Skip to main content
SpringerLink
Log in

Walk the Walk: Attacking Gait Biometrics by Imitation

  • Conference paper
Information Security (ISC 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6531))

Included in the following conference series:

Abstract

Since advances in gait biometrics are rather new, the current volume of security testing on this feature is limited. We present a study on mimicking, or imitation, of the human gait. Mimicking is a very intuitive way of attacking a biometric system based on gait, and still this topic is almost nonexistent in the open literature. The bottom line question in our research is weather it is possible to learn to walk like someone else. If this turned out to be easy, it would have a severe effect of the potential of gait as an authentication mechanism in the future.

We have developed a software tool that uses wearable sensors to collect and analyze gait acceleration data. The research is further based on an experiment, involving extensive training of test subjects, and using various sources of feedback like video and statistical analysis. The attack scores are analyzed by regression, and the goal is to determine whether or not the participants are increasing their mimicking skills, or simply: if they are learning.

The experiment involved 50 participants enrolled into a gait authentication system. The error rates compete with state of the art gait technology, with an EER of 6.2%. The mimicking part of the experiment revealed that gait mimicking is a very difficult task, and that our physiological characteristics work against us when we try to change something as fundamental as the way we walk. The participants showed few indications of learning, and the results of most attackers even worsened over time, showing that training did nothing to help them succeed.

The research identified a natural boundary to the impostors’ performance, a point of resistance so significant that it was given a name; a plateau. The location or value of this plateau predetermines the outcome of an attack; for success it has to lie below the acceptance threshold corresponding to the Equal Error Rate (EER).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ailisto, H.J., Lindholm, M., Mantyjarvi, J., Vildjiounaite, E., Makela, S.-M.: Identifying people from gait pattern with accelerometers. In: Biometric Technology for Human Identification II. Presented at the Society of Photo-Optical Instrumentation Engineers (SPIE) Conference (2005)

    Google Scholar 

  2. Ailisto, H.J., Lindholm, M., Mantyjarvi, J., Vildjiounaite, E., Makela, S.-M.: Identifying users of portable devices from gait pattern with accelerometers. In: Proceedings of SPIE, vol. 5779 (2005)

    Google Scholar 

  3. Buvarp, T.E.: Hip movement based authentication - how will imitation affect the results? Master’s thesis, Gjøvik University College - Department of Computer Science and Media Technology (2006)

    Google Scholar 

  4. Clarke, N.L., Furnell, S.M.: Authentication of users on mobile telephones a survey of attitudes and practices. Computers & Security (2005)

    Google Scholar 

  5. Clarke, N.L., Furnell, S.M.: Mobile phone theft, plastic card and identity fraud: Findings from the 2005/06 british crime survey, http://www.homeoffice.gov.uk/rds/pdfs07/hosb1007.pdf (last visit: 15.04.2008)

  6. Clarke, R.: Biometrics in airports how to, and how not to, stop mahommed atta and friends (2003), http://www.anu.edu.au/people/Roger.Clarke/DV/BioAirports.html

  7. Oxford Dictionaries. Compact Oxford English Dictionary of Current English. 3rd edn. (2005)

    Google Scholar 

  8. Dukic, B., Katic, M.: m-order - payment model via sms within the m-banking. In: 27th International Conference on Information Technology Interfaces (2005)

    Google Scholar 

  9. Gafurov, D.: Performance and Security Analysis of Gait-based User Authentication. PhD thesis, University of Oslo (2008)

    Google Scholar 

  10. Gafurov, D., Snekkenes, E., Bours, P.: Spoof attacks on gait authentication system. Special Issue on Human Detection and Recognition (2007)

    Google Scholar 

  11. Harmel, K., Spadanuta, L.: Disney world scans fingerprint details of park visitors. The Boston Globe, September 3 (2006)

    Google Scholar 

  12. Holien, K.: Gait recognition under non-standard circumstances. Master’s thesis, Gjøvik University College - Department of Computer Science and Media Technology (2008)

    Google Scholar 

  13. Jain, A.K., Flynn, P., Ross, A.A.: Handbook of Biometrics, vol. 556. Springer, US (2008)

    Book  Google Scholar 

  14. Keogh, E.J., Pazzani, M.J.: Derivative dynamic timewarping. In: First SIAM International Conference on Data Mining, Chicago, IL (2001)

    Google Scholar 

  15. Morris, S.J.: A shoe-integrated sensor system for wireless gait analysis and real-time therapeutic feedback. PhD Thesis, Harvard University - MIT Division of Health Sciences and Technology (2004)

    Google Scholar 

  16. SØndrol, T.: Using the human gait for authentication. Master’s thesis, Gjøvik University College - Department of Computer Science and Media Technology (2005)

    Google Scholar 

  17. Nixon, S.A., Adelson, E.H.: Analylzing gait with spatiotemporal surfaces. In: Proceedings of IEEE Workshop on Non-Rigid Motion (1994)

    Google Scholar 

  18. U.S. Department of State. Safety and security of u.s. borders/biometrics. State official online information (2008)

    Google Scholar 

  19. Pousttchi, K., Schurig, M.: Assessment of today’s mobile banking applications from the view of customer requirements. In: 37th Annual Hawaii International Conference on System Sciences, HICSS 2004 (2004)

    Google Scholar 

  20. Ratha, N.K., Connell, J.H., Bolle, R.M.: An analysis of minutiae matching strength. IBM Thomas J. Watson Research Center (2001)

    Google Scholar 

  21. Smithson, M.: Confidence Intervals. In the Series of Quantitative Applications in the Social Sciences. SAGE Publications Ltd., Thousand Oaks (2003)

    Book  Google Scholar 

  22. Stang, Ø.: Gait analysis: Is it easy to learn to walk like someone else? Master’s thesis, Gjøvik University College - Department of Computer Science and Media Technology (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Accenture Technology Consulting - Security, Norway

    Bendik B. Mjaaland

  2. Norwegian Information Security Laboratories (NISlab), Gjøvik University College, Gjøvik, Norway

    Patrick Bours

  3. Department of Telematics, Norwegian University of Science and Technology, Trondheim, Norway

    Danilo Gligoroski

Authors
  1. Bendik B. Mjaaland
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Patrick Bours
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Danilo Gligoroski
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Security and Assurance in IT (C-SAIT), Department of Computer Science, Florida State University, 32306-4530, Tallahassee, FL, USA

    Mike Burmester

  2. Department of Computer Science, University of California, Irvine, 92697-3425, CA, USA

    Gene Tsudik

  3. Center for Cryptology and Information Security (CCIS), Department of Mathematical Sciences, Florida Atlantic University, 33431-0991, Boca Raton, FL, USA

    Spyros Magliveras

  4. Mathematical Sciences Department, Florida Atlantic University, 33431-0991, Boca Raton, FL, USA

    Ivana Ilić

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Mjaaland, B.B., Bours, P., Gligoroski, D. (2011). Walk the Walk: Attacking Gait Biometrics by Imitation. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds) Information Security. ISC 2010. Lecture Notes in Computer Science, vol 6531. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-18178-8_31

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-18178-8_31

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-18177-1

  • Online ISBN: 978-3-642-18178-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation