P2ESA: Privacy-Preserving Environmental Sensor-Based Authentication

Everyday behaviour is characterised by a myriad of specific features (e.g., the speed with which one types on a keyboard). With multimodal sensing capabilities, ubiquitous Internet of Things (IoT) devices can capture a range of different behavioural aspects of a person and thus provide an attractive basis for behaviour-based authentication. The rich collected data, however, may reveal more than just a user’s identity – a user’s current activity, can be disclosed by data collected with IoT sensors. In this work we address the need for a privacy-preserving sensor-based authentication system. Our approach harnesses adversarial deep learning and identifies a projection of the multimodal sensor data that maintains identity separability, yet obfuscates selected sensitive factors, thus ensuring that the authenticating authority can successfully identify the user, yet cannot uncover a user’s actions or features within the sensed environment. While conceptually elegant, the method requires distributed neural network training on resource constrained IoT devices. Therefore, we devise strategies for reducing the computational complexity of the model training and demonstrate that privacy-presrving behaviour authentication system can indeed be implemented over contemporary IoT devices. Our experiments, performed on two multimodal IoT datasets show that a user’s action or feature can be obfuscated to the level of a random guess, with a minimal impact on the identification accuracy.

KRASOVEC Andraz;  BALDINI Gianmarco;  PEJOVIC Veljko; 

2025-10-15

MDPI

JRC135049

1424-8220 (online),   

https://www.mdpi.com/1424-8220/25/15/4842,    https://publications.jrc.ec.europa.eu/repository/handle/JRC135049,   

10.3390/s25154842 (online),