HK40081046B - System and method for disentangling features specific to users, actions and devices recorded in motion sensor data - Google Patents

Description

Systems and methods for distinguishing user-, action-, and device-specific features recorded in motion sensor data.

Cross-references to related applications

This application is based on and claims priority to U.S. Provisional Patent Application Serial No. 62/957,653, filed January 6, 2020, entitled “System and Method for Disentangling Features Specific to Users, Actions and Devices Recorded in Motion Sensor Data,” the contents of which are incorporated herein by reference as if their entire contents were expressly set forth herein.

Technical Field

This application relates to systems and methods for extracting user features, and more particularly to systems and methods for extracting discriminative features of a device user from motion sensor data associated with the user.

Background Technology

When an attacker attempts to authenticate on an owner's smartphone, standard machine learning (ML) systems designed for smartphone user (owner) identification and authentication based on motion sensor data suffer severe performance and accuracy degradation (e.g., greater than 10%). This problem naturally occurs when the ML system fails to distinguish the user's discriminative characteristics from those of the smartphone device or from the discriminative characteristics of general actions (e.g., taking the phone off a table, answering a call, etc.). The problem arises because the signals recorded by motion sensors (e.g., accelerometers and gyroscopes) during the authentication session simultaneously contain all these characteristics (representing the user, action, and device).

One approach to this problem is to collect additional motion signals during user registration by either (a) requiring the user to authenticate on multiple devices while performing different actions (e.g., sitting in a chair, standing, switching hands, etc.) or (b) requiring the smartphone owner to have another person perform some authentication (to simulate a potential attack). However, both of these options are inconvenient for users.

Therefore, a more reliable and effective way is needed to extract the discriminative features of mobile device users.

Summary of the Invention

In a first aspect, a computer-implemented method is provided for distinguishing discriminative features of a user of a mobile device from motion signals captured by the mobile device. The mobile device has one or more motion sensors, a storage medium, instructions stored on the storage medium, and a processor configured to execute the instructions. In this method, each captured motion signal is segmented into segments by the processor. The segments are then transformed into transformed segments by the processor using one or more trained transformation algorithms. The segments and the transformed segments are then provided to a machine learning system by the processor. The discriminative features of the user are then extracted from the segments and the transformed segments by the machine learning system, which applies one or more feature extraction algorithms.

On the other hand, the user's discriminative characteristics are used to identify the user when the user uses the device in the future. On the other hand, one or more motion sensors include at least one of a gyroscope and an accelerometer. On the other hand, one or more motion signals correspond to one or more interactions between the user and the mobile device.

On the other hand, the motion signal includes discriminative features of the user, discriminative features of the actions performed by the user, and discriminative features of the mobile device. In a further aspect, the step of dividing one or more captured motion signals into segments eliminates the discriminative features of the actions performed by the user. In a further aspect, the step of converting the segments into transformed segments eliminates the discriminative features of the mobile device.

On the other hand, one or more trained transformation algorithms include one or more Cycle-GANs, and the transformed fragments include synthetic motion signals that simulate motion signals originating from another device.

On the other hand, the step of dividing one or more captured motion signals into segments includes dividing each motion signal into a fixed number of segments, wherein each segment has a fixed length.

In a second aspect, a computer-implemented method is provided for authenticating a user on a mobile device from motion signals captured by the mobile device. The mobile device has one or more motion sensors, a storage medium, instructions stored on the storage medium, and a processor configured to execute the instructions. In this method, the processor divides one or more captured motion signals into segments. The processor transforms the segments into transformed segments using one or more trained transformation algorithms. The processor provides the segments and transformed segments to a machine learning system. Then, by assigning scores to each of the segments and transformed segments, the processor classifies the segments and transformed segments as belonging to an authorized user or an unauthorized user. The processor then applies a voting scheme or a meta-learning model to the scores assigned to the segments and transformed segments. Finally, the processor determines whether the user is an authorized user based on the voting scheme or the meta-learning model.

On the other hand, the classification steps include: comparing the fragments and the transformed fragments with features of the authorized user extracted from sample fragments provided by the authorized user during the enrollment process, wherein the features are stored on a storage medium; and assigning a score to each fragment based on a classification model.

In another aspect, the one or more motion sensors include at least one of a gyroscope and an accelerometer. In another aspect, the step of dividing the one or more captured motion signals into segments includes dividing each motion signal into a fixed number of segments, and each segment having a fixed length. In another aspect, at least a portion of the segments overlaps.

On the other hand, one or more trained transformation algorithms include one or more Cycle-GANs, and the transformation steps include: transforming a fragment into a transformed fragment via a first generator, which mimics a fragment generated on another device; and transforming the transformed fragment again via a second generator to mimic a fragment generated on a mobile device.

On the other hand, the transformed segment includes a synthetic motion signal simulating motion signals originating from another device. On another hand, the provided steps include: extracting features from the segment and the transformed segment using one or more feature extraction techniques to form a feature vector; and applying a learned classification model to the feature vectors corresponding to the segment and the transformed segment.

In a third aspect, a system is provided for distinguishing discriminative features of a user of a mobile device from motion signals captured on the mobile device and authenticating the user on the mobile device, wherein the mobile device has at least one motion sensor. The system includes a network communication interface, a computer-readable storage medium, and a processor configured to interact with the network communication interface and the computer-readable storage medium and execute one or more software modules stored on the storage medium. The software modules include:

The segmentation module, when executed, configures the processor to divide each captured motion signal into segments;

The transformation module, when executed, configures the processor to use one or more trained Cyclic Consistent Generative Adversarial Networks (Cycle-GANs) to transform the fragments into transformed fragments.

The feature extraction module, when executed, configures the processor to extract the user-extracted discriminative features from the fragments and the transformed fragments, wherein the processor uses a machine learning system;

The classification module, when executed, configures the processor to assign scores to fragments and transformed fragments, and determines whether the fragments and transformed fragments belong to authorized users or unauthorized users based on the corresponding scores of these fragments;

The meta-learning module, when executed, configures the processor to apply a voting scheme or meta-learning model to the scores assigned to fragments and transformed fragments based on the stored fragments corresponding to the user.

On the other hand, at least one motion sensor includes at least one of a gyroscope and an accelerometer.

On the other hand, the conversion module configures the processor to: transform a fragment into a transformed fragment via a first generator, which mimics a fragment generated on another device; and re-transform the transformed fragment via a second generator to mimic a fragment generated on a mobile device.

On the other hand, the feature extraction module is further configured to apply a learned classification model to the extracted features corresponding to the fragment and the transformed fragment.

Attached Figure Description

Figure 1A discloses a high-level diagram of a system for distinguishing discriminative features of a user of a device from motion sensor data and authenticating the user from motion sensor data, according to at least one embodiment disclosed herein.

Figure 1B is a block diagram of a computer system for distinguishing discriminative features of a user of a device from motion sensor data and authenticating the user from motion sensor data, according to at least one embodiment disclosed herein.

Figure 1C is a block diagram of a software module for distinguishing discriminative features of a user of a device from motion sensor data and authenticating the user from motion sensor data, according to at least one embodiment disclosed herein.

Figure 1D is a block diagram of a computer system for distinguishing discriminative features of a user of a device from motion sensor data and authenticating the user from motion sensor data, according to at least one embodiment disclosed herein.

Figure 2 is a diagram illustrating an exemplary standard smartphone user identification system and flowchart based on machine learning according to one or more embodiments;

Figure 3 is a diagram illustrating an exemplary mobile device system and flowchart for identifying a user by removing features that distinguish actions based on machine learning, according to one or more embodiments;

Figure 4 is a diagram of an exemplary Cycle-GAN for signal-to-signal transformation according to one or more embodiments;

Figures 5A-5D illustrate a system and flowchart according to one or more embodiments for distinguishing discriminative features of a user of a mobile device from motion sensor data and authenticating the user from motion sensor data;

Figure 6A discloses a schematic block diagram illustrating a calculation flow for distinguishing discriminative features of a user of a device from motion sensor data, according to at least one embodiment disclosed herein; and

Figure 6B discloses a summary block diagram illustrating a computational flow for authenticating a user on a mobile device from motion sensor data according to at least one embodiment disclosed herein.

Detailed Implementation

This document discloses, through an overview and introduction, exemplary systems and methods for extracting or distinguishing discriminative features of smartphone users from motion signals and separating them from features that can be used to distinguish actions and devices without requiring any additional authentication by the user during registration. According to one or more embodiments of the method, in a first stage, action-distinguishing features are eliminated by cutting the signal into smaller blocks and applying a machine learning system independently to each of these blocks. It should be understood that the term "elimination" does not necessarily mean removing action (or device)-related signal features from the resulting motion data signal(s). Rather, the process effectively eliminates action-distinguishing features by obfuscating those discriminative features through independent processing of the signal blocks. In other words, since the system cannot reconstruct the entire signal from the smaller blocks, the user's actions corresponding to the motion signal (e.g., finger swipes, gestures) can no longer be recovered and recognized, and are therefore effectively eliminated. In a second stage, device-distinguishing features are effectively eliminated by employing a generative model (e.g., a generative adversarial network) to simulate authentication sessions on a predefined set of devices. The generative model is trained to take signal blocks from different devices as input and output similar signal blocks that replace features from the input device with discriminative features from other devices in a predefined group. After injecting features from different devices into a user's signal, the machine learning system can learn from the original and simulated signal blocks which features remain unchanged across devices. These are the features useful for distinguishing relevant users.

For example, the methods and systems described in this paper can be plugged into any machine learning system designed for smartphone user (owner) identification and authentication. The described methods and systems focus on the discriminative features of the user while eliminating features that distinguish between devices and actions. These methods and systems are validated in a set of experiments, and their benefits are empirically demonstrated.

Figure 1A discloses a schematic diagram of a system 100 according to at least one embodiment for distinguishing discriminative features of a user from motion sensor data and authenticating the user from motion sensor data. This method can be implemented using one or more aspects of the system 100, as described in further detail below. In some embodiments, the system 100 includes a cloud-based system server platform that communicates with user-operated fixed PCs, servers, and devices such as smartphones, tablets, and laptops.

In one arrangement, system 100 includes a system server (back-end server) 105 and one or more user devices including one or more mobile devices 101. While the system and methods are generally described as being implemented in part with mobile devices (e.g., smartphones), in at least one embodiment, the system and methods can be implemented on other types of computing devices (such as workstations, personal computers, laptops, access control devices, or other suitable digital computers). For example, while user-facing devices like mobile devices 101 typically capture motion signals, one or more of the exemplary processing operations are designed to distinguish discriminative features of a user from the motion signals, and authentication/identification can be performed by system server 105. System 100 may also include one or more remote computing devices 102.

System server 105 can be any computing device or data processing apparatus capable of communicating with user equipment and remote computing devices and receiving, transmitting, and storing electronic information and processing requests, as further described herein. Similarly, remote computing device 102 can be any computing device or data processing apparatus capable of communicating with system server or user equipment and receiving, transmitting, and storing electronic information and processing requests, as further described herein. It should also be understood that system server or remote computing device can be any number of networked or cloud-based computing devices.

In one or more embodiments, one or more user devices and one or more mobile devices 101 may be configured to communicate with each other, communicate with system server 105 or remote computing device 102, transmit electronic information to and receive electronic information from it. The user devices may be configured to capture and process motion signals from the user, such as one or more gestures (interactions) from the user 124.

One or more mobile devices 101 may be any mobile computing device or data processing apparatus capable of embodying the systems and methods described herein, including but not limited to personal computers, tablet computers, personal digital assistants, mobile electronic devices, cellular phones, or smartphones.

It should be noted that although Figure 1A depicts a system 100 for discriminative characteristics to distinguish users and for user authentication with respect to one or more mobile devices 101 and remote computing devices 102, any number of such devices can interact with the system in the manner described herein. It should also be noted that although Figure 1A depicts a system 100 for discriminative characteristics to distinguish users and for authentication with respect to user 124, any number of users can interact with the system in the manner described herein.

It should be further understood that while the various computing devices and machines referenced herein (including, but not limited to, one or more mobile devices 101 and system server 105 and remote computing device 102) are referred to herein as individuals or single devices and machines, in some embodiments, the referenced devices and machines, as well as their associated or accompanying operations, features and functions, may be combined or arranged across multiple such devices or machines or otherwise employed, such as via network or wired connections, as known to those skilled in the art.

It should also be understood that the exemplary systems and methods described herein in the context of one or more mobile devices 101 (also known as smartphones) are not specifically limited to mobile devices and can be implemented using other enabled computing devices.

Referring now to FIG1B, the mobile device 101 of system 100 includes various hardware and software components for enabling the system to operate, including one or more processors 110, memory 120, microphone 125, display 140, camera 145, audio output 155, storage device 190, and communication interface 150. Processor 110 is used to execute client applications in the form of software instructions that can be loaded into memory 120. Processor 110 can be any number of processors, a central processing unit (CPU), a graphics processing unit (GPU), a multi-processor core, or any other type of processor, depending on the implementation.

Preferably, the memory 120 and/or storage device 190 are accessible by the processor 110, enabling the processor to receive and execute instructions encoded in the memory and/or storage device to cause the mobile device and its various hardware components to perform aspects of the systems and methods described in more detail below. For example, the memory may be random access memory (RAM) or any other suitable volatile or non-volatile computer-readable storage medium. Furthermore, the memory may be fixed or removable. The storage device 190 may take various forms depending on the implementation. For example, the storage device may include one or more components or devices such as a hard disk drive, flash memory, rewritable optical disk, rewritable magnetic tape, or some combination thereof. The storage device may also be fixed or removable.

One or more software modules 130 may be encoded in storage device 190 and/or memory 120. Software module 130 may include one or more software programs or application programs having computer program code or a set of instructions that execute in processor 110. In an exemplary embodiment, as depicted in FIG1C, preferably included in software module 130 are a user interface module 170, a feature extraction module 172, a segmentation module 173, a classification module 174, a meta-learning module 175, a database module 176, a communication module 177, and a conversion module 178 that are executed by processor 110. Such computer program code or instructions configure processor 110 to perform the operations of the systems and methods disclosed herein and may be written in any combination of one or more programming languages.

Specifically, user interface module 170 may include one or more algorithms for performing steps related to capturing motion signals from a user and authenticating the user's identity. Feature extraction module 172 may include one or more feature extraction algorithms (e.g., machine learning algorithms) for performing steps related to extracting discriminative features of the user from segments and transformed segments of the user's motion signal. Segmentation module 173 may include one or more algorithms for performing steps related to segmenting the captured motion signal into segments. Transformation module 178 includes one or more transformation algorithms for performing steps related to transforming segments of the motion signal into transformed segments. Classification module 174 includes one or more algorithms for performing steps related to scoring segments and transformed segments (e.g., assigning class probabilities to them). Meta-learning module 175 includes one or more algorithms (e.g., voting schemes or meta-learning models) for performing steps related to integrating the scores assigned to segments and transformed segments to identify or reject users attempting authentication. Database module 176 includes one or more algorithms for storing or saving data related to motion signals, segments, or transformed segments to database 185 or storage device 190. The communication module 177 includes one or more algorithms for transmitting and receiving signals between computing devices 101, 102 and/or 105 of the system 100.

The program code can execute entirely as a standalone software package on mobile device 101, partially on mobile device, partially on system server 105, or entirely on system server or another remote computer or device. In the latter case, the remote computer can connect to mobile device 101 via any type of network, including local area network (LAN) or wide area network (WAN), mobile communication network, cellular network, or the connection can be used for external computers (e.g., using an internet service provider via the internet).

In one or more embodiments, the program code of software module 130 and one or more computer-readable storage devices (such as memory 120 and/or storage device 190) forms a computer program product that can be made and/or distributed according to the present invention, as known to those skilled in the art.

In some exemplary embodiments, one or more of the software modules 130 may be downloaded from another device or system to storage device 190 via a network through communication interface 150 for use within system 100. Furthermore, it should be noted that other information and/or data (such as database 185) related to the operation of this system and method may also be stored on the storage device. Preferably, such information is stored on an encrypted data repository specifically allocated for securely storing information collected or generated by a processor performing a secure authentication application. Preferably, encryption measures are used to store information locally on the mobile device storage and to transmit information to system server 105. For example, such data may be encrypted using a 1024-bit polymorphic cipher or (depending on the derived control) AES 256-bit encryption method. Furthermore, encryption may be performed using a remote key (seed) or a local key (seed). As those skilled in the art will understand, alternative encryption methods, such as SHA256, may be used.

Furthermore, user motion sensor data or mobile device information can be used as an encryption key to encrypt data stored on one or more mobile devices 101 and/or system server 105. In some embodiments, the foregoing combination can be used to create a complex, unique key for the user, which can be encrypted using elliptic curve cryptography (preferably at least 384 bits in length) on the mobile device. Additionally, this key can be used to protect user data stored on the mobile device or system server.

Furthermore, in one or more embodiments, database 185 is stored on storage device 190. As will be described in more detail below, database 185 contains or maintains various data items and elements used throughout the various operations of system 100 and methods for distinguishing users' discriminative characteristics and user authentication. The information stored in the database may include, but is not limited to, user motion sensor data templates and profile information, as will be described in more detail herein. It should be noted that although the database is depicted as being locally configured to mobile device 101, in some embodiments, the database or the various data elements stored therein may be additionally or alternatively remotely located (such as on remote device 102 or system server 105—not shown) and connected to the mobile device via a network in a manner known to those skilled in the art.

User interface 115 is also operatively connected to the processor. The interface may be one or more input or output devices, such as one or more switches, buttons, keys, touchscreens, microphones, etc., as will be understood in the field of electronic computing devices. User interface 115 is used to facilitate the capture of commands from the user, such as switch commands, or user information and settings related to the operation of system 100 for user identification. For example, in at least one embodiment, interface 115 may be used to facilitate the capture of certain information from one or more mobile devices 101, such as personal user information for registering with the system in order to create a user profile.

Mobile device 101 may also include display 140, which is also operatively connected to processor 110. The display includes a screen or any other such presentation device that enables the system to guide the user or otherwise provide feedback to the user regarding discriminative characteristics and user authentication of system 100. By way of example, the display may be a digital display, such as a dot-matrix display or other two-dimensional display.

As further exemplified, as is common in smartphones (such as mobile device 101), the interface and display can be integrated into a touchscreen display. Therefore, the display also serves to show a graphical user interface (GUI), which can display various data and provide "tables" including fields allowing users to input information. Touching the touchscreen at a location corresponding to the GUI display allows the user to interact with the device to input data, change settings, control functions, etc. Thus, when the touchscreen is touched, the user interface transmits this change to the processor, and can either change settings or capture user input and store it in memory.

Mobile device 101 may also include a camera 145 capable of capturing digital images. Mobile device 101 or camera 145 may also include one or more light or signal emitters (e.g., LEDs, not shown), such as visible light emitters or infrared light emitters. The camera may be integrated into the mobile device, such as a front-facing or rear-facing camera containing a sensor (e.g., but not limited to, a CCD or CMOS sensor). As those skilled in the art will understand, camera 145 may also include additional hardware such as lenses, light meters (e.g., lux meters), and other conventional hardware and software features that can be used to adjust image capture settings such as zoom, focus, aperture, exposure, shutter speed, etc. Alternatively, the camera may be external to mobile device 101. Possible variations of the camera and light emitter will be understood by those skilled in the art. Furthermore, as those skilled in the art will understand, the mobile device may also include one or more microphones 125 for capturing audio recordings.

Audio output 155 is also operatively connected to processor 110. The audio output can be any type of speaker system configured to play electronic audio files, as those skilled in the art will understand. The audio output can be integrated into or external to mobile device 101.

Various hardware devices or sensors 160 may also be operatively connected to the processor. For example, sensors 160 may include: an onboard clock for tracking the time of day, etc.; a GPS-enabled device for determining the location of a mobile device; a gravimeter for detecting the Earth's magnetic field to determine the three-dimensional orientation of the mobile device; a proximity sensor for detecting the distance between the mobile device and other objects; an RF radiation sensor for detecting RF radiation levels; and other such devices as those skilled in the art will understand.

One or more mobile devices 101 also include an accelerometer 135 and/or a gyroscope 136 configured to capture motion signals from the user 124. In at least one embodiment, the accelerometer may also be configured to track the orientation and acceleration of the mobile device. The mobile device 101 may be configured to provide accelerometer and gyroscope values to a processor 110 executing various software modules 130, including, for example, a feature extraction module 172, a classification module 174, and a meta-learning module 175.

Communication interface 150 is also operatively connected to processor 110 and can be any interface capable of communication between mobile device 101 and external devices, machines, and/or components, including system server 105. Preferably, the communication interface includes, but is not limited to, modems, network interface cards (NICs), integrated network interfaces, radio frequency transmitters/receivers (e.g., Bluetooth, cellular, NFC), satellite communication transmitters/receivers, infrared ports, USB connections, and/or any other such interfaces for connecting mobile devices to other computing devices and/or communication networks (such as private networks and the Internet). Such connections can include wired or wireless connections (e.g., using the 802.11 standard), but it should be understood that the communication interface can in practice be any interface capable of communicating to and from the mobile device.

At various points during the discriminative characteristics and user authentication operations of system 100, mobile device 101 may communicate with one or more computing devices (such as system server 105 and/or remote computing device 102). Such computing devices transmit data to and/or receive data from mobile device 101, thereby preferably initiating, maintaining, and/or enhancing the operation of system 100, as will be described in more detail below.

Figure 1D is a block diagram illustrating an exemplary configuration of system server 105. System server 105 may include processor 210 operatively connected to various hardware and software components that enable system 100 to operate for distinguishing discriminative features and user identification. Processor 210 is used to execute instructions to perform various operations related to user identification, as will be described in more detail below. Processor 210 may be multiple processors, multiprocessor cores, or some other type of processor, depending on the specific implementation.

In some implementations, processor 210 may access memory 220 and/or storage device 290, thereby enabling processor 210 to receive and execute instructions stored on memory 220 and/or storage device 290. Memory 220 may be, for example, random access memory (RAM) or any other suitable volatile or non-volatile computer-readable storage medium. Furthermore, memory 220 may be fixed or removable. Storage device 290 may take various forms depending on the specific implementation. For example, storage device 290 may include one or more components or devices such as hard disk drives, flash memory, rewritable optical discs, rewritable magnetic tapes, or some combination thereof. Storage device 290 may also be fixed or removable.

One or more software modules 230 are encoded in storage device 290 and/or memory 220. One or more of the software modules 230 may include one or more software programs or application programs having computer program code or a set of instructions that execute in processor 210. In one embodiment, software module 230 may include one or more of the software modules 130. Such computer program code or instructions for performing aspects of the systems and methods disclosed herein may be written in any combination of one or more programming languages, as will be understood by those skilled in the art. The program code may execute entirely as a standalone software package on system server 105, partially on system server 105 and partially on remote computing devices (such as remote computing device 102 and/or (one or more) mobile devices 101), or entirely on such remote computing devices. In one or more embodiments, as depicted in FIG1B, preferably, included in software module 230 are a feature extraction module 172, a segmentation module 173, a classification module 174, a meta-learning module 175, a database module 176, a communication module 177, and a conversion module 178 that can be executed by the processor 210 of the system server.

Furthermore, preferably, the data stored on storage device 290 is database 280. As will be described in more detail below, database 280 contains or maintains various data items and elements used throughout the various operations of system 100, including but not limited to user profiles, as will be described in more detail herein. It should be noted that although database 280 is depicted as being locally configured to computing device 105, in some embodiments, database 280 or the various data elements stored therein may be stored on a computer-readable storage medium or storage medium that is remotely located and connected to system server 105 via a network (not shown) in a manner known to those skilled in the art.

Communication interface 250 is also operatively connected to processor 210. Communication interface 250 can be any interface capable of communicating between system server 105 and external devices, machines, or components. In some implementations, communication interface 250 includes, but is not limited to, modems, network interface cards (NICs), integrated network interfaces, radio frequency transmitters/receivers (e.g., Bluetooth, cellular, NFC), satellite communication transmitters/receivers, infrared ports, USB connections, or any other such interfaces for connecting computing device 105 to other computing devices or communication networks (such as private networks and the Internet). Such connections can include wired or wireless connections (e.g., using the 802.11 standard), but it should be understood that communication interface 250 can, in effect, be any interface capable of communicating to and from processor 210.

The operation of system 100 and its various elements and components can be further understood with reference to, for example, the methods for using motion sensor data to distinguish discriminative characteristics of users and for user authentication described in Figures 2, 3, 4, 5A-5D, and 6A-6B. The processes depicted herein are shown from the perspective of mobile device 101 and/or system server 105; however, it should be understood that these processes may be performed wholly or partially by mobile device(s) 101, system server 105, and/or other computing devices (e.g., remote computing device 102), or any combination thereof. It should be understood that more or fewer operations may be performed than those shown in the figures and described herein. These operations may also be performed in a different order than those described herein. It should also be understood that one or more of the steps may be performed by mobile device 101 and/or on other computing devices (e.g., system server 105 and remote computing device 102).

Several motion sensor-based user behavior authentication (UBA) systems for smartphone users have been proposed in recent literature. Modern systems achieving top-tier accuracy rely on machine learning (ML) and deep learning principles to learn discriminative models, as illustrated in "N. Neverova, C. Wolf, G. Lacey, L. Fridman, D. Chandra, B. Barbello, G. Taylor. Learning Human Identity from Motion Patterns. IEEE Access, vol. 4, pp. 1810-1820, 2016". However, such models are evaluated on datasets collected from smartphone users, with each device having one user (legitimate owner).

Figure 2 shows a hybrid system and process flowchart illustrating a standard smartphone user identification system based on machine learning, according to one or more embodiments. Specifically, Figure 2 shows the execution flow of a typical UBA system 300 that can be implemented using a smartphone. As shown in Figure 2, in the typical UBA system 300, accelerometer or gyroscope signals are recorded during each authentication or registration session. The signals are then provided as input to a machine learning system. System 300 extracts features and learns a model from a set of training samples collected during user registration. During user authentication, the trained model classifies the signals as belonging to the owner (authorized session) or belonging to a different user (rejected session). Specific example steps of the UBA system 300 are shown below:

1. Capture signals from built-in sensors (such as accelerometers and gyroscopes) during user registration or authentication.

2. Within the ML system, a set of feature extraction techniques are used to extract relevant features from the signal.

3. During the registration period, within the ML system, a classification model is trained on the feature vectors corresponding to the signals recorded during the user registration period.

4. During authentication, within the ML system, a learned classification model is used on the corresponding feature vectors to distinguish legitimate users (smartphone owners) from potential attackers.

In this setup, the decision boundary of the ML system may be influenced by the discriminative characteristics of the device or action, rather than the discriminative characteristics of the user. Experiments were conducted to test this hypothesis. Empirical results show that it is indeed easier to rely on device-specific characteristics than user-specific characteristics. This problem has not been pointed out or addressed in previous literature. However, this problem arises when an attacker can take possession of a smartphone owned by a legitimate user and attempt to authenticate applications protected by a UBA system. Furthermore, an attacker can impersonate a legitimate user after thoroughly analyzing and mimicking the movements performed during authentication. If the ML system relies on more salient characteristics representing the device or action, it is likely to grant the attacker access to the application. Therefore, the ML system will have an increased false positive rate and will be unable to reject such attacks.

To address this issue, system 300 could be configured to require users to authenticate using different movements on multiple devices (e.g., with the left hand, right hand, sitting, standing, etc.), and to obtain negative samples from the same device, system 300 could prompt the user to have someone else conduct several authentication sessions on their own device. However, all of these are impractical solutions, resulting in a cumbersome registration process.

Therefore, this document provides a method and system that offer a practical two-stage solution to the inherent problems of motion sensor-based UBA systems, namely, by distinguishing the discriminative characteristics of the user from the discriminative characteristics of the device and the action. In one or more embodiments of this application, the disclosed method consists of the following two main processing stages:

1. To eliminate features that distinguish user movements or actions (e.g., finger swipes, gestures), the motion signal is broken into very small blocks, and an ML system is applied to each individual block. Since the entire signal cannot be reconstructed from these blocks, movement (general actions performed by the user) can no longer be identified. However, these small blocks of the original signal still contain discriminative features of the user and the device.

2. To eliminate device-distinguishing features, a set of transformation algorithms (e.g., generative models, such as Cyclic Consistent Generative Adversarial Networks for short Cycle-GANs) are applied to simulate authentication sessions on a predefined set of devices. The generative models are trained to take a block of signals as input and output a similar block containing features from our predefined set of devices. After injecting features from different devices into the signals of a particular user, the ML system can learn which features do not change across devices. These are the features that help distinguish the corresponding user.

In the second stage, by using one or more transformation algorithms, such as Cycle-GAN, a smartphone-to-smartphone user behavior transformation is achieved. This helps to mask features describing smartphone sensors and reveal characteristics shaping user behavior. A positive consequence of clarifying legitimate user behavior is that the UBA system becomes more vigilant and harder to fool, i.e., the false alarm rate is reduced. In one or more embodiments, the disclosed system (e.g., system 100) and method provide an enhanced UBA system, or can alternatively be incorporated into conventional UBA systems to enhance existing UBA systems.

Conventionally, common mobile device authentication mechanisms such as PINs, pattern passwords, and fingerprint scanning offer limited security. These mechanisms are susceptible to guessing (or, in the case of fingerprint scanning, spoofing) and are vulnerable to side-channel attacks such as smearing, reflection, and video capture attacks. Therefore, continuous authentication methods based on behavioral biometric signals have attracted attention in both academia and industry.

The first research paper analyzing accelerometer data to identify the gait of mobile device users is "E. Vildjiounaite, S.-M. Makela, M. Lindholm, R. Riihimaki, V. Kyllonen, J. Mantyjarvi, H. Ailisto. Unobtrusive multimodal biometrics for ensuring privacy and information security with personal devices. In: Proceedings of International Conference on Pervasive Computing, 2006."

Subsequently, the research community proposed various UBA systems, such as: "N. Clarke, S. Furnell. Advanced user authentication for mobile devices. Computers & Security, vol. 26, no. 2, 2007" and "P. Campisi, E. Maiorana, M. Lo Bosco, A. Neri. User authentication using keystroke dynamics for cellular phones. Signal Processing." "IET, vol.3, no.4, 2009", which focuses on keystroke dynamics, and "C. Shen, T. Yu, S. Yuan, S., Y. Li, X. Guan. Performance analysis of motion-sensor behavior for user authentication on smartphones. Sensors, vol.16, no.3, pp.345-365, 2016", and "A. Buriro, B. Crispo, F. Del Frari, K. Wrona. Hold & Sign: A Novel". “Behavioral Biometrics for Smartphone User Authentication. In: Proceedings of Security and Privacy Workshops, 2016”, “G. Canfora, P. di Notte, F. Mercaldo, C.A. Visaggio. A Methodology for Silent and Continuous Authentication in Mobile Environment. In: Proceedings of International Conference on E-Business and Telecommunications, pp. 241-265, 2016”, “N. Neverova, C. Wolf, G. Lacey, L. Fridman, D. Chandra, B. Barbello, G. Taylor. Learning Human Identity from Motion Patterns. IEEE Access, vol. 4, pp. 1810-1820, 2016”, which focuses on machine or deep learning technologies.

The methods proposed in research literature or patents do not address the issue of motion signals that collectively contain user-, action-, and device-specific characteristics. Recent work has reported high performance levels when users perform authentication on their own devices. In this setting, it is unclear whether the high accuracy of the machine learning model is due to the model's ability to distinguish between users or devices. This problem arises because each user authenticates on their own device, and devices are not shared among users.

Experiments involving authenticating a group of users on a set of devices, with each user authenticating on each device, revealed that distinguishing devices (with approximately 98% accuracy) is actually easier than distinguishing users (with approximately 93% accuracy). This suggests that the UBA systems proposed in research literature and patents are more likely to perform well because they rely on device-specific features rather than user-specific characteristics. Such systems tend to have high false positive rates when an attacker performs authentication on a device stolen from the owner (where the attacker is authorized to enter the system).

Since this problem has not been discussed in the literature, the disclosed systems and methods are first-time solutions to the task of distinguishing user-, action-, and device-specific features, at least in the context of user recognition based on motion signals from smartphone sensors. In at least one embodiment, the method includes one or more of two stages/paths, one stage/path distinguishing user- and device-specific features from action-specific features, and another stage/path distinguishing user-specific features from device-specific features.

The latter approach is inspired by recent research on image style transfer based on generative adversarial networks (GANs). In “I. Goodfellow, J. Pouget-Abadie, M. Mirza, B. Xu, D. Warde-Farley, S. Ozair, A. Courville, Y. Bengio. Generative Adversarial Nets. In: Proceedings of Advances in Neural Information Processing Systems, pp. 2672-2680, 2014,” the authors introduce GANs, a model consisting of two neural networks, a generator, and a discriminator, which learns the distribution of training samples by minimizing the Kullback-Leibler divergence to generate new (realistic) images. Several other GAN-based approaches are proposed for mapping the distribution of a set of source images to a set of target images (i.e., performing style transfer). For example, methods such as “J.Y. Zhu, T. Park, P. Isola, A.A. Efros. Unpaired image-to-image translation using cycle-consistent adversarial networks. In: Proceedings of IEEE International Conference on Computer Vision, pp. 2223-2232, 2017” and “J. Kim, M. Kim, H. Kang, K. Lee. U-GAT-IT: Unsupervised generative attentional networks with adaptive layer-instance normalization for image-to-image translation. arXiv preprint arXiv:1907.10830, 2019” add a cycle-consistency loss between the target and source distributions. However, these existing methods are specific to image style transfer.

In one or more embodiments of this application, a deep generative neural network adapts to motion signal data by focusing on signal transfer features from motion sensor data signals in the temporal domain. More specifically, the convolutional and pooling layers, which are central components of the deep generative neural network, are modified to perform convolution and pooling operations only in the temporal domain, respectively. Furthermore, in at least one embodiment, a recurrent consistent GAN is used to transfer signals in a multi-domain setting (e.g., a multi-device setting that may include three or more devices). In contrast, existing GANs operate in the image domain and are applied to transfer style only between two domains (e.g., between natural images and paintings).

According to one or more embodiments, and as described above, a two-stage method is provided to distinguish discriminative features of a user from discriminative features of a device and actions.

The first stage primarily involves preprocessing the signals before feeding them as input to the ML system. Preprocessing includes dividing the signal into several blocks. The number of blocks, their lengths, and the intervals used for block selection are parameters of the proposed preprocessing stage, and they can have a direct impact on accuracy and time. For example, a fixed number of blocks and a fixed length for each block are set. In this case, the intervals used to extract the blocks are calculated from the signal, taking into account the signal length. Faster authentication will produce shorter signals and the blocks may overlap, while slower authentication will produce longer signals and the blocks may not cover the entire signal (some parts will be lost). Another example is a fixed interval and signal length, resulting in a different number of blocks depending on the length of the input signal. Yet another example is a fixed number of blocks and the calculation of intervals and corresponding lengths to cover the entire input signal. All the exemplified cases (and further similar cases) are covered by the preprocessing approach of this application performed by the disclosed system. As illustrated in Figure 3, the resulting blocks are further subjected to the feature extraction and classification pipeline of the exemplary UBA system.

Figure 3 shows a flowchart 305 illustrating an exemplary mobile device system and process for user identification by removing features that distinguish actions based on machine learning, according to one or more embodiments. In one embodiment, the process may be implemented using one or more components of system 100 (e.g., mobile device 100, system server 105 alone or in combination). As shown in Figure 3, accelerometer or gyroscope signals (motion signals) 310 are recorded by mobile device 101 during each authentication session. Signal 310 is then divided by the system (e.g., the processor of mobile device 100 and/or system server 105) into N smaller (potentially overlapping) blocks or fragments 315. Blocks 315 are considered individual samples and are provided as input to a machine learning system. The machine learning system then extracts features and learns a model on a set of training samples collected during user registration. During user authentication, the machine learning system classifies blocks 315 as belonging to the owner or to a different user. Meta-learning pathways or (weighted) majority voting may be applied to the labels or scores assigned to the blocks (extracted from the signals recorded during the authentication session) to authorize or deny the session.

The exemplary systems and methods disclosed herein can be implemented using motion sensor data captured during implicit and/or explicit authentication sessions. Explicit authentication refers to an authentication session in which the user is prompted to perform a prescribed action using a mobile device. In contrast, implicit authentication refers to a user authentication session performed without explicitly prompting the user to perform any action. The purpose of dividing the motion signal 310 into blocks 315 (i.e., applying the preprocessing described above) is to eliminate features that distinguish actions. During explicit or implicit authentication, the user can perform different actions, although explicit authentication may exhibit lower variability. In fact, during an explicit authentication session, the user is likely to always perform the same steps, such as scanning a QR code, pointing the smartphone at their face, placing their finger on a fingerprint scanner, etc. However, these steps can be performed using one hand (left or right) or both hands, and the user can perform them while sitting in a chair, standing, or walking. In each of these cases, the recorded motion signal will be different. Problems may arise if the user performs authentication steps with one hand during registration and with the other hand during authentication, because the trained ML model will not generalize such changes well. In this scenario, a conventional system would reject legitimate users, resulting in a high false positive rate. The same situation is even more prevalent in implicit user authentication, i.e., when a user interacts with data-sensitive applications (such as banking applications). In this setup, not only can the way the hand moves or the user's posture differ, but the actions the user performs (tapping gestures at different locations on the screen, swiping gestures in different directions, etc.) can also differ. The most straightforward way to separate (classify) such actions is to observe the change in motion signal over time from the beginning to the end of the recording. However, the aim here is to eliminate the system's ability to separate actions. If the motion signal 310 is separated into small pieces 315, and these pieces are processed independently, as implemented in one or more embodiments of the disclosed system for distinguishing discriminative features of a smartphone user from motion signals, the ML system will no longer have the opportunity to treat the entire recorded signal as a whole. Since it is unknown where each piece went, the ML system cannot discern actions; actions can only be identified by examining the entire recording. This occurs because putting the pieces back together in different orders will correspond to different actions. It was observed that the signal preprocessing stage of this method improved discrimination accuracy by 4% when the user performed a set of actions during training the ML system and a different set of actions during testing. Since the ML system makes decisions for each block (e.g., generating labels or calculating scores), the system can apply a voting scheme or meta-learning model to a set of decisions corresponding to authentication in order to determine whether the user performing the authentication is legitimate.

As is well known, due to their inherent defects, hardware sensors can be easily identified by examining their outputs, as detailed in “N. Khanna, A.K. Mikkilineni, A.F. Martone, G.N. Ali, G.T.C. Chiu, J.P. Allebach, E.J. Delp. A survey of forensic characterization methods for physical devices. Digital Investigation, vol.3, pp.17-28, 2006”. For example, in "K.R. Akshatha, A.K. Karunakar, H. Anitha, U. Raghavendra, D. Shetty. Digital camera identification using PRNU: A feature-based approach. Digital Investigation, vol. 19, pp. 69-77, 2016", the authors describe a method for identifying smartphone cameras by analyzing captured photos. In "A. Ferreira, L.C. Navarro, G. Pinheiro, J.A. dos Santos, A. Rocha. Laserprinter attribute: Exploring new features and beyond. Forensic Science International, vol. 247, pp. 105-125, 2015", the authors propose a method for identifying laser printers by analyzing printed pages. Similarly, accelerometer and gyroscope sensors can be uniquely identified by analyzing the generated motion signals. This means that motion signals recorded during user registration and authentication will inherently contain discriminative characteristics of the device. Based on data from previous systems, it has been determined that identifying smartphones based on recorded motion signals (98% accuracy) is much easier than identifying users (93% accuracy) or actions (92% accuracy).

While dividing the signal into blocks eliminates the distinguishing features of the action, it does not alleviate the problems caused by the distinguishing features of the device. The main problem is that the discriminative features of the device and the discriminative features of the user (smartphone owner) are entangled in the motion signals recorded during user registration and in the blocks obtained after our preprocessing steps.

Based on a further highlighted aspect, the system and method disclosed herein for distinguishing discriminative features of smartphone users from motion signals provides a solution to this problem that does not require the user (smartphone owner) to perform additional steps beyond standard registration using a single device. The disclosed method and system for distinguishing user discriminative features of a device from motion sensor data and authenticating the user from motion sensor data are partly inspired by the success of cycle-consistent generative adversarial networks (GANs) in image-to-image transformations, which leverage style transfer. As shown in “J.Y. Zhu, T. Park, P. Isola, A.A. Efros. Unpaired image-to-image translation using cycle-consistent adversarial networks. In: Proceedings of IEEE International Conference on Computer Vision, pp. 2223-2232, 2017”, Cycle-GAN can replace the style of an image with a different style while preserving its content. Similarly, the disclosed systems and methods replace the device used to record motion signals with a different device while preserving the user's discriminative characteristics. However, as mentioned above, existing methods are specific to image style transfer, while the approach disclosed herein is specifically for transferring features in the time domain from motion sensor data signals of a particular device to signals simulated for another device.

Therefore, in one or more embodiments, system 100 implements at least one transformation algorithm (such as Cycle-GAN) for signal-to-signal transformation, as illustrated in FIG4. Specifically, FIG4 is an exemplary Cyclic Consistent Generative Adversarial Network (Cycle-GAN) 400 for signal-to-signal transformation according to one or more embodiments. As shown in FIG4 and according to at least one embodiment, an input signal x recorded on device X is transformed using generator G to make it appear as if it were recorded on a different device Y. The signal is transformed back to the original device X using generator F. Discriminator _DY distinguishes the signal recorded on device Y from the signal generated by G. Generator G is optimized to fool discriminator _{DY ,} which is optimized to separate samples in an adversarial manner. Furthermore, the generative adversarial network (formed by generators G and F and discriminator _DY ) is optimized to reduce the reconstruction error computed after transforming signal x back to the original device X. In at least one embodiment, optimization is performed using stochastic gradient descent (or one of its many variations), an algorithm commonly used to optimize neural networks, as those skilled in the art will understand. The gradient is calculated with respect to the loss function and backpropagated through the neural network using the chain rule, as those skilled in the art will understand. In one or more embodiments, an evolutionary algorithm may be used to perform optimization of the neural network. However, it should be understood that the disclosed methods are not limited to optimizations performed via gradient descent or evolutionary algorithms.

Reconstruction error is added to the overall loss function to ensure cycle consistency. In addition to transforming from device X to device Y, Cycle-GAN is simultaneously trained to transform from device Y to device X. Therefore, the disclosed system and method ultimately transform signals in both directions. In one or more embodiments, the loss function used to train Cycle-GAN to perform signal-to-signal transformations in both directions is:

,in:

G and F are generators;

· _DX and _SY are discriminators;

• x and y are motion signals (blocks) from device X and device Y, respectively;

λ is a parameter that controls the importance of cycle consistency relative to the GAN loss;

• is the cross-entropy loss corresponding to the transformation from device X to device Y, where E[■] is the expected value and Pdata(■) is the probability distribution of the data sample;

• This is the cross-entropy loss corresponding to the transformation from device Y to device X;

· is the sum of the cycle consistency losses of the two transformations, where ||■|| ¹ is the l- ₁ norm.

As an addition to or alternative to Cycle GAN, the U-GAT-IT model, introduced in "J. Kim, M. Kim, H. Kang, K. Lee. U-GAT-IT: Unsupervised generative attentional networks with adaptive layer-instance normalization for image-to-image translation. arXiv preprint arXiv:1907.10830,2019", can be incorporated into current systems and methods for signal-to-signal transformation. The U-GAT-IT model incorporates attention modules in both the generator and discriminator, and also incorporates a normalization function (adaptive layer instance normalization) to improve the transformation from the source domain to the target domain. The attention map is obtained using an auxiliary classifier, while the parameters of the normalization function are learned during training. In at least one embodiment, the loss function used to train U-GAT-IT is:

in:

G and F are generators;

· _DX and _SY are discriminators;

• x and y are motion signals (blocks) from device X and device Y, respectively;

_λ1 , _λ2 , _λ3 and _λ4 are parameters that control the importance of various loss components;

• It is the least squares loss corresponding to the transformation from device X to device Y;

• It is the least squares loss corresponding to the transformation from device Y to device X;

• is the sum of the cycle consistency losses of the two transformations and ||■|| ¹ is the l- ₁ norm;

• It is the sum of identity losses that ensure the amplitude distributions of the input and output signals are similar;

• is the sum of least squares losses introduced by the attention map.

In one or more embodiments, to obtain transfer results that generalize across multiple devices, several Cycle-GAN (or U-GAT-IT) models are used to transfer signals between several device pairs. In at least one embodiment, a fixed number of smartphones T are set up and motion signals are collected from each of the T devices. In one or more embodiments, a fixed number of users are set up to perform registration on each of the T devices. Data collection is completed before the UBA system is deployed to production, i.e., end users are never required to perform registration on the T devices, as such registration would be infeasible. The number of trained Cycle-GANs is T, such that each Cycle-GAN learns to transform signals from a particular device to all other devices and vice versa, as illustrated in Figures 5A-5D, which will be discussed in further detail below.

One objective of the systems and methods disclosed herein is to obtain a general Cycle-GAN model capable of transforming a signal captured on an original device into one of T devices in a group, independent of the original device. In at least one embodiment, the same scope can be achieved by using different GAN architectures, various network depths, learning rates, or optimization algorithms. Generalization is ensured by learning to transform from multiple devices to a single device, rather than simply learning to transform from one device to another. Therefore, during the training of the transformation algorithm (e.g., the Cycle-GAN model), the transformation algorithm of the disclosed embodiments (e.g., Cycle-GAN) can be applied to transform a signal captured on a user's device into one of T devices in a group, without needing to know the user or have information about the device he/she is using. Each time the original signal is transformed into one of the T devices, the features of the owner's device are replaced with features from one of the T devices in the group, while retaining user-specific features. According to one or more embodiments of a system for distinguishing discriminative features of a user from motion sensor data, by feeding both the original and transformed signals to the ML system, the ML system is no longer able to learn discriminative features specific to the original device. This happens because the ML system is configured to classify the raw and transformed signals into the same class, and the most relevant way to obtain such decision boundaries is by looking at the features that distinguish the user.

Exemplary embodiments

Exemplary embodiments of this system and method are discussed in further detail below with reference to Figures 5A-5D, 6A-6B and 1A-1D, together with practical applications of the technology and other practical scenarios in which systems and methods can be applied to distinguish and authenticate users of a device based on motion signals captured by a motion sensor of a mobile device.

In one or more embodiments, the methods disclosed herein provide a modified UBA execution pipeline. The modified UBA execution pipeline is capable of distinguishing discriminative characteristics of a user from discriminative characteristics of actions and devices, as shown in Figures 5A-5D. Figures 5A-5D illustrate a system and flowchart according to one or more embodiments for distinguishing discriminative characteristics of a user of a mobile device from motion sensor data and authenticating the user. The steps in the flowcharts of Figures 5A-5D can be performed using an exemplary system for distinguishing discriminative characteristics of a user of a device from motion sensor data including, for example, mobile device 101 of system 100 and/or system server 105. The steps in the flowcharts of Figures 5A-5D are detailed below:

1. During user registration or authentication, the mobile device 101 captures motion signals 310 from built-in sensors such as accelerometers and gyroscopes.

2. Divide the motion signal 310 into smaller blocks 315.

3. Using a set of trained Cycle-GAN 400, generate a new signal 500 (the transformed signal) to simulate the user's authentication session on other devices.

4. Within the ML system 505, a set of feature extraction techniques are employed to extract relevant features from the original signal block and the transformed signal block to form a feature vector.

5. During registration, within the ML system 505, a classification model is trained on the feature vectors corresponding to the recorded and transformed signal blocks 500.

6. During the authentication process, within the ML system 505, a learned classification model is applied to the feature vectors corresponding to the recorded and transformed signal blocks.

7. During authentication, in order to distinguish legitimate users (smartphone owners) from potential attackers, a voting scheme or meta-learning model is used to evaluate the scores or labels obtained for the records and transformed blocks corresponding to the authentication session.

These and other steps are further described and illustrated in the following exemplary methods in Figures 6A-6B.

According to one or more embodiments, FIG6A discloses a schematic block diagram illustrating a computational flow for distinguishing discriminative features of a user of a device from motion sensor data. In one or more embodiments, the method of FIG6A may be performed by a system such as the exemplary system 100 of FIG1A. Although many of the steps are described as being performed by a mobile device 101 (FIG. 1A), in some embodiments, one or more of the steps may be performed by a system server (back-end server) 105 communicating with the mobile device 101.

Referring to Figures 5A and 1A-1D, the process begins at step S105, where the processor of mobile device 101 is configured to cause at least one motion sensor (e.g., accelerometer 135, gyroscope 136) of the mobile device to capture data from the user in the form of one or more motion signals by executing one or more software modules (e.g., user interface module 170). In one or more embodiments, the motion signal is a multi-axis signal corresponding to the user's physical movement or interaction with the device collected from at least one motion sensor of the mobile device during a specified time domain. The user's physical movement may be in the form of a "gesture" (e.g., tapping or swiping a finger) or other physical interaction with the mobile device (e.g., picking up the mobile device). For example, the motion sensor may collect or capture motion signals corresponding to the user writing their signature in the air ("explicit" interaction) or the user tapping their phone ("implicit" interaction). Thus, the motion signal contains characteristics specific to (distinguishing) the user, the action performed by the user (e.g., a gesture), and the specific mobile device.

In one or more embodiments, the collection or capture of motion signals by the motion sensor of the mobile device can be performed during one or more predetermined time windows, which are preferably short time windows. For example, in at least one embodiment, the time window may be approximately 2 seconds. In at least one embodiment, such as during user registration, the mobile device may be configured to collect (capture) motion signals from a user by prompting the user to make a specific gesture or explicit interaction. Furthermore, in at least one embodiment, the mobile device may be configured to collect motion signals without prompting the user, such that the collected motion signals represent implicit gestures or interactions between the user and the mobile device. In one or more embodiments, the processor of the mobile device 101 may be configured to store the captured motion signals in the mobile device's database 185 by executing one or more software modules (e.g., database module 176), or alternatively, the captured motion signals may be stored in the database 280 of the backend server 105.

At step S110, the mobile device's processor is configured to divide one or more captured motion signals into segments by executing one or more software modules (e.g., segmentation module 173). Specifically, the captured motion signals are divided into N smaller blocks or segments. As discussed above, the disclosed systems and methods are configured to partially address the problem of distinguishing user-specific or user-exclusive features from user-performed actions in motion signals. Thus, by segmenting the motion signals, discriminative features of user-performed actions are eliminated. In one or more embodiments, the step of segmenting one or more captured motion signals includes dividing each motion signal into a fixed number of segments, where each segment has a fixed length. In one or more embodiments, at least some of the segments or blocks are overlapping segments or blocks.

Referring again to Figure 5A, at step S115, the mobile device's processor is configured to transform the fragment into a transformed fragment by executing one or more software modules 130 (e.g., transformation module 178) using one or more trained transformation algorithms (such as Cyclic Consistent Generative Adversarial Networks (Cycle-GAN)). As previously discussed, this system and method are configured to partially address the problem of distinguishing user-specific or user-specific features from user-discriminating mobile device features in motion signals. By using Cycle-GAN to transform the fragment into a transformed fragment, this method effectively eliminates the discriminative features of the mobile device from the motion data signals(s) collected and provided to the ML model(s).

More specifically, according to one or more embodiments, blocks/segments are considered individual samples, and these blocks/segments are provided as input to one or more transformation algorithms (e.g., Cycle-GAN). In one or more embodiments utilizing Cycle-GAN, each Cycle-GAN is trained offline on a separate dataset of motion signals collected from a predefined set of T different devices. Given a segment as input, Cycle-GAN transforms each segment into a transformed segment such that the transformed segment corresponds to a segment recorded on a device different from the user's mobile device from the predefined set of T devices. In other words, the transformed segment comprises one or more synthetic motion signals that simulate motion signals originating from another device. For example, an input segment of motion signal x recorded on device X is transformed using Cycle-GAN (generator) G to make it appear as if it were recorded on a different device Y.

Each time a transformed original segment is used in a Cycle-GAN, the features of the user's own device are replaced with features from one of the T predefined devices in the group, while preserving user-specific features. As previously mentioned, one objective of this process is to separate user-specific (distinguishing) features in the motion signal from those specific to the device used only by the user. Therefore, according to at least one embodiment, to obtain user-specific results that allow user identification across multiple devices, several Cycle-GAN models (or U-GAT-IT or other transformation algorithms) are used to transform segments across several devices. In one or more embodiments, a fixed number T of devices (e.g., smartphones) are set and segments of motion signals are collected from each of the T devices. A fixed number of users are also set to register on each of the T devices. Thus, a number of Cycle-GANs are trained such that each Cycle-GAN learns to transform segments from a specific device to all other devices in the group and vice versa, as illustrated in Figure 5A. Therefore, according to at least one embodiment, the system generates a general Cycle-GAN model that can transform a signal captured on an original device into another device from a set of T predefined devices, regardless of the original device.

It is important to note that, in at least one embodiment, this step can be implemented using different GAN architectures, various network depths, learning rates, or optimization algorithms. Generalization is ensured by learning to transform from multiple devices to a single device, rather than simply learning to transform from one device to another. Therefore, during the training of Cycle-GAN, Cycle-GAN can be applied to transform signals captured on a user's device into another device in the group of T devices, without needing to know the user or have information about the device he or she is using. Each time the original segment is transformed into one of the T devices in the group, the features of the user's device are replaced with the features of the other device in the group of T devices, while preserving user-specific features.

In one or more embodiments of step S115, once the input segment is transformed, the mobile device's processor is configured to transform the segment back by executing one or more software modules (e.g., transformation module 178). For example, as described in the previous examples, an input segment of motion signal x recorded on device X is transformed using Cycle-GAN (generator) G to make it appear as if it were recorded on a different device Y. The transformed segment is then transformed back to the original device X using Cycle-GAN (generator) F. According to at least one embodiment, discriminator _DY then distinguishes between the signal recorded on device Y and the signal generated by Cycle-GAN (generator) G. Generator _G is optimized to fool discriminator _DY , which is optimized to separate samples in an adversarial manner. Furthermore, in at least one embodiment, the entire system is optimized to reduce the reconstruction error calculated after transforming signal x back to the original device X. Adding the reconstruction error to the overall loss function ensures cycle consistency.

Referring again to Figure 5A, at step S120, the mobile device's processor is configured to provide fragments and transformed fragments to the machine learning system by executing one or more software modules (e.g., feature extraction module 172). The fragments and transformed fragments provided as input to the machine learning system are considered individual samples.

At step S125, the mobile device's processor is then configured to extract discriminative features of the user from the fragments and transformed fragments using a machine learning system that applies one or more feature extraction algorithms by executing one or more software modules. For example, in one or more embodiments during the user registration process, the processor is configured to extract relevant features from the fragments and transformed fragments to form feature vectors using one or more feature extraction techniques. At step S127, the processor is configured to apply and train a learned classification model on the feature vectors corresponding to the fragments and transformed fragments. In at least one embodiment, the machine learning system may be an end-to-end deep neural network, including feature extraction (S125) and classification (S127) steps. In one or more embodiments, the machine learning system may consist of two components (feature extractor and classifier) or three components (feature extractor, feature selection method—not shown—and classifier). In any embodiment, a trainable component, i.e., a deep neural network or a classifier, is present. The trainable part is typically trained on a dataset of samples (moving signal blocks) and their corresponding labels (user identifiers) by applying an optimization algorithm (e.g., gradient descent) with respect to a loss function that expresses how well the trainable part can predict the correct labels for the training data samples (raw or transformed fragments collected during user registration), as will be understood by those skilled in the art. The goal of the optimization algorithm is to minimize the loss function, i.e., to improve the predictive ability of the trainable part. At step S130, the method terminates.

Figure 6B discloses a schematic block diagram illustrating a computational flow for authenticating a user on a mobile device from motion sensor data according to at least one embodiment. Referring now to Figure 5B, the method begins at step S105. Steps S105-S120 shown in Figure 6B are the same steps described above with respect to the method shown in Figure 6A. Specifically, at step S105, the mobile device captures one or more motion signals from the user, and at step S110, the one or more captured motion signals are segmented into segments. At step S115, the segments are transformed into transformed segments using one or more trained transformation algorithms (e.g., Cycle-GAN), and at step S120, the segments and the transformed segments are provided to a machine learning system.

Referring again to Figures 5B and 1A-1D, after step S120, at step S135, the mobile device's processor is configured to classify (e.g., score, assign class probabilities to) the fragments and transformed fragments by executing one or more software modules (e.g., classification module 174). More specifically, in one or more embodiments, feature vectors representing the fragments and transformed fragments are analyzed and scored. In one or more embodiments, the fragments and transformed fragments may correspond to an authentication session, such that the fragments and transformed fragments are scored based on a machine learning model (e.g., a classifier or deep neural network previously trained on data collected during user registration at step S127 in Figure 6A).

At step S140, the mobile device is configured to apply a voting scheme or meta-learning model to the scores (e.g., class probabilities) assigned to fragments and transformed fragments obtained during the authentication session by executing one or more software modules 130 (e.g., meta-learning module 175). By applying the voting scheme or meta-learning model, the mobile device is configured to provide a consistent decision to authorize or deny the user. In one or more embodiments, the consistent decision of the session is based on the voting scheme or meta-learning model applied to the scores of all fragments and transformed fragments.

Finally, at step S145, the mobile device is configured to determine whether a user is an authorized user based on a voting or meta-learning step by executing one or more software modules (e.g., meta-learning module 175). As previously described, segments and transformed segments are scored based on class probabilities given as output by a machine learning model trained during registration to identify known users. Therefore, based on the voting scheme or meta-learner applied to the scores of the corresponding segments and transformed segments, the processor is configured to determine whether the segments and transformed segments belong to a specific (authorized) user, and thus ultimately determine whether the user is an authorized or unauthorized user. The authentication process disclosed herein refers to one-to-one authentication (user verification). At step S150, the method for authenticating users based on motion sensor data ends.

Experimental results

In this section, experimental results obtained using the discrimination method disclosed herein are presented according to one or more embodiments. Two different datasets were used in the following experiments. The first dataset (hereinafter referred to as the 5x5 database) consists of signals recorded from the accelerometers and gyroscopes of five smartphones when five people performed authentication using five smartphones. These individuals were asked to change positions during authentication (i.e., stand up, or sit down and use their right or left hand), thereby performing different common actions. Signals from 50 authentications were captured at each position, meaning that each person performed a total of 1000 authentications on each of the five smartphones, or a total of 5000 sessions. The second dataset (hereinafter referred to as the 3x3 database) consists of the same position variations as the first, but with three different people and three different smartphones.

The signals from each database were divided into 25 blocks during the preprocessing stage. Blocks from the 5x5 dataset were used to train five Cycle-GANs, which transform the signals round trip across five devices. Then, each block from the 3x3 database was fed into the trained GAN, thus obtaining a completely new set of signals. These new (transformed) signals were further divided into two subsets: one for training and the other for testing the ML system for user recognition based on motion signals.

It is well known that GAN training is highly unstable and difficult because GANs need to find a Nash equilibrium in a non-convex minimax game with high-dimensional parameters. However, in these experiments, the loss function of the generative network was observed to decrease monotonically, supporting the idea of reaching an equilibrium point.

By dividing the signal into blocks, user discriminative features are captured, and the importance of movement (action) is minimized. Clear evidence is that a 4% increase in user discrimination accuracy was observed when feeding signal blocks (without applying GAN) into the ML system. Varying user behavior across different mobile devices (by applying GAN) resulted in an additional 3% increase in user discrimination accuracy (compared to the accuracy obtained using only signal blocks). Therefore, it can be concluded that by simulating features from various devices, a more robust and invariant ML system to device characteristics is obtained.

With the increasing number of mobile devices, the frequency of attacks has risen significantly. Therefore, various user behavior analysis algorithms have been proposed in recent years, including systems based on signals captured by motion sensors during user authentication. Currently, a major problem faced by motion sensor data-based algorithms is the difficulty in distinguishing user-specific features from action- and device-specific features. The system and method of this application address this problem by dividing the motion signal into blocks and transforming the signal for other devices using a transformation algorithm (e.g., Cycle-GAN) without requiring any changes to the user registration process.

In fact, dividing the signal into smaller blocks helps reduce the impact of actions (performed by the user) on the decision boundary of the ML system, thereby improving user identification accuracy by 4%, as shown in the example above. Furthermore, it is well known that sensors from different devices differ due to manufacturing processes, even if these devices are of the same brand and model and come from the same production line. This fact leads to a significant impact of mobile device sensors on the decision boundary of the ML system used for user identification. According to one or more embodiments, the systems and methods disclosed herein utilizing GANs simulate authentication from multiple devices based on recorded motion signals from arbitrary devices, reducing the impact of mobile devices on the ML system and increasing the influence of user-specific features. The disclosed systems and methods further improve ML system accuracy by approximately 3%. Therefore, overall, in one or more embodiments, the systems and methods can improve performance by 7%, thereby reducing false positive and false negative rates.

The following projects illustrate discriminative features for distinguishing users of a device from motion signals and exemplary systems and methods for authenticating users on mobile devices from motion signals:

Project 1. A computer-implemented method for distinguishing discriminative features of a user of a mobile device from motion signals captured by the mobile device, the mobile device having one or more motion sensors, a storage medium, instructions stored on the storage medium, and a processor configured to execute the instructions, comprising:

The processor divides each captured motion signal into segments;

The processor uses one or more trained transformation algorithms to convert the fragment into a transformed fragment;

The processor provides the fragment and the transformed fragment to the machine learning system; and

The processor uses the machine learning system, which applies one or more feature extraction algorithms, to extract the user's discriminative features from the fragment and the transformed fragment.

Project 2, according to the method of Project 1, wherein the discriminative features of the user are used to identify the user when the user uses the device in the future.

Project 3, the method according to the preceding project, wherein the one or more motion sensors include at least one of a gyroscope and an accelerometer.

Project 4. According to the method described in the preceding project, wherein the one or more motion signals correspond to one or more interactions between the user and the mobile device.

Project 5. According to the method described in the preceding project, wherein the motion signal includes the discriminative features of the user, the discriminative features of the action performed by the user, and the discriminative features of the mobile device.

Project 6. According to the method of Project 5, wherein the step of dividing the one or more captured motion signals into the segments eliminates the discriminative features of the action performed by the user.

Project 7. According to the method of Project 5, wherein the step of converting the fragment into the transformed fragment eliminates the discriminative feature of the mobile device.

Project 8. According to the method described in the preceding project, wherein the one or more trained transformation algorithms include one or more Cyclic Consistent Generative Adversarial Networks (Cycle-GANs), and wherein the transformed fragment includes a synthetic motion signal simulating motion signals originating from another device.

Project 9. The method according to the preceding project, wherein the step of dividing the one or more captured motion signals into segments includes dividing each motion signal into a fixed number of segments, wherein each segment has a fixed length.

Item 10. A computer-implemented method for authenticating a user on a mobile device from motion signals captured by the mobile device, the mobile device having one or more motion sensors, a storage medium, instructions stored on the storage medium, and a processor configured to execute the instructions, comprising:

The processor divides the one or more captured motion signals into segments;

The processor uses one or more trained transformation algorithms to convert the fragment into a transformed fragment;

The processor provides the fragment and the transformed fragment to the machine learning system; and

The processor categorizes the fragments and transformed fragments as belonging to authorized users or unauthorized users by assigning scores to each of the fragments and transformed fragments; and

The processor applies a voting scheme or a meta-learning model to the scores assigned to the fragment and the transformed fragment; and

The processor determines whether the user is an authorized user based on the voting scheme or the meta-learning model.

Item 11. According to the method described in Item 10, the scoring steps include:

The fragment and the transformed fragment are compared with features of the authorized user extracted from sample fragments provided by the authorized user during the registration process, wherein the features are stored on the storage medium; and

Each segment is assigned a score based on a classification model.

Item 12, the method according to Item 10 or 11, wherein the one or more motion sensors include at least one of a gyroscope and an accelerometer.

Item 13. The method according to Items 10-12, wherein the step of dividing the one or more captured motion signals into segments includes dividing each motion signal into a fixed number of segments, wherein each segment has a fixed length.

Item 14, the method according to Items 10-13, wherein at least a portion of the segments overlaps.

Item 15. The method according to Items 10-14, wherein the one or more trained transformation algorithms include one or more Cycle-GANs, and wherein the transformation steps include:

The fragment is transformed into the transformed fragment via a first generator, which mimics a fragment generated on another device; and

The transformed fragment is then re-transformed via a second generator to mimic the fragment generated on the mobile device.

Item 16. The method according to Items 10-15, wherein the transformed segment includes a synthetic motion signal simulating motion signals originating from another device.

Item 17. The method described in Items 10-16, wherein the provided steps include:

The processing employs one or more feature extraction techniques to extract features from the fragment and the transformed fragment to form a feature vector; and

A learned classification model is applied to the feature vectors corresponding to the fragment and the transformed fragment.

Item 18, A system for distinguishing discriminative features of a user of a mobile device from motion signals captured on the mobile device having at least one motion sensor and authenticating the user on the mobile device, the system comprising:

Network communication interface;

Computer-readable storage medium;

A processor configured to interact with the network communication interface and the computer-readable storage medium and execute one or more software modules stored on the storage medium, comprising:

The segmentation module, when executed, configures the processor to divide each captured motion signal into segments;

A transformation module, when executed, configures the processor to transform the fragment into a transformed fragment using one or more trained Cyclic Consistent Generative Adversarial Networks (Cycle-GANs);

A feature extraction module, when executed, configures the processor to extract discriminative features extracted by the user from the fragment and the transformed fragment, wherein the processor uses a machine learning system;

The classification module, when executed, configures the processor to assign scores to the fragments and transformed fragments, and determines whether the fragments and transformed fragments belong to authorized users or unauthorized users based on the corresponding scores of these fragments;

The meta-learning module, when executed, configures the processor to apply a voting scheme or meta-learning model based on the scores assigned to the stored fragments and the transformed fragments corresponding to the user.

Item 19. The system according to Item 18, wherein the at least one motion sensor includes at least one of a gyroscope and an accelerometer.

Item 20. The system according to Items 18-19, wherein the conversion module configures the processor to: transform the fragment into the transformed fragment via a first generator, which mimics a fragment generated on another device; and transform the transformed fragment again via a second generator to mimic a fragment generated on the mobile device.

Item 21. The system according to Items 18-20, wherein the feature extraction module is further configured to apply a learned classification model to the extracted features corresponding to the fragment and the transformed fragment.

At this point, it should be noted that although most of the preceding descriptions pertain to systems and methods for using motion sensor data to distinguish discriminative characteristics of users and for user authentication, the systems and methods disclosed herein can be similarly deployed and/or implemented in scenarios, situations, and settings outside of the reference scenario.

Although this specification contains numerous specific details of implementation, these should not be construed as limiting the scope of any implementation or what may be claimed, but rather as descriptions of features specific to particular embodiments that may be specific to particular implementations. Certain features described in this specification in the context of separate embodiments may also be implemented in combination in a single embodiment. Conversely, various features described in the context of a single embodiment may also be implemented separately in multiple embodiments or in any suitable sub-combination. Furthermore, although features may be described above as operating in certain combinations, and even initially claimed in this way, in some cases one or more features from the claimed combination may be removed from the combination, and the claimed combination may be for sub-combinations or variations thereof.

Similarly, although operations are depicted in a specific order in the accompanying drawings, this should not be construed as requiring these operations to be performed in the specific order shown or sequentially, or that all illustrated operations be performed to obtain the desired result. In some cases, multitasking and parallel processing can be advantageous. Furthermore, the separation of the various system components in the above embodiments should not be construed as requiring such separation in all embodiments, and it should be understood that the described program components and systems can generally be integrated together in a single software product or packaged into multiple software products.

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to limit the invention. As used herein, the singular forms “a,” “an,” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that, when used in this specification, the terms “comprising” and/or “including” specify the presence of the stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It should be noted that the use of ordinal terms such as “first,” “second,” “third,” etc., to modify a claim element itself in the claims does not imply any priority, precedence, or order of one claim element relative to another, or the chronological order of actions of the method of execution, but is merely used as labels to distinguish one claim element having a particular name from another element having the same name (or, if not, using ordinal terms). Furthermore, the wording and terminology used herein are for descriptive purposes and should not be considered limiting. The use of “comprising,” “including,” or “having,” “containing,” “involving,” and variations thereof herein is intended to cover the items listed thereafter and their equivalents, as well as additional items. It should be understood that the same numbers in the accompanying drawings represent the same elements in several figures, and not all embodiments or arrangements require reference to all parts and/or steps described and illustrated in the accompanying drawings.

Therefore, exemplary embodiments and arrangements of the disclosed systems and methods provide computer-implemented methods, computer systems, and computer program products for user authentication using motion sensor data. The flowcharts and block diagrams in the accompanying drawings illustrate the architecture, functionality, and operation of possible implementations of the systems, methods, and computer program products according to various embodiments and arrangements. In this regard, each block in a flowchart or block diagram may represent a module, segment, or portion of code, including one or more executable instructions for implementing one or more specified logical functions. It should also be noted that in some alternative embodiments, the functions marked in the blocks may occur in a non-linear order as indicated in the drawings. For example, two blocks shown consecutively may actually be executed substantially simultaneously, or these blocks may sometimes be executed in reverse order, depending on the functions involved. It will also be noted that each block illustrated in the block diagrams and/or flowcharts, and combinations of blocks in the block diagrams and/or flowcharts, may be implemented by a hardware-based dedicated system performing the specified function or action, or by a combination of dedicated hardware and computer instructions.

The foregoing subject matter is provided by way of illustration only and should not be construed as limiting. Various modifications and changes may be made to the subject matter described herein without following the exemplary embodiments and applications described and without departing from the true spirit and scope of the invention as set forth in the appended claims.

Claims (17)

1. A computer-implemented method for distinguishing discriminative features of a user of a mobile device from motion signals captured by a mobile device having one or more motion sensors, comprising: One or more captured motion signals captured by the mobile device are provided at the processor; The processor divides each captured motion signal into segments; The processor uses one or more trained transformation algorithms to transform the fragment into a transformed fragment, wherein the one or more trained transformation algorithms include one or more recurrent consistent generative adversarial networks, and wherein the transformed fragment includes a synthetic motion signal that simulates motion signals originating from another device. The processor provides the fragment and the transformed fragment as input to the machine learning system; and The processor uses the machine learning system, which applies one or more feature extraction algorithms, to extract the user's discriminative features from the fragment and the transformed fragment. The motion signal includes discriminative features of the user, discriminative features of the action performed by the user, and discriminative features of the mobile device, and the step of dividing the one or more captured motion signals into the segments eliminates the discriminative features of the action performed by the user. 2. The method of claim 1, wherein the discriminative feature of the user is used to identify the user when the user uses the device in the future. 3. The method of claim 1, wherein the one or more motion sensors include at least one of a gyroscope and an accelerometer. 4. The method of claim 1, wherein the one or more captured motion signals correspond to one or more interactions between the user and the mobile device. 5. The method of claim 1, wherein the step of converting the fragment into the transformed fragment and providing the fragment and the transformed fragment to the machine learning system effectively eliminates the discriminative features of the mobile device. 6. The method of claim 1, wherein the step of dividing the one or more captured motion signals into segments comprises dividing each motion signal into a fixed number of segments, wherein each segment has a fixed length. 7. A computer-implemented method for authenticating a user of a mobile device from motion signals captured by the mobile device having one or more motion sensors, comprising: Provide one or more captured motion signals at the processor; The processor divides the one or more captured motion signals into segments; The processor uses one or more trained transformation algorithms to transform the fragment into a transformed fragment, wherein the one or more trained transformation algorithms include one or more recurrent consistent generative adversarial networks, and wherein the transformed fragment includes a synthetic motion signal that simulates motion signals originating from another device. The processor provides the fragment and the transformed fragment as input to the machine learning system; and Using the processor and the machine learning system, the fragments and transformed fragments are classified as belonging to authorized users or unauthorized users by assigning scores to each of the fragments and transformed fragments; The processor applies a voting scheme or a meta-learning model to the scores assigned to the fragment and the transformed fragment; and The processor determines whether the user is an authorized user based on the voting scheme or the meta-learning model. The motion signal includes the discriminative features of the user, the discriminative features of the action performed by the user, and the discriminative features of the mobile device. The step of converting the segment into the transformed segment and providing the segment and the transformed segment to the machine learning system effectively eliminates the discriminative features of the mobile device. 8. The method according to claim 7, wherein the sorting step comprises: The fragment and the transformed fragment are compared with features of the authorized user extracted from a sample fragment of the authorized user during the registration process, wherein the features are stored in a storage medium; and Each segment is assigned a score based on a classification model. 9. The method of claim 7, wherein the one or more motion sensors include at least one of a gyroscope and an accelerometer. 10. The method of claim 7, wherein the step of dividing the one or more captured motion signals into segments comprises dividing each motion signal into a fixed number of segments, wherein each segment has a fixed length. 11. The method of claim 7, wherein at least a portion of the segments overlap. 12. The method of claim 7, wherein the conversion step comprises: The fragment is transformed into the transformed fragment via a first generator, which mimics a fragment generated on another device; and The transformed fragment is then re-transformed via a second generator to mimic the fragment generated on the mobile device. 13. The method of claim 7, wherein the provided step comprises: The processor uses one or more feature extraction techniques to extract features from the fragment and the transformed fragment to form a feature vector; and A learned classification model is applied to the feature vectors corresponding to the fragment and the transformed fragment. 14. A system for distinguishing discriminative features of a user of a mobile device from motion signals captured on the mobile device having at least one motion sensor and authenticating the user of the mobile device, the system comprising: Network communication interface; Computer-readable storage medium; A processor configured to interact with the network communication interface and the computer-readable storage medium and execute one or more software modules stored on the storage medium, the software modules comprising: The segmentation module, when executed, configures the processor to divide each captured motion signal into segments; A conversion module, when executed, configures the processor to convert the fragment into a transformed fragment using one or more trained recurrent consistent generative adversarial networks, wherein the transformed fragment includes synthetic motion signals that simulate motion signals originating from another device; A feature extraction module, when executed, configures the processor to extract the user's extracted discriminative features from the fragment and the transformed fragment, wherein the processor uses a machine learning system; The classification module, when executed, configures the processor to assign scores to the fragments and transformed fragments, and determines whether the fragments and transformed fragments belong to authorized users or unauthorized users based on the corresponding scores of these fragments; The meta-learning module, when executed, configures the processor to apply a voting scheme or meta-learning model to the scores assigned to the fragments and the transformed fragments based on stored fragment pairs corresponding to the user. The motion signal includes discriminative features of the user, discriminative features of the action performed by the user, and discriminative features of the mobile device, and dividing one or more captured motion signals into segments eliminates the discriminative features of the action performed by the user. 15. The system of claim 14, wherein the at least one motion sensor comprises at least one of a gyroscope and an accelerometer. 16. The system of claim 14, wherein the conversion module configures the processor to: transform the fragment into the transformed fragment via a first generator, which mimics a fragment generated on another device; and re-transform the transformed fragment via a second generator to mimic a fragment generated on the mobile device. 17. The system of claim 14, wherein the feature extraction module is further configured to apply a learned classification model to the extracted features corresponding to the segment and the transformed segment.