iCTGANAn Attack Mitigation Technique for Random-vector Attack on Accelerometer-based Gait Authentication Systems Jun Hyung Mo
2025-05-08
0
0
812.32KB
9 页
10玖币
侵权投诉
iCTGAN–An Attack Mitigation Technique for Random-vector Attack on
Accelerometer-based Gait Authentication Systems
Jun Hyung Mo
Haverford College, USA
junmo318@gmail.com
Rajesh Kumar
Bucknell University, USA
rajesh.kumar@bucknell.edu
Abstract
A recent study showed that commonly (vanilla)
studied implementations of accelerometer-based gait
authentication systems (vABGait) are susceptible to
random-vector attack. The same study proposed a beta
noise-assisted implementation (βABGait) to mitigate the
attack. In this paper, we assess the effectiveness of the
random-vector attack on both vABGait and βABGait using
three accelerometer-based gait datasets. In addition, we
propose iABGait, an alternative implementation of ABGait,
which uses a Conditional Tabular Generative Adversarial
Network. Then we evaluate iABGait’s resilience against
the traditional zero-effort and random-vector attacks.
The results show that iABGait mitigates the impact of
the random-vector attack to a reasonable extent and
outperforms βABGait in most experimental settings. 1
1. Introduction
1.1. Gait
Gait refers to how a person walks. If captured properly,
it can be used to identify or verify one’s identity [1,
2]. While Aristotle studied it in 350 BC, human gait
became popular in the biometrics community in the 1990s
primarily due to the advancements in the means (e.g.,
cameras, force plates, 3D motion detection) that could
capture gait more precisely than ever before. Later, with the
advent and massive adaptation of smart devices, especially
smartphones and smartwatches, the study of gait attracted
even more researchers. A smart device consists of inertial
sensors, e.g., accelerometer, gyroscope, magnetometer, and
rotation vector, that help capture and characterize gait in
1© 2022 IEEE. Personal use of this material is permitted. Permission
from IEEE must be obtained for all other uses, in any current or future
media, including reprinting/republishing this material for advertising
or promotional purposes, creating new collective works, for resale or
redistribution to servers or lists, or reuse of any copyrighted component of
this work in other works. To appear in IEEE International Joint Conference
on Biometrics (IJCB 2022), Oct.10-13, 2022, Abu Dhabi, United Arab
Emirates.
ways not studied before. For example, an accelerometer
captures and characterizes gait in terms of acceleration,
and a gyroscope does the same in rotation. The gait
captured via accelerometer and gyroscope is considered
the most distinguishing among individuals [2,3]. Most
gait recording technologies can be grouped into intrusive
or constrained (cameras and force plates are used) and
non-intrusive (personal devices such as smartphones and
smartwatches). Different recording mechanisms offer
different application possibilities, such as using gait for
surveillance, identification, authentication, and healthcare
monitoring.
In this paper, we focus on Accelerometer-based Gait
Authentication Systems (ABGait) [2,3]. ABGait has
attracted the attention of defense organizations like the
Defense Advanced Research Projects Agency and The
Defense Information Systems Agency of the United States.
These agencies are in the process of implementing security
measures that will utilize a variety of behavioral biometrics,
including ABGait [4]. ABGait presumably offers immunity
to shoulder surfing, social engineering, or spoof-based
circumvention attempts [5] in addition to convenience due
to its passive and non-intrusive nature.
1.2. Accelerometer-based Gait Authentication
Previous studies have demonstrated that inertial
sensor-based gait patterns, regardless of whether the
sensors were embedded into a smartphone or smartwatch,
are sufficiently unique for individuals under different
device usage contexts [1,2]. Once the correct device-usage
context is identified using state-of-the-art human activity
recognition systems, gait recordings are segmented
into individual gait cycles or fixed-length frames (often
overlapping). Gait cycles are extracted by identifying
minima, maxima, zero crossing, or conducting phase
analysis. On the other hand, fixed-length frames are
created using a sliding window-based mechanism. The
frames of 8–12 seconds with sliding length half have
achieved superior results [3,6]. It is worth noting that
the frames of such lengths consist of multiple gait cycles.
arXiv:2210.00615v1 [cs.CR] 2 Oct 2022
For cycle-based segmentation, a distance-based metric
is usually applied to establish a match threshold for
classifying each cycle as genuine, or an impostor [5,7].
Recently researchers have focused on the extraction of
statistical and frequency domain features from the cycles
and the application of machine learning algorithms. On
the other hand, researchers have established a machine
learning pipeline to train the authentication models for the
fixed-length segmentation case. [3,6].
Authentication models trained using the fixed-length
frame with a machine learning pipeline have usually
outperformed cycle-based approaches with distance
metrics, e.g., Euclidean or Manhattan distances or distance
measures such as Dynamic Time Warping (DTW) [8,9,10].
An experiment on the same dataset showed a difference of
13.6% [10] with the frame-based training achieving 92.7%
accuracy and cycle-based approach achieving 79.1%.
Recent studies with a better machine learning pipeline have
achieved error rates under 5% [3].
Because authentication systems play an essential role
in securing users’ data and privacy, it is paramount
that the authentication systems can defend themselves
from adversarial attacks. Zhao et al. [11] examined the
vulnerability of ABGait from random-vector attacks. The
performance of ABGait is generally evaluated in terms
of the number of false accepts (or false positives) and
false rejects (false negatives). The lower these numbers
are, the better the ABGait is. However, Zhao et al. [11]
pointed out that the false-positive rates of ABGait could
be misleading as they are computed entirely based on the
impostor samples that are available at the time of testing.
Interestingly, until Zhao et al. [11], researchers had
overlooked the possibility of someone attacking ABGait
with random feature vectors with the assumption that the
attacker would know the length of the feature vectors that
are used to train the ABGait. Zhao et al. [11] showed that
ABGait accepts even uniform random inputs. Additionally,
they found that the probability of random vector acceptance
is much higher than the false-positive rates. They suggested
that the acceptance and rejection regions created during the
ABGait training are much bigger than the false accept and
false reject rates. Therefore the performance evaluation
of ABGait should include both measures, i.e., False
Acceptance Rates (FAR) and Acceptance Region (AR), to
assess the ability of ABGait to defend itself from active
adversarial attempts such as random-vector attacks [11].
1.3. Adversarial Scenarios
Its commonly believed that behavioral biometrics such
as ABGait require more effort to circumvent than physical
biometrics. However, some studies have pointed out that
ABGait is vulnerable to treadmill-assisted imitation attacks
[9] and random-vector attacks [11]. These two attack
paradigms are substantially different. The former requires
minimal system knowledge, is difficult to launch, and
requires artifacts such as a treadmill. In contrast, the latter
merely requires the generation of random vectors. However,
it also assumes that the attacker would have access to the
authentication API and the knowledge of feature space
(length of feature vectors, normalization methods, etc.)
[11]. Considering the feasibility and ease with which a
random vector attack can be executed, we focus on the same
in this study.
1.4. Possible Countermeasures
The possible countermeasures to the random-vector
attack include training the authentication models using
synthetic data. Zhao et al. [11] used synthetic
noise generated around genuine samples to train the
authentication models. The generated noise around the
genuine samples was labeled as impostors during the
training process to increase the impostor samples’ variance.
The model showed greater resilience to random-vector
attacks than the models without synthetic data-based
training. Quantitatively, the models achieved a reduced
area of the acceptance region, representing a potentially
errant input as genuine. The idea worked on the
dataset [12] that was studied in [11] but needs to be
tested on multiple datasets, including ones collected from
smartwatches. Inspired by the previous countermeasure, we
propose using Conditional Tabular Generative Adversarial
Networks (CTGAN) [13] on impostor samples to increase
the variance of the impostor samples and test its usefulness
in mitigating the random-vector attack while maintaining
the reported performance. GAN has been successfully used
to safeguard gait-based key generation from vision-based
side-channel attacks in the past [14].
1.5. Main Contributions
First, we implemented vanilla ABGait (vABGait) with
no mitigation technique in the pipeline. Then we tested the
same on three different datasets consisting of a different
number of users, samples per user, and feature set and
computed the performance measures, i.e., False Accept
Rate (FAR), False Reject Rate (FRR), Acceptance Region
(AR), and Half Total Error Rate (HTER) under the
zero-effort and random-vector attack scenarios. Second, we
included the mitigation technique proposed in Zhao et al.
[11] which resulted in (βABGait), and evaluated the same
on all three datasets using the aforementioned metrics under
the zero-effort and random-vector attack scenarios. Third,
we introduced iCTGAN, a CTGAN-assisted impostor
samples generator, in the ABGait training pipeline,
evaluated its performance on the three datasets, and
compared its performance with βABGait and vABGait.
The pre-processed dataset and code is available at [15].
摘要:
展开>>
收起<<
iCTGANAnAttackMitigationTechniqueforRandom-vectorAttackonAccelerometer-basedGaitAuthenticationSystemsJunHyungMoHaverfordCollege,USAjunmo318@gmail.comRajeshKumarBucknellUniversity,USArajesh.kumar@bucknell.eduAbstractArecentstudyshowedthatcommonly(vanilla)studiedimplementationsofaccelerometer-basedga...
声明:本站为文档C2C交易模式,即用户上传的文档直接被用户下载,本站只是中间服务平台,本站所有文档下载所得的收益归上传人(含作者)所有。玖贝云文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。若文档所含内容侵犯了您的版权或隐私,请立即通知玖贝云文库,我们立即给予删除!
相关推荐
-
2018年全国硕士研究生招生考试考研英语一真题VIP免费
2024-12-02 1 -
2017年全国硕士研究生招生考试考研英语一真题VIP免费
2024-12-02 1 -
2016年全国硕士研究生招生考试考研英语一真题VIP免费
2024-12-02 1 -
2015年全国硕士研究生招生考试考研英语一真题VIP免费
2024-12-02 1 -
2014年全国硕士研究生招生考试考研英语一真题VIP免费
2024-12-02 1 -
2013年全国硕士研究生招生考试考研英语一真题VIP免费
2024-12-02 1 -
2012年全国硕士研究生招生考试考研英语一真题VIP免费
2024-12-02 1 -
2010年全国硕士研究生招生考试考研英语一真题VIP免费
2024-12-02 4 -
2010-2020全国硕士研究生入学统一考试英语 考研英语一答案VIP免费
2024-12-02 2 -
2011年全国硕士研究生招生考试考研英语一真题VIP免费
2024-12-02 5
分类:图书资源
价格:10玖币
属性:9 页
大小:812.32KB
格式:PDF
时间:2025-05-08
作者详情
-
Adversarial and Safely Scaled Question Generation Sreehari Sankar Zhihang Dong October 19 202210 玖币0人下载
-
Adiabatic-impulse approximation in non-Hermitian Landau-Zener Model Xianqi Tong1Gao Xianlong2and Su-peng Kou1y 1Department of Physics Beijing Normal University Beijing 100000 Peoples Republic of China10 玖币0人下载
相关内容
-
2019年420联考《行测》真题(天津卷)答案及解析
分类:
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
-
2019年420联考《行测》真题(四川上半年卷)答案及解析
分类:
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
-
2019年420联考《行测》真题(内蒙古卷)答案及解析
分类:
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
-
2019年420联考《行测》真题(广西卷)答案及解析
分类:
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
-
2018年上海市公务员考试《行测》试卷(A卷)
分类:
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
渝公网安备50010702506394
