We present a novel adversarial model for authentication systems that use gait patterns recorded by the inertial measurement unit (IMU) built into smartphones. The attack idea is inspired by and named after the concept of a dictionary attack on knowledge (PIN or password) based authentication systems. In particular, this work investigates whether it is possible to build a dictionary of IMUGait patterns and use it to launch an attack or find an imitator who can actively reproduce IMUGait patterns that match the target's IMUGait pattern. Nine physically and demographically diverse individuals walked at various levels of four predefined controllable and adaptable gait factors (speed, step length, step width, and thigh-lift), producing 178 unique IMUGait patterns. Each pattern attacked a wide variety of user authentication models. The deeper analysis of error rates (before and after the attack) challenges the belief that authentication systems based on IMUGait patterns are the most difficult to spoof; further research is needed on adversarial models and associated countermeasures.

翻译：我们提出了一种新颖的对抗模型，适用于使用智能手机内置惯性测量单元（IMU）记录的步态模式进行身份认证的系统。该攻击思路受基于知识（PIN或密码）认证系统的字典攻击概念启发并以此命名。具体而言，本研究探究是否能够构建IMU步态模式词典，并利用其发起攻击或寻找能够主动复现与目标IMU步态模式相匹配的模仿者。九名在生理特征和人口统计学属性上存在差异的个体，以四种预定义可控且可调节步态因素（速度、步长、步宽和抬腿高度）的不同水平行走，生成了178种独特的IMU步态模式。每种模式对多种用户认证模型进行了攻击。对错误率（攻击前后）的深入分析挑战了基于IMU步态模式的认证系统最难以被欺骗的固有认知；在对抗模型及相关对策方面仍需进一步研究。