Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
194 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
46 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Dictionary Attack on IMU-based Gait Authentication (2309.11766v2)

Published 21 Sep 2023 in cs.CR, cs.CV, cs.LG, and eess.SP

Abstract: We present a novel adversarial model for authentication systems that use gait patterns recorded by the inertial measurement unit (IMU) built into smartphones. The attack idea is inspired by and named after the concept of a dictionary attack on knowledge (PIN or password) based authentication systems. In particular, this work investigates whether it is possible to build a dictionary of IMUGait patterns and use it to launch an attack or find an imitator who can actively reproduce IMUGait patterns that match the target's IMUGait pattern. Nine physically and demographically diverse individuals walked at various levels of four predefined controllable and adaptable gait factors (speed, step length, step width, and thigh-lift), producing 178 unique IMUGait patterns. Each pattern attacked a wide variety of user authentication models. The deeper analysis of error rates (before and after the attack) challenges the belief that authentication systems based on IMUGait patterns are the most difficult to spoof; further research is needed on adversarial models and associated countermeasures.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (70)
  1. Defending Touch-based Continuous Authentication Systems from Active Adversaries Using Generative Adversarial Networks. In IEEE International Joint Conference on Biometrics, Under Review (Shenzhen, China). IEEE.
  2. GANTouch: An Attack-Resilient Framework for Touch-Based Continuous Authentication System. IEEE Transactions on Biometrics, Behavior, and Identity Science 4, 4 (2022), 533–543. https://doi.org/10.1109/TBIOM.2022.3206321
  3. Identifying people from gait pattern with accelerometers. In Biometric Technology for Human Identification II, Anil K. Jain and Nalini K. Ratha (Eds.), Vol. 5779. International Society for Optics and Photonics, SPIE, 7 – 14. https://doi.org/10.1117/12.603331
  4. Continuous User Authentication Using Smartwatch Motion Sensor Data. In Trust Management XII, Nurit Gal-Oz and Peter R. Lewis (Eds.). Springer International Publishing.
  5. Confidence measures for multimodal identity verification. Information Fusion ([n. d.]). http://www.sciencedirect.com/science/article/pii/S1566253502000891
  6. Christoph Busch. 2012. ISO/IEC Standard 24745 - Biometric Information Protection. https://christoph-busch.de/files/Busch-EAB-ISO-24745-120713.pdf. Online; accessed October 11, 2019.
  7. SMOTE: Synthetic Minority Over-sampling Technique. J. Artif. Intell. Res. (JAIR) 16 (01 2002), 321–357. https://doi.org/10.1613/jair.953
  8. Patrick Connor and Arun Ross. 2018. Biometric recognition by gait: A survey of modalities and features. Computer Vision and Image Understanding 167 (2018), 1 – 27. https://doi.org/10.1016/j.cviu.2018.01.007
  9. Mohammad Derawi and Patrick Bours. 2013. Gait and Activity Recognition Using Commercial Phones. Comput. Secur. 39 (Nov. 2013), 137–144. https://doi.org/10.1016/j.cose.2013.07.004
  10. Unobtrusive User-Authentication on Mobile Phones Using Biometric Gait Recognition. In Proceedings of the 2010 Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP ’10). IEEE Computer Society, Washington, DC, USA, 306–311. https://doi.org/10.1109/IIHMSP.2010.83
  11. SHEEP, GOATS, LAMBS and WOLVES: a statistical analysis of speaker performance in the NIST 1998 speaker recognition evaluation. In ICSLP.
  12. When Your Fitness Tracker Betrays You: Quantifying the Predictability of Biometric Features Across Contexts. In 2018 IEEE Symposium on Security and Privacy (SP). 889–905. https://doi.org/10.1109/SP.2018.00053
  13. Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication. IEEE-TIFS 8, 1 (Jan 2013), 136–148. https://doi.org/10.1109/TIFS.2012.2225048
  14. D. Gafurov. 2007. Security Analysis of Impostor Attempts with Respect to Gender in Gait Biometrics. In 2007 First IEEE International Conference on Biometrics: Theory, Applications, and Systems. 1–6. https://doi.org/10.1109/BTAS.2007.4401905
  15. Biometric Gait Authentication Using Accelerometer Sensor. Journal of Computers 1 (11 2006). https://doi.org/10.4304/jcp.1.7.51-59
  16. Davrondzhon Gafurov and Einar Snekkenes. 2009. Gait Recognition Using Wearable Motion Recording Sensors. EURASIP J. Adv. Signal Process 2009, Article 7 (Jan. 2009), 16 pages. https://doi.org/10.1155/2009/415817
  17. Gait Authentication and Identification Using Wearable Accelerometer Sensor. In Automatic Identification Advanced Technologies, 2007 IEEE Workshop on. 220–225. https://doi.org/10.1109/AUTOID.2007.380623
  18. Spoof Attacks on Gait Authentication System. Trans. Info. For. Sec. 2, 3 (Sept. 2007), 491–502. https://doi.org/10.1109/TIFS.2007.902030
  19. Robustness of Biometric Gait Authentication Against Impersonation Attack. In On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops, Robert Meersman, Zahir Tari, and Pilar Herrero (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg.
  20. Acoustic Gait-based Person Identification Using Hidden Markov Models. In Proceedings of the 2014 Workshop on Mapping Personality Traits Challenge and Workshop (Istanbul, Turkey) (MAPTRAITS ’14). ACM, New York, NY, USA, 25–30. https://doi.org/10.1145/2668024.2668027
  21. IDeAuth: A novel behavioral biometric-based implicit deauthentication scheme for smartphones. Pattern Recognition Letters 157 (May 2022), 8–15. https://doi.org/10.1016/j.patrec.2022.03.011
  22. Biometric gait recognition for mobile devices using wavelet transform and support vector machines. In 2012 19th International Conference on Systems, Signals and Image Processing (IWSSIP). 205–210.
  23. Kjetil Holien. 2008. Gait recognition under non-standard circumstances. In Department of Computer Science and Media Technology, Gjøvik University College.
  24. An Introduction to Biometric Recognition. IEEE Trans. Cir. and Sys. for Video Technol. 14, 1 (Jan. 2004), 4–20. https://doi.org/10.1109/TCSVT.2003.818349
  25. A. H. Johnston and G. M. Weiss. 2015. Smartwatch-based biometric gait recognition. In 2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS). 1–6. https://doi.org/10.1109/BTAS.2015.7358794
  26. Gait-ID on the move: Pace independent human identification using cell phone accelerometer dynamics. In 2012 IEEE Fifth International Conference on Biometrics: Theory, Applications and Systems (BTAS). 8–15. https://doi.org/10.1109/BTAS.2012.6374552
  27. Treadmill Assisted Gait Spoofing (TAGS): An Emerging Threat to Wearable Sensor-based Gait Authentication. ACM Journal of Digital Threats: Research and Practice (2021).
  28. Continuous authentication using one-class classifiers and their fusion. In 2018 IEEE 4th International Conference on Identity, Security, and Behavior Analysis (ISBA). 1–8. https://doi.org/10.1109/ISBA.2018.8311467
  29. Authenticating users through their arm movement patterns. CoRR abs/1603.02211 (2016). http://arxiv.org/abs/1603.02211
  30. Treadmill attack on gait-based authentication systems. In 2015 IEEE (BTAS-2015). 1–8. https://doi.org/10.1109/BTAS.2015.7358801
  31. Cell phone-based biometric identification. In IEEE-BTAS. 1–7. https://doi.org/10.1109/BTAS.2010.5634532
  32. Wei-Han Lee and Ruby B. Lee. 2017. Implicit Smartphone User Authentication with Sensors and Contextual Machine Learning. CoRR abs/1708.09754 (2017). arXiv:1708.09754 http://arxiv.org/abs/1708.09754
  33. Identifying users of portable devices from gait pattern with accelerometers. In Proceedings. (ICASSP ’05). IEEE International Conference on Acoustics, Speech, and Signal Processing, 2005., Vol. 2. ii/973–ii/976 Vol. 2. https://doi.org/10.1109/ICASSP.2005.1415569
  34. Maria De Marsico and Alessio Mecca. 2019. A Survey on Gait Recognition via Wearable Sensors. ACM Comput. Surv. 52, 4, Article 86 (Aug. 2019), 39 pages. https://doi.org/10.1145/3340293
  35. A floor sensor system for gait recognition. In Fourth IEEE Workshop on Automatic Identification Advanced Technologies (AutoID’05). 171–176. https://doi.org/10.1109/AUTOID.2005.2
  36. Walk the Walk: Attacking Gait Biometrics by Imitation. In Information Security. Lecture Notes in Computer Science, Vol. 6531. Springer Berlin Heidelberg, 361–380.
  37. Bendik B. Mjaaland. 2009. NNTU, Open. In 2007 First IEEE International Conference on Biometrics: Theory, Applications, and Systems. "https://ntnuopen.ntnu.no/ntnu-xmlui/bitstream/handle/11250/261802/347750_FULLTEXT01.pdf"
  38. Bendik B. Mjaaland. 2010. The Plateau: Imitation Attack Resistance of Gait Biometrics. In Policies and Research in Identity Management, Elisabeth de Leeuw, Simone Fischer-Hübner, and Lothar Fritsch (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 100–112.
  39. Jun Hyung Mo and Rajesh Kumar. 2022. iCTGAN–An Attack Mitigation Technique for Random-vector Attack on Accelerometer-based Gait Authentication Systems. arXiv:2210.00615 [cs.CR]
  40. Muhammad Muaaz and Rene Mayrhofer. 2014. Orientation Independent Cell Phone Based Gait Authentication. In Proceedings of the 12th International Conference on Advances in Mobile Computing and Multimedia. ACM, New York, NY, USA. https://doi.org/10.1145/2684103.2684152
  41. Muhammad Muaaz and René Mayrhofer. 2017. Smartphone-Based Gait Recognition: From Authentication to Imitation. IEEE Transactions on Mobile Computing 16 (2017), 3209–3221.
  42. M. Muaaz and C. Nickel. 2012. Influence of different walking speeds and surfaces on accelerometer-based biometric gait recognition. In 2012 35th International Conference on Telecommunications and Signal Processing (TSP). https://doi.org/10.1109/TSP.2012.6256346
  43. K. Nandakumar and A. K. Jain. 2015. Biometric Template Protection: Bridging the performance gap between theory and practice. IEEE Signal Processing Magazine (Sep. 2015).
  44. Classification of acceleration data for biometric gait recognition on mobile devices. In BIOSIG 2011 – Proceedings of the Biometrics Special Interest Group, Arslan Brömme and Christoph Busch (Eds.). Gesellschaft für Informatik e.V., Bonn, 57–66.
  45. Using Hidden Markov Models for accelerometer-based biometric gait recognition. In 2011 IEEE 7th International Colloquium on Signal Processing and its Applications. 58–63. https://doi.org/10.1109/CSPA.2011.5759842
  46. National Institute of Standards and Technology. 2016. Strength of Function for Authenticators - Biometrics (SOFA-B). https://www.nist.gov/system/files/documents/2020/07/30/08_newton_biometrics_presentation_final.pdf. Online; accessed February 8, 2020.
  47. Context-Aware Active Authentication Using Smartphone Accelerometer Measurements. In The IEEE Conference on Computer Vision and Pattern Recognition (CVPR) Workshops.
  48. People Identification Using Gait Via Floor Pressure Sensing and Analysis. Springer Berlin Heidelberg, Berlin, Heidelberg.
  49. Snoop-Forge-Replay Attacks on Continuous Verification With Keystrokes. Information Forensics and Security, IEEE Transactions on 8, 3 (March 2013), 528–541. https://doi.org/10.1109/TIFS.2013.2244091
  50. An Analysis of Minutiae Matching Strength. In AVBPA ’01.
  51. A Wearable Acceleration Sensor System for Gait Recognition. In 2007 2nd IEEE Conference on Industrial Electronics and Applications. 2654–2659. https://doi.org/10.1109/ICIEA.2007.4318894
  52. Bruce Schneier. 1999. Inside Risks: The Uses and Abuses of Biometrics. Commun. ACM 42, 8 (Aug. 1999), 136–. https://doi.org/10.1145/310930.310988
  53. Abdul Serwadda and Vir V. Phoha. 2013a. Examining a Large Keystroke Biometrics Dataset for Statistical-Attack Openings. ACM-TISSEC 16, 2, Article 8 (Sept. 2013), 30 pages. https://doi.org/10.1145/2516960
  54. Abdul Serwadda and Vir V. Phoha. 2013b. When Kids’ Toys Breach Mobile Phone Security. In ACM-CCS ’13 (Berlin, Germany). 12 pages. https://doi.org/10.1145/2508859.2516659
  55. Toward Robotic Robbery on the Touch-Screen. ACM-TISSEC (2016).
  56. ZEMFA: Zero-Effort Multi-Factor Authentication based on Multi-Modal Gait Biometrics. In 2019 17th International Conference on Privacy, Security and Trust (PST). 1–10. https://doi.org/10.1109/PST47121.2019.8949032
  57. Body-Taps: Authenticating Your Device Through Few Simple Taps. In 2018 IEEE 9th International Conference on Biometrics Theory, Applications and Systems (BTAS). 1–8.
  58. Øyvind Stang. 2007. Gait analysis: Is it easy to learn to walk like someone else?, Master’s Thesis. GjØvik University College- Department of Computer Science and Media Technology (2007).
  59. Orientation invariant gait matching algorithm based on the Kabsch alignment. In IEEE International Conference on Identity, Security and Behavior Analysis (ISBA 2015). 1–8. https://doi.org/10.1109/ISBA.2015.7126347
  60. Gait identification using accelerometer on mobile phone. In 2012 International Conference on Control, Automation and Information Sciences (ICCAIS). 344–348. https://doi.org/10.1109/ICCAIS.2012.6466615
  61. A Survey on Gait Recognition. ACM Comput. Surv. 51, 5, Article 89 (Aug. 2018), 35 pages. https://doi.org/10.1145/3230633
  62. Gait Recognition Using Wifi Signals. In Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing (Heidelberg, Germany) (UbiComp ’16). ACM, New York, NY, USA, 363–373. https://doi.org/10.1145/2971648.2971670
  63. AcousticID: Gait-based Human Identification Using Acoustic Signal. Proc. ACM Interact. Mob. Wearable Ubiquitous Technol. 3, 3, Article 115 (Sept. 2019), 25 pages. https://doi.org/10.1145/3351273
  64. Infrared gait recognition based on wavelet transform and support vector machine. Pattern Recognition 43, 8 (2010), 2904 – 2910. https://doi.org/10.1016/j.patcog.2010.03.011
  65. Neil Yager and Ted Dunstone. 2010. The Biometric Menagerie. IEEE transactions on pattern analysis and machine intelligence 32 (02 2010), 220–30. https://doi.org/10.1109/TPAMI.2008.291
  66. BAE Systems Information Yu Zhong and Electronic Systems Integration Inc. 2015. Method for sensor orientation invariant gait analysis using gyroscopes. In United States Patents, US20160192863A1.
  67. Y. Zhong and Y. Deng. 2014. Sensor orientation invariant mobile gait biometrics. In IEEE International Joint Conference on Biometrics. 1–8. https://doi.org/10.1109/BTAS.2014.6996246
  68. Pace independent mobile gait biometrics. In 2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS). 1–8. https://doi.org/10.1109/BTAS.2015.7358784
  69. On the Resilience of Biometric Authentication Systems against Random Inputs. In NDSS.
  70. Sebastijan Šprager and Matjaz Juric. 2015. Inertial Sensor-Based Gait Recognition: A Review. Sensors 15 (09 2015), 22089–22127. https://doi.org/10.3390/s150922089

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now