Gait-Based Identification Using Wearables in the Personal Fog

Wearables are becoming more computationally powerful, with increased sensing and control capabilities, creating a need for accurate user authentication. Greater control and power allow wearables to become part of a personal fog system, but introduces new attack vectors. An attacker that steals a wearable can gain access to stored personal data on the wearable. However, the new computational power can also be employed to safeguard use through more secure authentication. The wearables themselves can now perform authentication. In this paper, we use gait identification for increased authentication when potentially harmful commands are requested. We show how the relying on the processing and storage inherent in the personal fog allows distributed storage of information about the gait of the wearer and the ability to fully process this data for user authentication locally at the edge. While gait-based authentication has been examined before, we show an additional, low-power method of verification for wearables

Continuous and transparent multimodal authentication: reviewing the state of the art

Individuals, businesses and governments undertake an ever-growing range of activities online and via various Internet-enabled digital devices. Unfortunately, these activities, services, information and devices are the targets of cybercrimes. Verifying the user legitimacy to use/access a digital device or service has become of the utmost importance. Authentication is the frontline countermeasure of ensuring only the authorized user is granted access; however, it has historically suffered from a range of issues related to the security and usability of the approaches. They are also still mostly functioning at the point of entry and those performing sort of re-authentication executing it in an intrusive manner. Thus, it is apparent that a more innovative, convenient and secure user authentication solution is vital. This paper reviews the authentication methods along with the current use of authentication technologies, aiming at developing a current state-of-the-art and identifying the open problems to be tackled and available solutions to be adopted. It also investigates whether these authentication technologies have the capability to fill the gap between high security and user satisfaction. This is followed by a literature review of the existing research on continuous and transparent multimodal authentication. It concludes that providing users with adequate protection and convenience requires innovative robust authentication mechanisms to be utilized in a universal level. Ultimately, a potential federated biometric authentication solution is presented; however it needs to be developed and extensively evaluated, thus operating in a transparent, continuous and user-friendly manner

Active User Authentication for Smartphones: A Challenge Data Set and Benchmark Results

In this paper, automated user verification techniques for smartphones are investigated. A unique non-commercial dataset, the University of Maryland Active Authentication Dataset 02 (UMDAA-02) for multi-modal user authentication research is introduced. This paper focuses on three sensors - front camera, touch sensor and location service while providing a general description for other modalities. Benchmark results for face detection, face verification, touch-based user identification and location-based next-place prediction are presented, which indicate that more robust methods fine-tuned to the mobile platform are needed to achieve satisfactory verification accuracy. The dataset will be made available to the research community for promoting additional research.Comment: 8 pages, 12 figures, 6 tables. Best poster award at BTAS 201

PATH: Person Authentication using Trace Histories

In this paper, a solution to the problem of Active Authentication using trace histories is addressed. Specifically, the task is to perform user verification on mobile devices using historical location traces of the user as a function of time. Considering the movement of a human as a Markovian motion, a modified Hidden Markov Model (HMM)-based solution is proposed. The proposed method, namely the Marginally Smoothed HMM (MSHMM), utilizes the marginal probabilities of location and timing information of the observations to smooth-out the emission probabilities while training. Hence, it can efficiently handle unforeseen observations during the test phase. The verification performance of this method is compared to a sequence matching (SM) method , a Markov Chain-based method (MC) and an HMM with basic Laplace Smoothing (HMM-lap). Experimental results using the location information of the UMD Active Authentication Dataset-02 (UMDAA02) and the GeoLife dataset are presented. The proposed MSHMM method outperforms the compared methods in terms of equal error rate (EER). Additionally, the effects of different parameters on the proposed method are discussed.Comment: 8 pages, 9 figures. Best Paper award at IEEE UEMCON 201

Performance and security analysis of Gait-based user authentication

Verifying the identity of a user, usually referred to as user authentication, before granting access to the services or objects is a very important step in many applications. People pass through some sorts of authentication process in their daily life. For example, to prove having access to the computer the user is required to know a password. Similarly, to be able to activate a mobile phone the owner has to know its PIN code, etc. Some user authentication techniques are based on human physiological or behavioral characteristics such as fingerprints, face, iris and so on. Authentication methods differ in their advantages and disadvantages, e.g. PIN codes and passwords have to be remembered, eye-glasses must be taken off for face authentication, etc. Security and usability are important aspects of user authentication. The usability aspect relates to the unobtrusiveness, convenience and user-friendliness of the authentication technique. Security is related to the robustness of the authentication method against attacks. Recent advances in electronic chip development offer new opportunities for person authentication based on his gait (walking style) using small, light and cheap sensors. One of the primary advantages of this approach is that it enables unobtrusive user authentication. Although studies on human recognition based on gait indicate encouraging performances, the security per se (i.e. robustness and/or vulnerability) of gait-based recognition systems has received little or no attention. The overall goal of the work presented in this thesis is on performance and security analysis of gait-based user authentication. The nature of the contributions is not on developing novel algorithms, but rather on enhancing existing approaches in gait-based recognition using small and wearable sensors, and developing new knowledge on security and uniqueness of gait. The three main research questions addressed in this thesis are: (1) What are the performances of recognition methods that are based on the motion of particular body parts during gait? (2) How robust is the gait-based user authentication? (3) What aspects do influence the uniqueness of human gait? In respect to the first research question, the thesis identifies several locations on the body of the person, whose motion during gait can provide identity information. These body parts include hip, trouser pockets, arm and ankle. Analysis of acceleration signals indicates that movements of these body segments have some discriminative power. This might make these modalities suitable as an additional factor in multi-factor authentication. For the research question on security as far as we know, this thesis is the first extensive analysis of gait authentication security (in case of hip motion). A gait-based authentication system is studied under three attack scenarios. These attack scenarios include a minimal effort-mimicry (with restricted time and number of attempts), knowing the closest person in the database (in terms of gait similarity) and knowing the gender of the user in the database. The findings of the thesis reveal that the minimal effort mimicking does not help to improve the acceptance chances of impostors. However, impostors who know their closest person in the database or the genders of the users in the database can be a threat to gait-based authentication systems. In the third research question, the thesis provides some insights towards understanding the uniqueness of gait in case of ankle/foot motion. In particular, it reveals the following: heavy footwear tends to diminish foot discriminativeness; a sideway motion of the foot provides the most discrimination, compared to an up-down or forward-backward direction of the motion; and different parts of the gait cycle provide different level of discrimination. In addition, the thesis proposes taxonomy of user recognition methods based on gait. In addition, the thesis work has also resulted in the follwoing paper which is closely related or overlapping with papers mentioned below. Davrondzhon Gafurov, Kirsi Helkala and Torkjel Søndrol, Biometric Gait Authentication Using Accelerometer Sensor, Journal of Computers, 1(7), pp.51-59, 2006: http://www.academypublisher.com/jcp/vol01/no07/jcp01075159.pdf List of papers. The 8 research papers that constitute the main research part of the thesis are