Security Analysis of a Full-Body Scanner

Keaton Mowery, Eric Wustrow, Tom Wypych, Corey Singleton, Chris Comfort, Eric Rescorla, Stephen Checkoway, J. Alex Halderman, and Hovav Shacham

In Proceedings of the 23rd USENIX Security Symposium. USENIX Association, Aug. 2014.

Abstract

Advanced imaging technologies are a new class of people screening systems used at airports and other sensitive environments to detect metallic as well as nonmetallic contraband. We present the first independent security evaluation of such a system, the Rapiscan Secure 1000 full-body scanner, which was widely deployed at airport checkpoints in the U.S. from 2009 until 2013. We find that the system provides weak protection against adaptive adversaries: It is possible to conceal knives, guns, and explosives from detection by exploiting properties of the device’s backscatter X-ray technology. We also investigate cyberphysical threats and propose novel attacks that use malicious software and hardware to compromise the the effectiveness, safety, and privacy of the device. Overall, our findings paint a mixed picture of the Secure 1000 that carries lessons for the design, evaluation, and operation of advanced imaging technologies, for the ongoing public debate concerning their use, and for cyberphysical security more broadly.

Material

Reference

@InProceedings{RADSEC, author = {Keaton Mowery and Eric Wustrow and Tom Wypych and Corey Singleton and Chris Comfort and Eric Rescorla and Stephen Checkoway and J. Alex Halderman and Hovav Shacham}, title = {Security Analysis of a Full-Body Scanner}, booktitle = {Proceedings of the 23rd USENIX Security Symposium}, year = 2014, editor = {Kevin Fu}, month = aug, organization = {USENIX} }