Evaluating Deep Learning Models and Adversarial Attacks on Accelerometer-Based Gesture Authentication
This work addresses security concerns for mobile device users by evaluating adversarial robustness in behavioral biometrics, though it is incremental as it builds on existing deep learning and adversarial attack methods.
The study tackled the vulnerability of deep learning models in accelerometer-based gesture authentication to adversarial attacks, finding that a convolutional neural network was surprisingly robust against attacks using generated adversarial samples, with specific performance metrics indicating resilience.
Gesture-based authentication has emerged as a non-intrusive, effective means of authenticating users on mobile devices. Typically, such authentication techniques have relied on classical machine learning techniques, but recently, deep learning techniques have been applied this problem. Although prior research has shown that deep learning models are vulnerable to adversarial attacks, relatively little research has been done in the adversarial domain for behavioral biometrics. In this research, we collect tri-axial accelerometer gesture data (TAGD) from 46 users and perform classification experiments with both classical machine learning and deep learning models. Specifically, we train and test support vector machines (SVM) and convolutional neural networks (CNN). We then consider a realistic adversarial attack, where we assume the attacker has access to real users' TAGD data, but not the authentication model. We use a deep convolutional generative adversarial network (DC-GAN) to create adversarial samples, and we show that our deep learning model is surprisingly robust to such an attack scenario.