirely different problems.

Technically speaking, checking the gait of one person, in a psychedelic corridor with perfect lighting conditions, to find a match in a database of 200 recorded gaits, is relatively straightforward.

Detecting individual gaits in a dynamic, crowded city square, under less than ideal lighting conditions and pinpointing a baddie by attempting to match those (potentially) millions of readings against a database of millions of recorded gaits, is a much more difficult problem.

And we haven’t even thought about how we would get accurate measurements of millions of people’s (or indeed the baddie’s) walking styles on our benchmark database in the first place yet. Then if the baddie puts a stone in his shoe to change his walk to deliberately fool the software, as Dallas did with his funny walk on the first programme in the Bang Goes The Theory series3, it becomes even more difficult.

From a security perspective, the notion that mass surveillance with advanced technology will magically detect the baddie, turns out to be fundamentally flawed. (It should be noted that mass surveillance is widely and wrongly promoted as an effective anti-terror tool but it is not advocated by the team at Southampton.)

Because terrorists are relatively rare, finding one is a needle in a haystack problem. You don’t make it easier to find the terrorist by throwing more hay (say the biometric data of millions of innocent people) on your data haystack. The technology doesn’t simply home in on the criminal as it does in Hollywood movies.

The police and security services end up spending so much time dealing with innocent people and false leads that their limited resources get swamped.

If each of the UK’s population of around 60 million were monitored once a day and our system was 99% accurate (e.g. flags 1 in a 100 innocents as terrorists and detects 99 out of every 100 terrorists), the police will have to process 600,000 false leads per day.

Given those of us who traverse public places are monitored multiple times a day you can see how that could quickly become unmanageable. It’s also unacceptable from a social, legal and economic point of view.

So it is probable that the use of gait recognition and other biometrics will prove to be more useful for small scale authentication - e.g. employee access to the workplace, rather than large scale surveillance e.g. picking a terrorist out of a crowd.

On small-scale authentication

Technically speaking authentication or verification is an easier thing to do than identification. Authentication (assuming we’re not trying to do it remotely) with biometrics merely asks whether a biometric belongs to the person presenting themselves for authentication. It compares their proffered biometric with the one on file under their name and determines whether there is a match.

Identification is much harder to do and is what security systems at airports or busy shopping areas or sports stadiums attempt to do – measure the biometrics of everyone passing through and attempt to check whether there is a match with a large (and not necessarily particularly reliable) database of biometrics.

The difference appears pedantic but is very important. In the authentication case one biometric is checked against one specific biometric on the database. In the identification case, millions of biometrics are checked against millions (potentially) of biometrics on the database.

Even with highly reliable technologies – say 99.9% accurate and none of the modern systems approach that yet – these millions of checks searching for matching pairs generate huge numbers of false positives (innocents flagged as malcontents) and dangerous levels of false negatives (real bad guys flagged as innocents and it only takes one to get through to cause serious security problems).

The police and security services then spend so much time, energy and resources dealing with innocent people they don’t have the time to deal with the real criminals.

Find out more

Floyd Rudmin, Professor of Social & Community Psychology at the University of Tromsø in Norway, explains why, statistically speaking, mass surveillance cannot work in this article:
The Politics of Paranoia and Intimidation: Why does the NSA engage in mass surveillance of Americans when it's statistically impossible for such spying to detect terrorists? External link 4
Counterpunch magazine, May 24, 2006

For those interested in the use of biometrics and security more generally I’d recommend:
Beyond Fear: Thinking Sensibly About Security in an Uncertain World
Bruce Schneier, Springer-Verlag New York Inc

Freedom to Tinker blog External link 5 - hosted by Princeton's Center for Information Technology Policy.

Jerry Fishenden Blog External link 6 - New Technology Observations from a UK Perspective.

UK High Court Judge, Hon Sir Jack Beatson explains the legal issues with the use of biometrics in crime detection in Forensic Science and Human Rights: The Challenges External link 7 [pdf], his valedictory address as President of the British Academy of Forensic Science, 16 June 2009.

Nuffield Council on Bioethics report, The forensic use of bioinformation: ethical issues External link 8 [pdf], published in September 2007.

Human Genetics Commission Citizens Report External link 9, July 2008.

Biometrics: Enabling Guilty Men to Go Free? Further Adventures from the Law of Unintended Consequences External link 10 - Jerry Fishenden blog post

Digital Decision Making: Back to the Future - chapters five and six
Ray Corrigan, Springer-Verlag, 2007

Study information and communications technologies with The Open University External link

No comments: