Performance and security analysis of Gait-based user authentication

Verifying the identity of a user, usually referred to as user authentication, before granting access to the services or objects is a very important step in many applications. People pass through some sorts of authentication process in their daily life. For example, to prove having access to the computer the user is required to know a password. Similarly, to be able to activate a mobile phone the owner has to know its PIN code, etc. Some user authentication techniques are based on human physiological or behavioral characteristics such as fingerprints, face, iris and so on. Authentication methods differ in their advantages and disadvantages, e.g. PIN codes and passwords have to be remembered, eye-glasses must be taken off for face authentication, etc. Security and usability are important aspects of user authentication. The usability aspect relates to the unobtrusiveness, convenience and user-friendliness of the authentication technique. Security is related to the robustness of the authentication method against attacks. Recent advances in electronic chip development offer new opportunities for person authentication based on his gait (walking style) using small, light and cheap sensors. One of the primary advantages of this approach is that it enables unobtrusive user authentication. Although studies on human recognition based on gait indicate encouraging performances, the security per se (i.e. robustness and/or vulnerability) of gait-based recognition systems has received little or no attention. The overall goal of the work presented in this thesis is on performance and security analysis of gait-based user authentication. The nature of the contributions is not on developing novel algorithms, but rather on enhancing existing approaches in gait-based recognition using small and wearable sensors, and developing new knowledge on security and uniqueness of gait. The three main research questions addressed in this thesis are: (1) What are the performances of recognition methods that are based on the motion of particular body parts during gait? (2) How robust is the gait-based user authentication? (3) What aspects do influence the uniqueness of human gait? In respect to the first research question, the thesis identifies several locations on the body of the person, whose motion during gait can provide identity information. These body parts include hip, trouser pockets, arm and ankle. Analysis of acceleration signals indicates that movements of these body segments have some discriminative power. This might make these modalities suitable as an additional factor in multi-factor authentication. For the research question on security as far as we know, this thesis is the first extensive analysis of gait authentication security (in case of hip motion). A gait-based authentication system is studied under three attack scenarios. These attack scenarios include a minimal effort-mimicry (with restricted time and number of attempts), knowing the closest person in the database (in terms of gait similarity) and knowing the gender of the user in the database. The findings of the thesis reveal that the minimal effort mimicking does not help to improve the acceptance chances of impostors. However, impostors who know their closest person in the database or the genders of the users in the database can be a threat to gait-based authentication systems. In the third research question, the thesis provides some insights towards understanding the uniqueness of gait in case of ankle/foot motion. In particular, it reveals the following: heavy footwear tends to diminish foot discriminativeness; a sideway motion of the foot provides the most discrimination, compared to an up-down or forward-backward direction of the motion; and different parts of the gait cycle provide different level of discrimination. In addition, the thesis proposes taxonomy of user recognition methods based on gait. In addition, the thesis work has also resulted in the follwoing paper which is closely related or overlapping with papers mentioned below. Davrondzhon Gafurov, Kirsi Helkala and Torkjel Søndrol, Biometric Gait Authentication Using Accelerometer Sensor, Journal of Computers, 1(7), pp.51-59, 2006: http://www.academypublisher.com/jcp/vol01/no07/jcp01075159.pdf List of papers. The 8 research papers that constitute the main research part of the thesis are

Pseudo Identities Based on Fingerprint Characteristics

This paper presents the integrated project TURBINE which is funded under the EU 7th research framework programme. This research is a multi-disciplinary effort on privacy enhancing technology, combining innovative developments in cryptography and fingerprint recognition. The objective of this project is to provide a breakthrough in electronic authentication for various applications in the physical world and on the Internet. On the one hand it will provide secure identity verification thanks to fingerprint recognition. On the other hand it will reliably protect the biometric data through advanced cryptography technology. In concrete terms, it will provide the assurance that (i) the data used for the authentication, generated from the fingerprint, cannot be used to restore the original fingerprint sample, (ii) the individual will be able to create different "pseudo-identities" for different applications with the same fingerprint, whilst ensuring that these different identities (and hence the related personal data) cannot be linked to each other, and (iii) the individual is enabled to revoke an biometric identifier (pseudo-identity) for a given application in case it should not be used anymore

Gait Recognition Using Wearable Motion Recording Sensors

This paper presents an alternative approach, where gait is collected by the sensors attached to the person's body. Such wearable sensors record motion (e.g. acceleration) of the body parts during walking. The recorded motion signals are then investigated for person recognition purposes. We analyzed acceleration signals from the foot, hip, pocket and arm. Applying various methods, the best EER obtained for foot-, pocket-, arm- and hip- based user authentication were 5%, 7%, 10% and 13%, respectively. Furthermore, we present the results of our analysis on security assessment of gait. Studying gait-based user authentication (in case of hip motion) under three attack scenarios, we revealed that a minimal effort mimicking does not help to improve the acceptance chances of impostors. However, impostors who know their closest person in the database or the genders of the users can be a threat to gait-based authentication. We also provide some new insights toward the uniqueness of gait in case of foot motion. In particular, we revealed the following: a sideway motion of the foot provides the most discrimination, compared to an up-down or forward-backward directions; and different segments of the gait cycle provide different level of discrimination

Biometric Gait Authentication Using Accelerometer Sensor

Abstract — This paper presents a biometric user authentication based on a person’s gait. Unlike most previous gait recognition approaches, which are based on machine vision techniques, in our approach gait patterns are extracted from a physical device attached to the lower leg. From the output of the device accelerations in three directions: vertical, forward-backward, and sideways motion of the lower leg are obtained. A combination of these accelerations is used for authentication. Applying two different methods, histogram similarity and cycle length, equal error rates (EER) of 5% and 9 % were achieved, respectively. Index Terms — security, biometric, gait recognition, sensorbased gait, unobtrusive authentication, leg acceleratio

Continuous user authentication using smartwatch motion sensor data

© IFIP International Federation for Information Processing 2018. Smartwatches, which contain an accelerometer and gyroscope, have recently been used to implement gait/activity-based biometrics. However, many research questions have not been addressed in the prior work such as the training and test data was collected in the same day from a limited dataset, using unrealistic activities (e.g., punch) and/or the authors did not carry out any particular study to identify the most discriminative features. This paper aims to highlight the impact of these factors on the biometric performance. The acceleration and gyroscope data of the gait and game activity was captured from 60 users over multiple days, which resulted in a totally of 24 h of the user’s movement. Segment-based approach was used to divide the time-series acceleration and gyroscope data. When the cross-day evaluation was applied, the best obtained EER was 0.69%, and 4.54% for the walking and game activities respectively. The EERs were significantly reduced into 0.05% and 2.35% for the above activities by introducing the majority voting schema. These results were obtained by utilizing a novel feature selection process in which the system minimizing the number of features and maximizing the discriminative information. The results have shown that smartwatch-based activity recognition has significant potential to recognize individuals in a continuous and user friendly approach