Dictionary Attack on IMU-based Gait Authentication

TL;DR

This work interrogates the security of smartphone-based IMU gait authentication by introducing a dictionary attack that collects a spectrum of IMU gait patterns produced by imitators. A dictionary of 178 patterns from 9 imitators is evaluated against 55 genuine-user models across multiple sensors and classifiers, revealing substantial increases in false acceptance and overall error when a close dictionary match is used. The results challenge the notion that IMU gait is inherently hard to spoof and highlight the practical risk posed by adversaries who can reproduce target gait patterns on demand. The study also discusses broader implications for behavioral biometrics and outlines avenues for defense, including larger datasets and robust countermeasures across devices and modalities.

Abstract

We present a novel adversarial model for authentication systems that use gait patterns recorded by the inertial measurement unit (IMU) built into smartphones. The attack idea is inspired by and named after the concept of a dictionary attack on knowledge (PIN or password) based authentication systems. In particular, this work investigates whether it is possible to build a dictionary of IMUGait patterns and use it to launch an attack or find an imitator who can actively reproduce IMUGait patterns that match the target's IMUGait pattern. Nine physically and demographically diverse individuals walked at various levels of four predefined controllable and adaptable gait factors (speed, step length, step width, and thigh-lift), producing 178 unique IMUGait patterns. Each pattern attacked a wide variety of user authentication models. The deeper analysis of error rates (before and after the attack) challenges the belief that authentication systems based on IMUGait patterns are the most difficult to spoof; further research is needed on adversarial models and associated countermeasures.

Figures (9)

• Figure 1: Physical characteristics of genuine users and selected imitators. We could gather the physical characteristics of only $48$ genuine users. Thus, there are only $48$ blue dots, while nine orange dots indicating impostors are plotted for each characteristic.
• Figure 2: Dictionary data collection setup. Chalk and wire markers show different step lengths and width settings. The speed controller is on the dashboard as indicated, and the thigh lift markers are on the limbs of the treadmill (invisible in this view of the picture).
• Figure 3: Upper-left: speed, Upper-right: Step-length, Lower-left: Step-width, Lower-right: Thigh-lift. For nine imitators, EDA revealed an interesting relationship between the four gait factors and dominant features (defined by TreadmillAttack). We can observe that adjusting the same gait factor for different imitators affects the feature values differently. This provides a pictorial insight into why IMUGait patterns are unique for different users. For example, we can look at the upper left figure; the impact on the feature named $nop\_x$ is the opposite for a change in speed for imitators I7 (correlation coefficient is +0.7) and I8 (correlation coefficient is -0.75). Similarly, in the bottom-right figure, the impact on the feature names $nop\_y$ significantly differs for imitators I4 and I7. More than 77% of the correlations were statistically significant at $\alpha =0.05$, indicating a strong relationship between gait factors and features.
• Figure 4: These heatmaps demo the overlap of the data in different frames created from the raw sensor data collected in the same and different settings. The same settings overlap was computed using windows of data collected at different times. In general, we observed higher histogram overlap for the data collected in the same settings of individual gait factors compared to the data collected in different settings of the gait factors in most cases. For example, the upper-left heatmap suggests that the window of data collected at short step length has a higher overlap (0.863) with the data collected at the same setting at a different time compared to the data collected at normal (0.711), long (0.762), and longer (0.665) step lengths. Similarly, the lower-left heatmap suggests that the window of data collected at thigh-lift back highly overlaps (0.889) with the window of data collected at the same setting but at different time intervals compared to the overlap with the windows of data collected at thigh-lift normal (0.630), front (0.648), and up (0.681). The plotted numbers are the average histogram intersections computed over at least nine windows of $8$ seconds of data for the accelerometer's x-axis. Each of the histogram computations used $80$ bins of equal width. We observed similar phenomena for different axes of the same and different sensors.
• Figure 5: The mean error rates achieved by different classifiers for different sensor combinations under the zero-effort and dictionary-effort circumvention scenario. The numbers are rounded up to the nearest integer percentage. The first heatmap reports the FAR under a zero-effort attack, followed by the heatmap presenting the FAR under a dictionary-attack scenario, facilitating a glance at the damage caused. The goal of the dictionary attack is to bypass the authentication system, which means it impacts only the FAR while FRR remains as it is under the zero-effort attack. For comparison of the overall impact on the authentication systems, we report Half Total Error Rate (HTER), an average of FAR and FRR and recommended by Bengio et al. BengioWhyHTER for both zero-effort and dictionary-effort scenarios. Notably, the presented error rates correspond to the dictionary's most successful entries (entries that caused the maximum increase in the FAR). The values are sorted on average of HTER.