Academic researchers have developed a fast, accurate face-recognition technology that could be used in security systems. The approach, developed at Florida Atlantic University (FAU), could identify people wearing disguises and cope with other factors that typically challenge face-recognition technology, such as the ambient level of illumination, viewing angle, and variations in pose and facial expression.

This could make face-recognition software—developed in the 1960s, refined in the late 1980s, and commercialized in the mid-1990s—truly useful for applications such as biometric authentication at building entrances and international border crossings. The applications could also be used for structure-access and automatic-teller security, as well as crime investigation.

The technology hasn't been practical for these purposes so far because it has been computationally complex and unacceptably inaccurate. The technology will have to be more precise, speedy, and affordable for government agencies and corporations to use it in security applications.

FAU doctoral candidate Lin Huang and professors Hanqi Zhuang and Salvatore Morgera—now chair of and professor in the University of South Florida's Department of Electrical Engineering—tried to address these concerns in the system they developed.

Face recognition is challenging because different faces have both distinguishing and similar features, explained Huang.

Early systems simply measured distances between and the relative positions of major facial features, including the eyes, nose, and mouth. Subsequent methods used spatial data mapping and statistical approaches for feature extraction and classification, and later employed more sophisticated statistical analysis.

The FAU team's technology uses Gabor wavelets to analyze multidimensional, face-related data. According to Zhuang, Gabor-wavelet analysis compresses data without significantly decreasing its integrity. This considerably reduces the amount of processing power that face recognition requires without compromising accuracy, even with low-resolution images.

Other techniques, such as principal component analysis, also reduce computational complexity, Zhuang added.

The research team tested its system's performance on a database of 400 small images of 40 subjects and found that it recognized faces faster than previous approaches. Accurate identification of subjects occurred 81 percent of the time, 97 percent when they added voice recognition, according to Zhuang.

He said his team is contacting companies that work with biometric authentication to determine whether they want to incorporate the technology in their systems. He expressed hope the approach will be commercialized within the next five years.

Security experts say a clever Trojan that steals banking and other personal online information has recently infected hundreds of thousands of Windows PCs.

The Trojan—known as Clampi, Ligats, Ilomo, or Rscan—is among today's stealthiest and most pervasive threats to Windows systems, according to Jon Ramsey, chief technology officer for vendor SecureWorks.

Security experts first detected Clampi in 2007, but it began spreading quickly through Windows-based networks only during the past few months.

Hackers controlling the Trojan have recently given it the ability to go back to their command-and-control server so that they can tweak the malware to avoid detection and add functionality, said Kiran Bandla, a researcher for CA's Internet Security Business Unit. Clampi can thus steal more information and propagate more easily on networks of Windows computers than before.

According to Ramsey, experts have not yet determined Clampi's initial infection vector but say it is probably the result of a vulnerability with a browser's ActiveX or Flash plug-in—exploited when a user visits an infected site—that could ultimately cause problems such as a buffer overflow. At this point, victims would unwittingly download the malware in what is called a drive-by infection.

When Clampi infects a networked machine, it copies itself and then spreads to other computers on the network utilizing the PsExec tool, generally used to let administrators execute programs on remote systems.

Don DeBolt, director of threat research for security vendor CA's Internet Security Business Unit, said the Clampi hackers have also inserted a hidden iFrame—a document within a document—into 4,500 websites, mostly those belonging to financial institutions, e-commerce operations, credit-card companies, online casinos, utilities, advertising networks, stock brokerages, mortgage lenders, file-upload sites, and ISPs, said DeBolt.

Ramsey said SecureWorks has examined Clampi's code and identified 1,400 of the compromised sites, which are based in 70 countries.

When users with infected machines visit one of the compromised sites, they inadvertently access the iFrame. If they enter private information, thinking they are communicating securely with the website, code in the iFrame steals logins, passwords, credit-card numbers, and other details, and sends them to the hackers.

Clampi's controllers recently used acquired information to steal about $75,000 from an auto parts store in the US.

The Trojan also acts as a proxy server for criminals to anonymize their activity when logging into stolen accounts by letting them route communications through a victim's compromised computer. This also bypasses security procedures triggered when someone logs in from an IP address that a website doesn't recognize.

Clampi converts its x86 instruction set into a code that only its virtual machine can interpret and execute, which keeps people from cracking the hacker's software, according to DeBolt.

The Trojan stores most of its malicious code in the Windows registry and almost never writes to the hard drive, allowing it to evade most antivirus software, he added.

The malware protects its executable file and the data it sends back to its controllers with 448-bit Blowfish and 2,048-bit RSA encryption, explained Ramsey.

Panda Security's PandaLabs has detected 50 Clampi variants so far, said Sean-Paul Correll, a company threat researcher. Clampi appears to be run by a single organized-crime group operating out of Eastern Europe, according to Ramsey.

SecureWorks recommends that users work with a dedicated computer—separate from the machine they usually use online—for banking and other sensitive Internet activities to eliminate the risk of drive-by infections.

And, Correll said, users should practice good computer hygiene.

News Briefs written by Linda Dailey Paulson, a freelance technology writer based in Portland, Oregon. Contact her at ldpaulson@yahoo.com.

Israeli researchers have developed a system for automatically determining the background of ancient documents. They say their approach promises to revolutionize humanities research.

The system would let academics worldwide focus their efforts on examining documents online rather than on having to travel abroad and manually perform tasks such as comparing texts to identify key similarities, said Ben Gurion University of the Negev researcher Itay Bar-Yosef.

A Ben Gurion University of the Negev team developed the application, which can index and analyze handwritten texts to identify who wrote them, and also determine where and when they were written.

The technology is important because it can quickly analyze the many ancient documents that are degrading over the years, Bar-Yosef said.

The system can index document collections based on categories such as writer and originating location or time period. The indexing capabilities let users conduct searches of texts, Bar-Yosef explained.

In examining a document, the system uses image-analysis and -processing techniques to separate the text from the background, which eliminates many of the problems encountered in examining old documents damaged by poor storage conditions. The application then utilizes image processing again to segment the content by line and by word.

It uses pattern recognition for various tasks such as character recognition, as well as the analysis of a database of ancient authors' known writing styles to try to identify the writers of those documents under study. The approach looks for patterns in the writing, the text's geometric features, and how characters were formed.

The system determines where and when a document was written by its similarity to already-analyzed texts. The technology uses statistical-learning techniques to improve its analysis without human intervention.

It can analyze large document collections scattered among different digital libraries and can find fragments of documents from different sources written by the same author, noted Bar-Yosef. He said a person would need years to complete these tasks manually.

The researchers are using their system primarily with Arabic and Hebrew texts written between 870 and 1880 AD, but the algorithms could work with other languages, he explained.

He said a fully operational system should be ready within two years and will be released publicly for academic research.