Gait Mimicking : Attack Resistance Testing of Gait Authentication Systems

• Main Author: Mjaaland, Bendik Bjørklid
• Format: Others
• Language: English
• Published: Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk 2009
• Subjects: ntnudaim; SIE7 kommunikasjonsteknologi; Telematikk
• Online Access: http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-8977

Biometric technology is rapidly evolving in today's society. A large part of the technology has its roots hundreds, or even thousands of years back in time, while other parts are new and futuristic. Research suggest that individuals can be identified by the way they walk, and this kind of biometrics, gait biometrics, is a rather new and definitely intriguing field. However, the technology is far from mature; the performance is not generally competitive to other biometrics, and it has not been thoroughly tested security-wise. This thesis aims to test the security strength of gait biometrics. It will focus on imitation, or mimicking of gait. The bottom line question is whether it is possible to learn to walk like someone else. If this turns out to be easy, it will have a severe effect on the potential of gait as an authentication mechanism in the future. The report is logically twofold. In one part, the reader is brought up to speed on the field of gait biometrics, and a software tool for gait authentication is developed and presented. Second, an experiment is conducted, involving extensive training of test subjects, and using sources of feedback like video and statistical analysis. The data is analyzed by regression, and the goal is to determine whether or not the participants are increasing their mimicking skills, or simply put: if they are learning. The first part of the experiment involves 50 participants that are successfully enrolled using the developed software. The results compete with state of the art gait technology, with an EER of 6.2%. The rest of the experiment is related to mimicking, and the thesis discovers that six out of seven participants seem to have a natural boundary to their performance, a "plateau", forcing them back whenever they attempt to improve further. The location of this plateau predetermines the outcome of an attack; for success it has to lie below the acceptance threshold corresponding to the EER. Exactly one such boundary is identified for almost all participants, but some data also indicate that more than one plateau can exist simultaneously. The final result however, is that a very limited amount of learning is present, not nearly enough to pose a threat to gait biometrics. Gait mimicking is a hard task, and our physiology works against us when we try to adopt specific gait characteristics.