Professional Documents
Culture Documents
G-PPG A Gesture-Related PPG-based Two-Factor Authentication For Wearable Devices
G-PPG A Gesture-Related PPG-based Two-Factor Authentication For Wearable Devices
Abstract—Verifying the user identity of wearable devices is To solve this problem, sensors that can extract users’
crucial for system security, especially before sensitive operations biometric features or behavior patterns are leveraged for
like making financial payments. A PPG-based two-factor authen- continuous authentication yet face challenges. To be specific,
tication can be a promising solution with widely deployed PPG
(Photoplethysmography) sensors within wearable devices. Our fingerprint sensors can be fooled by fake fingerprints [1],
observations find PPG readings reveal a significant relevance to and camera-based face recognition can be compromised by
the user’s hand motions, i.e., gestures, while the user’s heartbeat dedicated designed images [2]. To enhance the security of
characteristics and wearing habits are also implicitly related, biometric-based authentication, a physiological feature that is
which can be utilized for user authentication. In this paper, we hard to clone and observe should be applied. PPG (Photo-
design G-PPG, a gesture-related PPG-based two-factor authen-
tication mechanism that can non-intrusively validate the user’s plethysmography) sensor that captures the user’s heartbeat at
identity. In G-PPG, gesture detection and segmentation and a the wrist-side becomes a promising candidate.
specific feature set are proposed for accurate gesture-related PPG PPG is a non-intrusive optical biomonitoring technique that
characteristic extraction. Moreover, an adaptive update scheme is can measure the blood volume in vascular tissue under the
proposed for the high accuracy of long-term authentication. Our skin in the wrist or fingertip area by receiving the reflected
experiments among 15 participants demonstrate that G-PPG can
achieve a 90% accuracy in the long-term study. light rays. The received signal is related to the cardiac cycle’s
Index Terms—Wearable Security, Internet of Things, Two- systole and diastole, which can be utilized for heartbeat
factor Authentication, PPG sensors monitoring. Due to its reliable performance and low price,
almost all current smart bands and watches are equipped with
I. I NTRODUCTION PPG sensors for health monitoring and sport detection, which
makes it possible to use PPG for authentication.
In recent years, wearable devices have drawn great attention Previous research demonstrates that PPG readings reveal
in the IoT (Internet of Things) market and play essential roles unique and unclonable characteristics, and it is feasible to
in daily human life. With various embedded sensors, wearable use PPG readings for user authentication [3]–[6]. However,
devices like smartwatches reveal broad application scenarios PPG-based authentication still faces challenges. First, the PPG
for healthcare monitoring, navigation, fitness tracking, etc. measurements are susceptible to movements, such as walking
With the enhancement of functionality, wearable devices are and riding, which may impact the authentication accuracy
even utilized in sensitive scenarios (financial payment, etc.) and utility, and a motion artifacts removal algorithm is also
and regarded as a trustworthy party with advanced authority required. Besides, compared to fingertip-PPG, the wrist-PPG
that can access other smart devices, which are vulnerable in readings are typically weak and noisy. Therefore, existing
some unexpected cases. For example, an attacker can use the methods usually need users to wear the device tightly to collect
smartwatch to unlock the smart locker that has been pre- sufficient PPG signals for authentication. However, in practice,
paired directly without further authentication. Without further there is always a gap between the wristband and skin, and the
protection, users usually get anxious when their wearable gap even changes according to the user’s hand motion, which
devices are stolen or lost, and their sensitive data or application also reduces the accuracy and practicability of heartbeat-based
account could be leakages by attackers. PPG authentication.
In order to prevent the misuse of wearable devices, a Different from existing work, we propose G-PPG, which
continuous or two-factor authentication mechanism is neces- extracts gesture-related PPG readings for user authentication.
sary, especially when sensitive authorities are asked for it. Specifically, we find that PPG readings reveal unique and
A common solution to validate the user’s identity is asking strong patterns when a user performs a specific gesture.
the user to input a password or PIN, which usually lasts for Moreover, different users and gestures will show discrimi-
seconds. However, weak password problems and credential native differences. With a thorough analysis of the above
stuffing attacks make password-based authentication risky and observations, we conclude that the gesture brings rhythmic
user-unfriendly. changes to the gap between the PPG sensor and the skin, which
reflect the user’s behavior pattern and the wearing habits.
* Xinyan Zhou is the corresponding author. Furthermore, the heartbeat itself also introduces unique signals
243
Authorized licensed use limited to: Indian Institute of Information Technology Design & Manufacturing. Downloaded on August 16,2023 at 18:29:51 UTC from IEEE Xplore. Restrictions apply.
(a) Gesture-related PPG readings re- (b) Gesture-related PPG readings re- (c) Gesture-related PPG readings re- (d) PPG readings during sitting and
veal consistency for each user. veal user dependence. veal gesture dependence. walking periods.
with the observation that PPG readings reveal both gesture- for authentication requires an extra motion artifacts removal
dependency and user-dependency. algorithm, while the gesture-related PPG signals show a great
potential for a robust authentication performance.
III. G-PPG OVERVIEW
B. System Overview
A. Feasibility Study The basic idea of G-PPG is utilizing the PPG measure-
In G-PPG, we utilize the PPG measurements when users ments changes during the gestures to authenticate the user’s
are required to operate designated gestures for authentication, identity. The fundamental principle is that PPG measurements
based on the observations that different users reveal marked reveal unique characteristics when users conduct hand gestures
differences in PPG measurements with hand motions. We vali- derived from the user’s wrist physiological features and the
date the feasibility of G-PPG with coarse-grained experiments wearing habits of the wearable devices. Specifically, the gap
in a PPG data collection platform, and details of the platform between the wearable device and the user’s wrist skin is
are illustrated in Sec. V. irregular among users, and the gap changes significantly when
User Consistency and Dependence. We first examine the the user is conducting near-wrist gestures. By measuring the
user consistency and dependence of the PPG measurements light reflections, PPG measurements are hypersensitive to user
with different gestures, which are fundamental characteristics gestures, which can be utilized for authentication.
of G-PPG. We capture PPG measurements from 4 users with The architecture of our G-PPG is shown in Fig.2, G-PPG
the same gesture, and the sampling rate of the PPG is 100Hz. requires the user to follow a pre-defined gesture and collects
We plot 15 samples for each user directly in Fig. 1(a), which PPG data in real-time to authenticate the user’s identity.
reveals significant consistency among samples. To further Data Acquisition and Preprocessing. With a dedicated
evaluate the user dependence, as shown in Fig 1(b), we find gesture, we collect PPG measurements for further user authen-
samples from different users can be simply separated in a two- tication. Raw PPG sensor data inevitably contain disturbances
dimension plane (i.e., skewness as the X-axis and standard from heart rate and other movements. Therefore, a basic noise
deviation as the Y-axis). The above findings demonstrate that reduction mechanism and a low pass filtering are necessary
PPG measurements with gestures show great potential for user at the beginning of the data acquisition. Besides, gesture
authentication. detection and segmentation are applied to extract gesture
Gesture dependence. For better user experience during the segments from continuous PPG measurements.
authentication, we further explore the gesture dependence, Feature Extraction. We try to extract features that can
i.e., the PPG measurements could be distinguishable with efficiently classify user identities with segmented PPG mea-
different gestures. We utilize the same platform to collect PPG surements. Previous work provides fiducial features for PPG-
measurements from the same user with 3 different gestures, based authentication, which are critical landmarks in PPG
and 15 samples are collected for each gesture. Fig. 1(c) reveals pulse waveform [3]. However, our work is based on gesture-
the variance (X-axis) and skewness (Y-axis) of each sample, related PPG measurements, and previous features are not
and we find different gestures are clearly clustered, which applicable. In G-PPG, we propose a set of customized features
provides more choices for users and expands the data space related to user wearing habits and physiological characteristics.
for authentication. In addition, we also select general signal features in time,
Gesture Robustness. Users’ daily activities can impact the frequency, and time-frequency domains as a supplementary.
performance of PPG-based authentication [3], [4], and we vali- Training Module. The training module is operated in the
date the robustness of G-PPG in two different daily scenarios, enrollment phase, the initialization process of G-PPG. With
including sitting and walking cases. As shown in Fig.1(d), several labeled legitimate user training samples and pre-stored
gesture-related PPG signals can be clearly observed from PPG negative samples, we train a binary classifier for G-PPG. In the
readings, while the motion artifacts may cover the original design of G-PPG, we compare the performance of 5 classifiers,
cardiac signals. Therefore, utilizing cardiac PPG signals alone which include Random Forest (RF), Support Vector Machine
244
Authorized licensed use limited to: Indian Institute of Information Technology Design & Manufacturing. Downloaded on August 16,2023 at 18:29:51 UTC from IEEE Xplore. Restrictions apply.
IV. G-PPG SYSTEM DESIGN
In this section, we describe the four modules in G-PPG in
detail, which include data acquisition and preprocess module,
feature extraction module, training module and authentication
module.
245
Authorized licensed use limited to: Indian Institute of Information Technology Design & Manufacturing. Downloaded on August 16,2023 at 18:29:51 UTC from IEEE Xplore. Restrictions apply.
TABLE I
THE LIST OF THE SPECIFIC PPG GESTURE FEATURES.
246
Authorized licensed use limited to: Indian Institute of Information Technology Design & Manufacturing. Downloaded on August 16,2023 at 18:29:51 UTC from IEEE Xplore. Restrictions apply.
(a) The average accuracy among 15 (b) The average accuracy and F1-
participants. score with 5 different gestures.
Fig. 4. Prototype of device with a PPG and an MPU-6050 sensor. Fig. 5. The overall performance of G-PPG.
247
Authorized licensed use limited to: Indian Institute of Information Technology Design & Manufacturing. Downloaded on August 16,2023 at 18:29:51 UTC from IEEE Xplore. Restrictions apply.
(a) Accuracy. (b) F1-sore.
Fig. 6. The impact of 5 different kinds of classifiers. Fig. 7. The impact of the feature selection.
Fig. 8. The impact of different training data sizes Fig. 9. The evaluation of the long-term authenti- Fig. 10. The impact of user daily movements for
for the authentication. cation. the authentication.
sets for authentication. Fig. 7 reveals the accuracy (Fig. 7(a)) phase of a user-fingerprint authentication may last for 30 s
and F1-score (Fig. 7(b)) of 5 gestures with the following three and Trueheart [3] requires a 2-minute-training to reach a 90%
feature sets: 1) only use the specific feature set with 8 features, accuracy, we consider the time duration of the training phase
2) only use the general feature set with 20 features, and 3) use in G-PPG is acceptable.
all 28 features. Results demonstrate that utilizing all features
shows the best authentication performance while using only 8 G. Practical Analysis
specific features reveals a remarkable performance. It is worth To further analyze the performance of G-PPG in practice,
mentioning that the specific feature set overcomes the general we evaluate the long-term performance of G-PPG and estimate
feature set with only 8 features. Therefore, we consider the the impact on the user’s daily activities. The user-defined
specific feature set can well extract the key characteristics from security level proposed in the authentication mechanism is also
samples and make contributions to the classification results. evaluated.
Long-term Authentication: One may argue that the
F. Impact of Training Data Size
gesture-related PPG samples may change when the user takes
The training data size reflects the user experience to some on/off the wearable devices. Therefore, we keep tracking the
extent. Specifically, more training data means the user should gesture data of 6 participants (5 males and 1 female) for a week
spend more time on the system initialization, which may and analyze the performance of G-PPG each day. Participants
discourage users willing to use G-PPG. On the other hand, will take off the wearable device after each sampling round to
the accuracy may not be high enough for authentication with simulate the user’s daily usage habits. It is worth mentioning
a few training samples. We take K samples from legitimate that we utilize the adaptive update mechanism after each
users and train the model with an additional 2K negative authentication round, and the model is updated each day. The
samples in the experiment. The negative samples can be results in Fig. 9 demonstrate that the accuracy and F1-score are
pre-stored in the system. We analyze the accuracy and F1- relatively stable, and the indicators (accuracy and F1-score)
score for the different number of positive training samples even increase a little bit after a few days with the adaptive
(K = 4, 8, 12, 16, 20, 24, 28, 32), and the results are shown update mechanism, which reveals a promising characteristic
in Fig. 8. We find that even with 4 positive samples, G-PPG for long-term authentication.
can reach an accuracy of 87.75%, and with 8 samples, the The Impact of Daily Activities: We also study the impact
accuracy can reach up to 90.23%. Recall that each sample of daily activities on G-PPG to validate the system robustness.
lasts for 1 second, G-PPG needs 8 s to train a gesture. Though In most wearable-based authentication methods [3]–[5], [25],
one gesture can also be utilized for authentication, we still [26], users are required to perform the authentication in a
suggest users train at least 2 gestures for authentication, which relatively stationary case, however, the moving scenario should
lasts 16 s for the initialization phase. Considering the training also be considered in the daily life. We collect samples from 6
248
Authorized licensed use limited to: Indian Institute of Information Technology Design & Manufacturing. Downloaded on August 16,2023 at 18:29:51 UTC from IEEE Xplore. Restrictions apply.
participants in two typical activities: sitting and walking, rep- [8] S. Mathur, R. D. Miller, A. Varshavsky, W. Trappe, and N. B.
Mandayam, “Proximate: proximity-based secure pairing using ambient
resenting static and moving scenarios accordingly. As shown wireless signals,” in Proceedings of the ACM MobiSys 2011, 2011, pp.
in Fig. 10, G-PPG demonstrates a similar precision in both 211–224.
cases, while the F1-score reaches up to 84.77% even in the [9] Y. Luo, L. Pu, Z. Peng, and Z. Shi, “Rss-based secret key generation in
underwater acoustic networks: advantages, challenges, and performance
walking scenario. We also notice the recall in the walking case improvements,” IEEE Communications Magazine, vol. 54, no. 2, pp.
is lower than the sitting case. In such cases, users can still pass 32–38, 2016.
the authentication by launching a second attempt. [10] T. Wang, Y. Liu, and A. V. Vasilakos, “Survey on channel reciprocity
based key establishment techniques for wireless systems,” Wireless
Networks, vol. 21, no. 6, pp. 1835–1846, 2015.
VI. C ONCLUSION [11] W. Xi, C. Qian, J. Han, K. Zhao, S. Zhong, X. Li, and J. Zhao, “Instant
and robust authentication and key agreement among mobile devices,” in
In this paper, we design G-PPG, a gesture-related PPG- Proceedings of the ACM SIGSAC CCS, 2016, pp. 616–627.
based two-factor authentication mechanism for wearable de- [12] F. Qiu, Z. He, L. Kong, and F. Wu, “MAGIK: an efficient key extraction
vices. With an embedded PPG sensor, G-PPG can authenticate mechanism based on dynamic geomagnetic field,” in Proceedings of the
IEEE INFOCOM 2017, 2017, pp. 1–9.
the user’s identity through dedicated gestures, which is based [13] N. Karapanos, C. Marforio, C. Soriente, and S. Capkun, “Sound-proof:
on the observation that gesture-related PPG readings can Usable two-factor authentication based on ambient sound,” in 24th
imply users’ heartbeat, wearing habits, and behavior habits. USENIX Security Symposium. USENIX Association, 2015, pp. 483–
498.
Specifically, we design a gesture detection and segmentation [14] X. Ji, C. Li, X. Zhou, J. Zhang, Y. Zhang, and W. Xu, “Authenticating
algorithm to extract gesture-related PPG measurements, and smart home devices via home limited channels,” ACM Trans. Internet
a specific feature set is proposed according to the empirical Things, vol. 1, no. 4, pp. 24:1–24:24, 2020.
[15] C. Li, X. Ji, B. Wang, K. Wang, and W. Xu, “Sencs: Enabling real-
observations. We validate the performance and security of G- time indoor proximity verification via contextual similarity,” ACM Trans.
PPG among 15 participants, and the results demonstrate that Sens. Networks, vol. 17, no. 2, pp. 19:1–19:22, 2021.
G-PPG can achieve high accuracy of over 90% in long-term [16] G. Baldini and G. Steri, “A survey of techniques for the identification
of mobile phones using the physical fingerprints of the built-in compo-
evaluations. nents,” IEEE Communications Surveys & Tutorials, vol. 19, no. 3, pp.
1761–1789, 2017.
ACKNOWLEDGMENT [17] Y. Cheng, X. Ji, J. Zhang, W. Xu, and Y. Chen, “Demicpu: Device
fingerprinting with magnetic signals radiated by CPU,” in Proceedings of
This work was supported in part by the following foun- the 2019 ACM SIGSAC Conference on Computer and Communications
dations: National Natural Science Foundation of China un- Security. ACM, 2019, pp. 1149–1170.
derGrant 62002183 , in part by Zhejiang ProvincialNatural [18] O. Gungor and C. E. Koksal, “On the basic limits of rf-fingerprint-based
authentication,” IEEE Transactions on Information Theory, vol. 62,
Science Foundation of China under Grant LQ20F020012, in no. 8, pp. 4523–4543, 2016.
partby the Natural Science Foundation of Ningbo under Grant [19] M. Pamplona Segundo, S. Sarkar, D. Goldgof, L. Silva, and O. Bellon,
202003N4087. The Natural Science Foundation of Ningbo “Continuous 3d face authentication using rgb-d cameras,” in Proceedings
of the IEEE Conference on Computer Vision and Pattern Recognition
City under Grant No. 2021J090 and Ningbo Manicipal Com- Workshops, 2013, pp. 64–69.
monweal S&T Project under Grant No. 2022S005. [20] G. Baldini and I. Amerini, “Smartphones identification through the built-
in microphones with convolutional neural network,” IEEE Access, vol. 7,
pp. 158 685–158 696, 2019.
R EFERENCES [21] S. Dey, N. Roy, W. Xu, R. R. Choudhury, and S. Nelakuditi, “Accelprint:
[1] C. Wu, K. He, J. Chen, Z. Zhao, and R. Du, “Liveness is not enough: Imperfections of accelerometers make smartphones trackable.” in NDSS,
Enhancing fingerprint authentication with behavioral biometrics to defeat vol. 14. Citeseer, 2014, pp. 23–26.
puppet attacks,” in 29th USENIX Security Symposium. USENIX [22] O. Willers, C. Huth, J. Guajardo, and H. Seidel, “Mems gyroscopes
Association, 2020, pp. 2219–2236. as physical unclonable functions,” in Proceedings of the 2016 ACM
[2] A. Pinto, W. R. Schwartz, H. Pedrini, and A. Rocha, “Using visual SIGSAC Conference on Computer and Communications Security, 2016,
rhythms for detecting video-based facial spoof attacks,” IEEE Transac- pp. 591–602.
tions on Information Forensics and Security, vol. 10, no. 5, pp. 1025– [23] M. Sharif, S. Bhagavatula, L. Bauer, and M. K. Reiter, “Accessorize to
1038, 2017. a crime: Real and stealthy attacks on state-of-the-art face recognition,”
[3] T. Zhao, Y. Wang, J. Liu, Y. Chen, J. Cheng, and J. Yu, “Trueheart: in Proceedings of the 2016 ACM SIGSAC Conference on Computer and
Continuous authentication on wrist-worn wearables using ppg-based Communications Security. ACM, 2016, pp. 1528–1540.
biometrics,” in IEEE Conference on Computer Communications. IEEE, [24] C. Yan, Y. Long, X. Ji, and W. Xu, “The catcher in the field: A fieldprint
2020, pp. 30–39. based spoofing detection for text-independent speaker verification,” in
[4] Y. Cao, Q. Zhang, F. Li, S. Yang, and Y. Wang, “Ppgpass: Nonintrusive Proceedings of the 2019 ACM SIGSAC Conference on Computer and
and secure mobile two-factor authentication via wearables,” in IEEE IN- Communications Security. ACM, 2019, pp. 1215–1229.
FOCOM 2020-IEEE Conference on Computer Communications. IEEE, [25] J. Liu, C. Shi, Y. Chen, H. Liu, and M. Gruteser, “Cardiocam: Lever-
2020, pp. 1917–1926. aging camera on mobile devices to verify users while their heart is
[5] L. Bastos, T. Tavares, D. Rosário, E. Cerqueira, A. Santos, and pumping,” in Proceedings of the 17th Annual International Conference
M. Nogueira, “Double authentication model based on ppg and ecg on Mobile Systems, Applications, and Services, MobiSys 2019. ACM,
signals,” in 2020 International Wireless Communications and Mobile 2019, pp. 249–261.
Computing (IWCMC). IEEE, 2020, pp. 601–606. [26] W. Yang and S. Wang, “A privacy-preserving ecg-based authentication
system for securing wireless body sensor networks,” IEEE Internet
[6] N. Karimian, Z. Guo, M. M. Tehranipoor, and D. Forte, “Human
Things J., vol. 9, no. 8, pp. 6148–6158, 2022.
recognition from photoplethysmography (PPG) based on non-fiducial
features,” in IEEE International Conference on Acoustics, Speech and
Signal Processing, New Orleans, LA, USA, March 5-9, 2017. IEEE,
2017, pp. 4636–4640.
[7] S. Jana and S. K. Kasera, “On fast and accurate detection of unauthorized
wireless access points using clock skews,” IEEE Trans. Mob. Comput.,
vol. 9, no. 3, pp. 449–462, 2010.
249
Authorized licensed use limited to: Indian Institute of Information Technology Design & Manufacturing. Downloaded on August 16,2023 at 18:29:51 UTC from IEEE Xplore. Restrictions apply.