Skip to main content

Can you hack a security checkpoint metal detector? Yeah, we already did.

To get straight to the point - walkthrough metal detectors are a security technology to attempt to detect and thus remove weapons and dangerous items from individuals to make a safe space. What if they were much more fallible than expected? 

I'm not here to fear-monger either - these problems are preventable with proper use and changed in guidelines. Like many security controls, their exploitation is commonly due to those who implement and monitor them. However, in order to create these changes, more proof-of-concepts and solutions need to be tested. We already have a few to start. 

The walkthrough metal detector (WTMD) research was not my original idea. It started out of research projects from PHSI and another Garrett 6500i was donated to our lab. This machine was not ours and we did not have permission to modify or conduct digital attacks on the detector. We were supposed to use physical modifications to hide or modify the results of the screening. 

One colleague in particular Pat Glass created a wooden rig that would allow student researchers to test passing items through the detector consistently and accurately. PHSI students tested common suggestions and ideas on getting pass the detector. They tried wrapping items in Mylar, changing the item's surface area, and other tricks to get the metal detector to create a false negative. More information about that research can be watched in my GrrCon talk. Thank you to the researcher who named that metal detector Mr. Den City - Katie

So here's the general plan for evaluating this technology:

Done
  • Test materials on person to create false negative ✓
  • Change properties on items passing through to create false negative ✓
  • Attempt to incorrectly screen resulting in false negatives ✓
  • Attempt to incorrect screen resulting in a false positives ?
  • Audit common guidelines expected results to tested outcomes ✓
    • When venues set their WTMD levels, are the capturing the results they are expecting?
      • spoiler: not really. 
In-Progress
  • Attempt material changes resulting in false positive
  • Re-evaluate original threatening materials versus newer threatening materials and access proper WTMD levels
    • What levels should they be in order to detect what we originally thought was dangerous, and what we now evaluate to be dangerous in 2020?
Future Work
I'm obligated in the interest of PHSI to redact a few details. 
  • Re-test and document the previous work and complete the in-progress work
  • Access other avenues of intentional false positives
  • Get a second WTMD 6500i
  • Install the module typically in use at venues and security checkpoints which utilize multiple WTMDs together. 
  • Access the vulnerabilities associated with multiple WTMD use.
    • This does not refer to the human error associated with Lane Consistency that I wrote about in my thesis. This is a technology centered inquiry. 
      Someone once told me that your Master's thesis will be your worst work, and goodness is that the case for me. When I get my first prof appointment I'll re-work and update it. Anyway...
  • A couple of surprises
    • hint: there's a local area network here

I hope this has answered a couple questions or at least has a few people interested in the project! I'll do my best to share updates as they come up there. 
Labels:

Comments

Post a Comment

Popular posts from this blog

Studying for the AWS Certified Cloud Practitioner Certification (CLF-C02)

As a solution's architect, I want to keep up on my cloud skills. As noted in my previous New Year's Resolution post , I'm looking to get the AWS Certified Solutions Architect Associate (SAA-C03) exam, and the Cloud Practitioner (CLF-C02) certification is the one that precedes this SAA-C03 exam.  After speaking to others who have passed the SAA-C03 exam, they mentioned more than half the content is the same as the CLF-C01 exam. The exam has been updated last September and has changed content moving to the C02 edition. So I believe it's foundational to take this exam first.  As a former academic, I have a high standard to passing the exam. While I'm already passing some practice exams, I don't want to sit for the exam until I'm getting over 90% on the practice exams. What's the point of barely scraping by when I'm doing this to truly gain skills and knowledge? Below I'm going to outline what I've been using to study. AWS Skill Builder I do pa...
Post a Comment
Read more

2024 Resolutions

Welcome back! It's another New Year's blog post. Let's get right into my goals for this year. 1. Obtain the AWS Solutions Architect certification Right now, I'm working as a Solutions Architect, and I'm all about boosting my career with the right certification. I absolutely love what I do and want to get even better at it, so I can be an even more valuable part of my company. Even though I've got a master's degree, I'm hungry to learn more and up my game. I'm currently getting ready for the AWS Cloud Practitioner exam, which is set for February 23rd. What's interesting is that a big chunk of the stuff in this exam is also in the Solutions Architect (SA) exam. I'm making good progress with my studies, and I'm pretty confident that I'll be all set to tackle the exam by the end of the year. I'm on a mission to move up in my career, prove my worth, and pick up some fresh skills along the way. Some folks really value high...
Post a Comment
Read more

How to program a NTAG215 NFC Tag

Hi! Did you just acquire a NTAG215 NFC tag? Very cool. Maybe you scanned it and it brought you here. Here's how to edit the content on the tag to make it do what you want.  Easy Steps Download an NFC writing app on a smartphone like this one for Android or this one for iPhone. I assume you might have this app already if you're reading this tag. Done Decide what type of data you want to save. If you picked up more than one of the NFC tags, you may have a variety of data saved to them like the ones below: Plain text URL/URI Link to a search Social networks Video File Application Mail Contact Phone number SMS Location Address Proximity search Street View Emergency info Bitcoin address Bluetooth connection WiFi network settings other custom fields Make sure if you select the correct format to make it easier to scan, save the write data, and re-scan the tag. Switch back to the read function and test your tag! Next Method The above method doesn't cover making everything, such a...
Post a Comment
Read more