Arm Swing as a Weak Biometricfor Unobtrusive User Authentication

Davrondzhon Gafurov and Einar SnekkenesNorwegian Information Security Lab,

Gjøvik University College,P.O. Box 191, 2802 Gjøvik, Norway,

davrondzhon.gafurov@hig.no, einars@hig.no

Abstract

Verifying the identity of a user before granting access toobjects or services is an important step in nearly all appli-cations or environments. Some applications (e.g. perva-sive environment) may impose additional requirements foruser authentication mechanism, such as to be continuousand unobtrusive. The former refers to constant or periodicre-assurance of the identity, while the latter means that theauthentication mechanism should be unobtrusive and im-plicit (without attracting user’s attention). Traditional userauthentication mechanisms (e.g. passwords or fingerprints)cannot be or is difficult to adapt to fulfill such requirements.This paper studies an unobtrusive mechanism of user au-thentication based on a new biometric modality. Arm swing,which occurs during gait, is proposed as a weak biometricfor user authentication. We collected arm swing of the per-son by using a motion recording sensor, which records ac-celeration of the arm swing in three orthogonal directions.Using frequency domain analysis of the arm swing accel-erations, we obtained an Equal Error Rate (EER) of 10%based on a preliminary data set including 120 arm swingsamples from 30 persons.

1 Introduction

Verifying the identity of a user before granting access toobjects or services is an important step in nearly all appli-cations or environments. Some applications (e.g. pervasiveenvironment) may impose additional requirements for userauthentication mechanism, such as to be continuous and un-obtrusive. The continuous aspect of authentication refers tothe constant or periodic re-verification of the identity. Thesecond aspect (i.e. unobtrusiveness) refers to the fact thatthe authentication procedure should be convenient, implicitand without requiring user’s explicit cooperation. For ex-

ample, in pervasive environment the electronic devices arecarried by the user almost all the time. However, the de-vices are not always under the attention of their owners, e.g.some people tend to forget, leave unattended or even losethe devices. Current authentication mechanisms in manypersonal electronic devices (e.g. mobile phones) are static.In other words, a user authenticates once (e.g. by entering aPIN code) and authentication lasts until the device is turnedoff. Consequently, the single-time (i.e. static) authentica-tion is not sufficient, especially when the devices are usedin high security applications. For instance, nowadays mo-bile phones can be used in application like m-banking orm-commerce [1]. On the other hand, in a pervasive system,the seamless interaction between the user and the deviceis a very important criteria. The conventional user authen-tication mechanisms (e.g. password-based or fingerprint-based), cannot be or is difficult to accommodate in such ap-plications to meet continuous and unobtrusiveness require-ments. Indeed, the process of frequently entering passwordor providing fingerprint on a mobile phone is explicit, re-quires user cooperation and can be very inconvenient andannoying. Therefore, better mechanisms for unobtrusiveand continuous user authentication is required.

Recently, identifying people by the way they walk be-came one of the attractive topics in biometric research [2].Person’s manner of walking is called gait, and the approachis called biometric gait recognition. One of the primaryadvantages of biometric gait recognition is in providingmechanisms for unobtrusive person verification and iden-tification. From a technological perspective, biometric gaitrecognition is categorized into three groups [3]: MachineVision (MV) based, Floor Sensor (FS) based and WearableSensor (WS) based. In the MV-based approach, gait is cap-tured using a video-camera and then image/video process-ing techniques are applied to extract gait features for recog-nition [4, 5, 6]. In the FS-based approach, gait of the personis captured using sensors (e.g. force plates) installed in the

International Conference on Intelligent Information Hiding and Multimedia Signal Processing

978-0-7695-3278-3/08 $25.00 © 2008 IEEE

DOI 10.1109/IIH-MSP.2008.47

1080

Figure 1. Accelerometer sensor attached tothe hip [13].

Figure 2. Accelerometer sensor attached tothe lower leg [14].

floor [7, 8, 9, 10]. In the WS-based category, gait is col-lected using motion recording sensors attached to variouslocations on the body of the person [11, 12, 13]. The mo-tion of body locations such as hip (see Figure 1), leg (seeFigure 2) and so on have been utilized for person recogni-tion [11, 12, 13].

In this paper, we investigate the feasibility of using thenatural arm swing, which occurs during gait, for unobtru-sive user authentication. The proposed approach belongsto the WS-based category. We collect arm movement byusing a so called Motion Recording (MR) sensor, which isattached to the lower arm of the person. The MR sensorrecords acceleration of movement in three directions: up-down, forward-backwards and sideways. Our data set con-sists of 120 arm swing samples from 30 persons. Using

frequency domain analysis of the arm swing accelerations,we obtained an Equal Error Rate (EER) of about 10%, andidentification probability of 71.7% at rank 1. The remain-der of the paper is structured as follows. Section 2 outlinesthe authentication technology. Section 3 and 4 contains ex-periment description and results of analysis, respectively.Section 5 contains discussion and section 6 concludes thepaper.

2 User authentication technology

2.1 Motion Recording sensor

For collecting arm movement, we use a Motion Record-ing (MR) sensor, see Figure 3. The MR sensor measures ac-celeration in three orthogonal directions, up-down, forward-backward and sideways. The sampling frequency of the MRsensor is about 100 samples per second. Besides accelerom-eters, the other main components of the MR sensor includean internal memory of 64MB for storing acceleration val-ues and a re-chargeable battery. It also has a USB port fortransferring collected data to a PC. During the experimentthe MR sensor was attached to the lower arm as shown inFigure 4.

2.2 Verification method

The first step is the pre-processing, where transformationand interpolation of the acceleration signal are made. Then,the signal is analyzed in frequency domain, where featuresare extracted. Maximum values in the specified frequencyranges is used as features. The Euclidean distance betweentwo feature vectors is used as a similarity score. A more de-tailed steps involved in comparing arm movement samplesare as follow.

1. Pre-processing: From the output of the MR sensor weget acceleration in three orthogonal directions. Theseaccelerations are transformed and combined in order toobtain more orientation invariant acceleration signal.The time interval between accleration recordings in thesignal is not always equal, so we interpolate the signalto get equally sampled signal. An example of the armswing acceleration is depicted in Figure 5a.

2. Frequency domain analysis: A time varying signal,r(t), can be represented by successively adding the in-dividual frequencies present in the signal as

r(t) = a0 +∑

[bi ·sin(2πfit)+ci ·cos(2πfit)], (1)

where bi and ci are called Fourier coefficients. Basedon the Fourier coefficients, the amplitude of the signalat each frequency can be computed as follow,

1081

Figure 3. The MR sensor. Figure 4. The MR sensor attached to thearm.

Ai =√

b2i + c2

i . (2)

We analyze the arm swing signals in the frequency do-main. Each arm signal is about 10 seconds of armswing (1024 samples), see Figure 5a. Before trans-forming the signal into frequency domain its meanis extracted to get zero-mean signal. Then, to re-duce the leakage the Hamming window is applied andthe Fourier coefficients is computed using FFT (FastFourier Transform) algorithm. Next, the amplitude iscomputed using formula (2). An example of amplitudeof the signal is depicted in Figure 5b.

3. Features: We divide the frequency axis of the signalinto several ranges. Each frequency range, i, is theinterval ((i − 0.5)Hz, (i + 0.5)Hz]. High amplitudesare dominant only in the low frequencies; therefore wefocus on the first 6 frequency ranges. The maximumamplitudes in each specified frequency ranges are usedas features. Then, these features are concatenated toform a feature vector.

4. Feature vectors: Three feature vectors are tested.The first one has two features and it is themaximum amplitudes in the frequency ranges(0.5Hz, 1.5Hz] and (1.5Hz, 2.5Hz]. The secondfeature vector has 4 features, which are 4 maxamplitudes in the first four frequency ranges, i.e.(0.5Hz, 1.5Hz], (1.5Hz, 2.5Hz], (2.5Hz, 3.5Hz],and (3.5Hz, 4.5Hz]. The third featurevector has 6 features, i.e. 6 max am-plitudes in the first six frequency ranges(0.5Hz, 1.5Hz], (1.5Hz, 2.5Hz], ...., (5.5Hz, 6.5Hz].

Assume V1, V2 and V3 are the three aforementionedfeature vectors, respectively. They are related to eachother as follow V1 ⊂ V2 ⊂ V3.

5. Similarity score: Euclidean distance between two fea-ture vectors are used as a similarity score. AssumeV = (v1, ..., vn) and W = (w1, ..., wn) are the tem-plate and test feature vectors, where vi and wi are max-imum amplitudes in the frequency range i of the tem-plate and test, respectively. Then the similarity score,S, is calculated as follow,

S(V, W ) =

√√√√n∑

i=1

(vi − wi)2, n = 2, 4, 6 (3)

The similarity score indicates how similar two armmovement samples are. Ideally, similarity scores obtainedfrom the same person should be smaller then similarityscores obtained from different persons.

3 Experiment

Using the MR sensor, we have collected acceleration ofthe arm swing from 30 subjects, 23 male and 7 female (inage range 19-47 years old). Subjects were told to walk nor-mally at their natural gait on a level surface for the distanceof about 20 meters. The experiment was conducted in 4 ses-sions. In the first two sessions, the MR sensor was attachedto the right arm, and in the last two trials the MR sensor wasattached to the left arm. The MR sensor was attached to thelower arm of the subjects as shown in Figure 4. Before eachwalking trials, subjects were asked to shift the MR sensor

1082

Figure 5. An example of arm swing signal: a) Time domain; b) Frequency domain (only low frequencycomponents are depicted).

a little bit in order to simulate realistic situations (i.e. thesensor is not exactly on the same position or orientation).In total, there were 120 arm swing samples, 4 samples perperson, 2 from the right arm and 2 from the left arm. Therecorded accelerations were transferred to the computer foranalysis.

4 Results

Assuming left and right arm movements are not identi-cal, we divide the set of samples into two non-overlappingsets, S1 and S2. The first set, S1, is the set of all samples

from the right arm, while the second set, S2, is the set ofall samples from the left arm. The cardinalities of each setequals to 60. For each set, we apply the leave-one-out crosscomparisons procedure [13]. In this way using each set,30 genuine and 870 impostor scores are obtained. In total,there will be 60 unique genuine and 1740 unique impostorscores. Based on the sets of genuine and impostor scores,the False Accept Rate (FAR) and False Reject Rate (FRR)are estimated.

To evaluate the performance of the method in verificationmode, we use a Decision Error Trade-off curve (DET). TheDET curve is a plot of FAR versus FRR. The DET curve

1083

Figure 6. The performance of the methodin terms of DET curves.

Figure 7. The performance of the methodin terms of CMC curves.

shows the performance of a biometric system under differ-ent decision thresholds. The corresponding DET curves us-ing three feature sets are depicted in Figure 6. Usually, toindicate the performance of the biometric system by a singlevalue an Equal Error Rate (EER) or a minimal Total ErrorRate (TERmin) is used. The EER is a point on the curvewhere FAR=FRR, while the TERmin is a point where thesum of FAR and FRR is minimal. The EER and TERmin

of the method are given in Table 1 (columns EER andTERmin, respectively). The best EER and TERmin areabout 10% and 18.7%, respectively. Using parametric ap-proach as in [15], we can compute the margin of errors (i.e.95% confidence intervals) for FAR and FRR of the EER,respectively. They are 10 ± 1.4 and 10 ± 7.6 for FAR andFRR, respectively. The margins for FAR are more narrowercompared to the margins for FRR, since we have more im-postor scores than genuine scores.

We also evaluated the performance of the method inidentification mode. To evaluate performance in this mode,we use a Cumulative Match Characteristic (CMC) curve[16]. The CMC curve is a plot of the rank vs. the identi-fication probability. It indicates the cumulative probabilityof an unknown sample being within the top closest matches.Using sets S1 and S2 (i.e. right and left samples), two CMCcurves were calculated. Then, identification probabilitiesat each rank are averaged to get one CMC curve. The re-sulting CMC curves for three feature sets are shown in Fig-ure 7. The averaged identification probabilities at rank 1 ofthe three feature vectors are given in Table 1 (column P1).

Table 1. Performance of the method for 3 fea-ture sets.

No. of features EER, % TERmin, % P1, %Two features 15 29.3 31.7Four features 13.3 24 60Six features 10 18.7 71.7

5 Discussion

Table 2 contains the summary of some WS-based andFS-base works that can be suitable for user recognition inpervasive environment. In this table, the columns Location,S# and Performance, % represent the location of the motionrecording sensor(s) on the body or on the floor, the numberof subjects used in the experiments and the performance ofthe methods in term of the EER and/or recognition rate (oridentification rate at rank 1). This table does not imply di-rect comparison of results, but its purpose is merely to givean impression of performances in the WS-based and FS-based person recognition.

In a pervasive environment, the personal electronic de-vices are always with the user and the continuous and un-obtrusive (re-) verification of the user is a very importantrequirement. User authentication using arm swing providesunobtrusive identity verification because the arm swing is anatural motion of the hands/arms that occurs during gait anddoes not require an extra action from the person. It can bealso very well adapted in the continuous authentication con-

1084

Table 2. Summary of some works on WS-based and FS-based gait recognitionStudy Location S# Performance, %

EER Recognition rateAilisto et al. [11] waist 36 6.4 -Mantyjarvi et al. [17] waist 36 7, 10, 18, 19 -Gafurov et al. [14] lower leg 21 5, 9 -Vildjiounaite et al. [18](gait+voice)

hip and chestpockets, hand

31 2-12 -

Gafurov et al. [12] trouser pocket 50 7.3, 9.2, 14, 20 86.3, 83.8, 50.5, 24.2Gafurov et al. [13] hip 100 13 73.2Orr and Abowd [7] on the floor 15 - 93Suutala and Rning [8] on the floor 11 - 66.8-70.2Middleton et al. [9] on the floor 15 - 80This paper lower arm 30 10, 13.3, 15 71.7, 60, 31.7

Table 3. Performance of some other biometrics in terms of EER.Biometric EER, % Data setIris [19] 0.0259 200 subjectsFingerprint [20] 0.99-1.07 FVC2002 DB1 and DB2 [21]Palmprint [22] 0.19 7605 samples from 392 palmsSignature [23] 1.4 619 samples and 94 subjects

text. Walking (and arm swinging) may happen from severaltimes to many times during normal daily activity. Conse-quently, it is reasonable to assume that arm swing will beavailable several or many times per day for re-verificationof the user identity.

The accuracy of the arm swing biometric is not compa-rable with the strong biometric modalities, e.g. see perfor-mances of some biometrics in Table 3. It should be notedthat we do not propose arm swing as a replacement or solemechanism of authentication but rather as a complementarymechanism that can be used to improve security in personaldevices. Users can still use strong biometrics or passwordexplicitly when authenticating for the first time. Then, armswing biometric can be applied implicitly for re-verificationof the identity in continuous authentication scenario. In or-der to reduce the inconvenience for the genuine users, onecan set operating threshold of the system such that FRR isvery low or zero and FAR is medium to high levels, e.g.at a ZeroFRR. The ZeroFRR is the minimum FAR, whereFRR is zero. In our method the ZeroFRR is about 70%(using 6 features). In general, this suggests that by usingthe arm swing as an additional level of security, about 30%of attackers, which overcome/spoof first authentication, canbe defeated without causing usability inconvenience thatwould not be possible without this added level.

Some part of the work by Vildjiounaite et al. [18] issimilar to the approach in this paper, but there are severalsignificant differences between them. Apart differences in

recognition methods, data sets and evaluation modes, theother main difference is that Vildjiounaite et al. [18] at-tached accelerometer to the handle of a suitcase and anal-yse hand motion with carrying a suticase. In addition, theirstudy shows that the accuracy can be improved when gait isintegrated with other types of unobtrusive biometrics [18].

Although the current prototype of the MR sensor looksa bit ”bulky”, it is feasible to shrink the size of MR com-ponents and integrate it with the actual electronic deviceworn in the wrist (e.g. an arm-watch). At least the mo-tion recording part can be integrated with the arm-watch orin the sleeves of clothes, but the processing of the signal isconducted on a more powerful electronics such as mobilephone. Then, the devices can communicate via short rangecommunication protocols (e.g. Bluetooth). Despite advan-tages, user authentication based on arm swing possess somelimitations too. Several factors/situations may alter the nat-ural arm swing, for example carrying an object in the hands,walking in various speeds, walking when one hand in thepocket another one is swinging and the like. For developinga robust user authentication system based on the arm swing,the effects of such factors and situations should be furtherinvestigated.

6 Conclusion and Future Work

In this paper we investigated the feasibility of using armswing during gait as a way of unobtrusive identity verifi-

1085

cation. User authentication based on the arm swing canalso be suitable in continuous authentication context, whereidentity of the user is required to be re-verified periodically.Acceleration of the arm motion is collected using an ac-celerometer sensor. Using frequency domain analysis onthe arm movement signals from 30 persons, we achieved theEER of about 10% and identification probability of 71.7%at rank 1.

Although the results are encouraging, the further workis required to improve the accuracy of the approach and toevaluate performance on a larger data set (to have narrowerconfidence intervals). It is also important to study the fac-tors that may influence the normal hand and arm movements(e.g. walking speed) in order to develop robust authentica-tion system. For improving accuracy, one may look intodeveloping techniques for integrating arm swing biomet-ric with other unobtrusive biometrics such as hip movementand so on. In this paper, impostors were assumed passive,but in real life they can try to imitate the arm swing of avictim. Therefore, to evaluate the robustness of the systemagainst such type of attack one needs to have active impos-tors too. All these open topics will constitute a basis for ourfuture work.

Acknowledgement

We would like to thank Dr. Arne Wold for his useful dis-cussion on the analysis of acceleration signals and RetomaAS for providing software interface between the sensor andthe computer.

References

[1] B. Dukic and M. Katic. m-order - payment model viasms within the m-banking. In 27th International Con-ference on Information Technology Interfaces, 2005.

[2] Mark S. Nixon, Tieniu N. Tan, and Rama Chellappa.Human Identification Based on Gait. Springer, 2006.

[3] Davrondzhon Gafurov. A survey of biometric gaitrecognition: Approaches, security and challenges.In Annual Norwegian Computer Science Conference,Oslo, Norway, November 19-21 2007.

[4] C. BenAbdelkader, R. Cutler, and L. Davis. Stride andcadence as a biometric in automatic person identifica-tion and verification. In Fifth IEEE International Con-ference on Automatic Face and Gesture Recognition,pages 357–362, May 2002.

[5] Zongyi Liu and Sudeep Sarkar. Improved gait recog-nition by gait dynamics normalization. IEEE Trans-actions on Pattern Analysis and Machine Intelligence,28(6):863 – 876, 2006.

[6] Ju Han and Bir Bhanu. Individual recognition us-ing gait energy image. IEEE Transactions on PatternAnalysis and Machine Intelligence, 28(2):316 – 322,2006.

[7] R. J. Orr and G. D. Abowd. The smart floor: A mech-anism for natural user identification and tracking. InProceedings of the Conference on Human Factors inComputing Systems, 2000.

[8] J. Suutala and J. Roning. Towards the adaptiveidentification of walkers: Automated feature selec-tion of footsteps using distinction sensitive LVQ. InInt. Workshop on Processing Sensory Information forProactive Systems (PSIPS 2004), June 14-15 2004.

[9] Lee Middleton, Alex A. Buss, Alex Bazin, andMark S. Nixon. A floor sensor system for gait recog-nition. In Fourth IEEE Workshop on Automatic Iden-tification Advanced Technologies (AutoID’05), pages171–176, 2005.

[10] Jam Jenkins and Carla Schlatter Ellis. Using groundreaction forces from gait analysis: Body mass as aweak biometric. In Pervasive, 2007.

[11] Heikki J. Ailisto, Mikko Lindholm, Jani Mantyjarvi,Elena Vildjiounaite, and Satu-Marja Makela. Identi-fying people from gait pattern with accelerometers. InProceedings of SPIE Volume: 5779; Biometric Tech-nology for Human Identification II, pages 7–14, 2005.

[12] Davrondzhon Gafurov, Einar Snekkenes, and PatrickBours. Gait authentication and identification usingwearable accelerometer sensor. In 5th IEEE Work-shop on Automatic Identification Advanced Technolo-gies (AutoID), pages 220–225, Alghero, Italy, June 7-8 2007.

[13] Davrondzhon Gafurov, Einar Snekkenes, and PatrickBours. Spoof attacks on gait authentication system.IEEE Transactions on Information Forensics and Se-curity, 2(3), 2007. Special Issue on Human Detectionand Recognition.

[14] Davrondzhon Gafurov, Kirsi Helkala, and TorkjelSondrol. Gait recognition using acceleration fromMEMS. In 1st IEEE International Conference onAvailability, Reliability and Security (ARES), pages432–437, Vienna, Austria, April 2006.

[15] R.M. Bolle, S. Pankanti, and N.K. Ratha. Evaluationtechniques for biometrics-based authentication sys-tems (FRR). In 15th International Conference on Pat-tern Recognition, pages 831 – 837, September 2000.

1086

[16] ISO/IEC IS 19795-1, information technology, biomet-ric performance testing and reporting, part 1: Princi-ples and framework, 2006.

[17] Jani Mantyjarvi, Mikko Lindholm, Elena Vild-jiounaite, Satu-Marja Makela, and Heikki J. Ailisto.Identifying users of portable devices from gait pat-tern with accelerometers. In IEEE International Con-ference on Acoustics, Speech, and Signal Processing,2005.

[18] Elena Vildjiounaite, Satu-Marja Makela, MikkoLindholm, Reima Riihimaki, Vesa Kyllonen, JaniMantyjarvi, and Heikki Ailisto. Unobtrusive multi-modal biometrics for ensuring privacy and informa-tion security with personal devices. In Pervasive,pages 187–201, May 2006. Springer LNCS.

[19] Donald M. Monro, Soumyadip Rakshit, and DexinZhang. DCT-Based iris recognition. IEEE Transac-tions on Pattern Analysis and Machine Intelligence,29(4), 2007.

[20] U. Park, Pankanti, and A. K. Jain. Fingerprint ver-ification using SIFT features. In SPIE Defense andSecurity Symposium, 2008.

[21] D.Maio, D.Maltoni, R.Cappelli, J.L.Wayman, andA.K. Jain. FVC2002: Second fingerprint verificationcompetition. In 16th International Conference on Pat-tern Recognition, 2006.

[22] Xiangqian Wu, Kuanquan Wang, and David Zhang.Palmprint texture analysis using derivative of gaussianfilters. In International Conference on ComputationalIntelligence and Security, 2006.

[23] Alisher Kholmatov and Berrin Yanikoglu. Identity au-thentication using improved online signature verifica-tion method. Pattern Recognition Letters, 2005.

1087