Effect of attacker characterization in ECG-based continuous authentication mechanisms for Internet of Things Articles uri icon

publication date

  • April 2018

start page

  • 67

end page

  • 77


  • 81

International Standard Serial Number (ISSN)

  • 0167-739X

Electronic International Standard Serial Number (EISSN)

  • 1872-7115


  • Wearable devices enable retrieving data from their porting user, among other applications. When combining them with the Internet of Things (IoT) paradigm, a plethora of services can be devised. Thanks to IoT, several approaches have been proposed to apply user data, and particularly ElectroCardioGram (ECG) signals, for biometric authentication. One step further is achieving Continuous Authentication (CA), i.e., ensuring that the user remains the same during a certain period. The hardness of this task varies with the attacker characterization, that is, the amount of information about the attacker that is available to the authentication system. In this vein, we explore different ECG-based CA mechanisms for known, blind-modelled and unknown attacker settings. Our results show that, under certain configuration, 99.5 % of true positive rate can be achieved for a blind-modelled attacker, 93.5 % for a known set of attackers and 91.8 % for unknown ones. (C) 2017 Elsevier B.V. All rights reserved.


  • Computer Science


  • internet of things; electrocardiogram; continuous authentication; attacker model