We present a novel adversarial model for authentication systems that use gait patterns recorded by the inertial measurement unit (IMU) built into smartphones. The attack idea is inspired by and named after the concept of a dictionary attack on knowledge (PIN or password) based authentication systems. In particular, this work investigates whether it is possible to build a dictionary of IMUGait patterns and use it to launch an attack or find an imitator who can actively reproduce IMUGait patterns that match the target's IMUGait pattern. Nine physically and demographically diverse individuals walked at various levels of four predefined controllable and adaptable gait factors (speed, step length, step width, and thigh-lift), producing 178 unique IMUGait patterns. Each pattern attacked a wide variety of user authentication models. The deeper analysis of error rates (before and after the attack) challenges the belief that authentication systems based on IMUGait patterns are the most difficult to spoof; further research is needed on adversarial models and associated countermeasures.

翻译：本文提出了一种针对使用智能手机内置惯性测量单元（IMU）记录的步态模式认证系统的新型对抗模型。该攻击思想受基于知识（PIN或密码）认证系统的字典攻击概念启发并以此命名。具体而言，本研究探讨了是否可能构建一个IMU步态模式字典，并利用该字典发起攻击，或寻找能够主动复现与目标IMU步态模式相匹配的模仿者。九名在身体特征和人口统计学特征上各异的个体，以四种预定义可控可调步态因素（速度、步长、步宽和抬腿高度）的不同水平行走，产生了178种独特的IMU步态模式。每种模式对多种用户认证模型发起攻击。对攻击前后错误率的深入分析挑战了“基于IMU步态模式的身份认证系统最难被欺骗”这一观点；未来需要进一步研究对抗模型及其相关对策。