The Phoney Lift: Using Accelerometers to Identify People
The Phoney Lift: Using Accelerometers to Identify People
Friday, February 12, 2016
For many, smartphones have become an integral part of daily life. This study explores a user-friendly and robust method of user authentication that enhances the security of smart-phones. User identification is accomplished using the biometrics of the motion used to lift the phone. This study builds on the work done last year. The previous study demonstrated the feasibility of lift based biometrics to differentiate between users and non-users. This study extends the previous study to encompass three addition goals – to study the effect of a directed attack on a user’s movements, to enhance the recognition algorithms with Principal Component Analysis (PCA), and to tune the binary classifier threshold using Receiver Operating Characteristic (ROC) curves. A group of subjects were recruited to lift multiple phones. Data from 3-axis accelerometer and 3-axis gyroscope were collected for each lift. Then half of the participants were designated as attackers. They attempted to forge three others while assisted with videos collected during the lift. A program was developed to extract 9 parameters for each lift. A binary classifier was designed to identify the user using these parameters either as is or transformed with PCA. The binary classifier was based off a hyper-cube constructed from standard deviations, and means. ROC curves where used to find the optimum dimensions for the hypercube. The baseline data yielded on average, 15% false negative and 7% false positive, demonstrating the accuracy of the classifier. The PCA transformation did not reveal any significant improvement in the baseline data. However, in the attack data, the PCA had a visible effect. Without PCA, the attack showed a 7 to 20% increase in false positives from the baseline. Alternatively, with PCA, the false positives showed a decrease of approximately 4%. From this, it is evident that forgery is not effective and in fact may detract from the attackers’ chances of getting through. The identification system designed in this study is, therefore, robust, accurate, and secure against attacks.