Date of Award

Summer 7-16-2021

Degree Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Electrical Engineering and Computer Science

Advisor(s)

Mohan, Chilukuri K.

Second Advisor

Isik, Can

Keywords

Attack, Authentication, Gait, Security, Spoof, Wearables

Subject Categories

Computer Sciences | Electrical and Computer Engineering | Engineering | Physical Sciences and Mathematics

Abstract

Wearable sensor-based gait patterns are considered a promising means for future authentication systems. This dissertation examines whether circumvention of such systems can be accomplished by imitating sensor readings and providing external mechanical support. The specific machine that we used in the experiment was a digital treadmill, which provides a suitable platform for the human imitators to control, adjust and adapt several factors, such as speed, step-length, step-width, and thigh-lift that affect sensor readings. Moreover, it was easy for imitators to remember the gait factors' specific levels and repeat the learned pattern on-demand over a treadmill.

Two novel imitation-based attacks are explored in our work. The first harnesses the power of feedback loops, widely studied for regulating human behavior. The second utilizes the dictionary-based approach, successfully used to defeat password-based authentication systems. We also discuss how the proposed techniques apply to other authentication systems.

The effectiveness of the proposed techniques was evaluated on a newly created dataset of fifty-five genuine users and nine carefully chosen imitators. A series of user-specific authentication systems were developed and tested under zero-, dictionary-, and high-effort imitation environments. Our experimental findings suggest that adversarial samples generated with a treadmill's assistance can help circumvent wearable sensors-based gait authentication systems, necessitating reconsideration of their use in high-security environments. In the end, we discuss several possible countermeasures that would help mitigate the presented attack.

Access

Open Access

Download

Available for download on Friday, February 07, 2025

Share

COinS