pith. sign in

arxiv: 2605.00218 · v1 · submitted 2026-04-30 · 💻 cs.CR · cs.ET· cs.LG

Selfie-Capture Dynamics as an Auxiliary Signal Against Deepfakes and Injection Attacks for Mobile Identity Verification

Erkka Rantahalvari , Olli Silv\'en , Zinelabidine Boulkenafet , Constantino \'Alvarez Casado This is my paper

Pith reviewed 2026-05-09 20:13 UTC · model grok-4.3

classification 💻 cs.CR cs.ETcs.LG
keywords selfie capturemotion tracesdeepfake detectionmobile identity verificationaccelerometertime-series classificationspoof screeninguser verification
0
0 comments X

The pith

Short motion traces from phone sensors during selfie capture contain measurable information for detecting spoofs and verifying users in mobile identity systems.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper tests whether passive sensor data recorded while users film selfie videos can supply extra evidence to identify manipulated video streams and confirm the correct person in remote verification apps. It built a dataset of genuine captures plus proxy attacks from 30 participants and ran multiple time-series classifiers on the data. Accelerometer readings alone rejected every stationary attack proxy with zero false rejections of real sequences, and multi-channel methods reached low error rates for confirming the same user in the same session. This matters to a sympathetic reader because it adds a simple, hardware-free layer of protection against deepfakes and injections that current camera-only checks may miss. The work also notes that classification accuracy does not automatically guarantee good verification performance once thresholds are set on real score distributions.

Core claim

We introduce CanSelfie, a dataset of 375 bona fide multi-sensor sequences collected at 50 Hz from 30 participants together with stationary, handheld, and temporally shifted attack-proxy scenarios. Benchmarks across 7 multivariate time-series classifiers and 8 anomaly detectors show that accelerometer-only ROCKAD reaches 0.00% FRR and 43.8% FAR while rejecting all stationary proxies; QUANT+3-NN yields the lowest overall FAR of 32.0% at 2.37% FRR. For same-device user verification WEASEL+MUSE attains 1.07% EER on 9 sensor channels. Raw accelerometer data that preserves gravity and orientation cues proves the most informative modality, and closed-set accuracy does not imply strong verification,

What carries the argument

Multivariate time-series classifiers and whole-series anomaly detectors applied to raw multi-sensor data, especially accelerometer traces that retain gravity and orientation information, to separate bona fide captures from attack proxies and to verify identity.

If this is right

  • Raw accelerometer data alone supplies the strongest single-modality signal for both spoof screening and user verification.
  • Some methods reject all stationary attack proxies while maintaining zero false rejection of genuine sequences.
  • User verification requires careful threshold calibration based on score distributions rather than classification accuracy alone.
  • Short motion traces collected during normal selfie capture can serve as a low-friction auxiliary channel alongside camera-based checks.
  • Further validation is required for cross-device, cross-session, and actual injection-attack conditions.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Apps could integrate these traces to reduce successful real-time deepfake attacks without adding steps for the user.
  • The same motion-analysis approach might strengthen other mobile flows such as payment or account-recovery checks.
  • Combining sensor traces with visual liveness methods could raise the bar for attackers who must match both domains.
  • Developers should benchmark against live injection tools rather than proxies to confirm the signal remains useful.

Load-bearing premise

The stationary, handheld, and temporally shifted attack-proxy scenarios adequately represent real-world deepfake and injection attacks under diverse conditions.

What would settle it

A controlled test in which genuine deepfake or video-injection streams on the same mobile devices produce sensor traces whose score distributions cause the classifiers to accept them at rates comparable to bona fide captures.

Figures

Figures reproduced from arXiv: 2605.00218 by Constantino \'Alvarez Casado, Erkka Rantahalvari, Olli Silv\'en, Zinelabidine Boulkenafet.

Figure 1
Figure 1. Figure 1: Selfie-capture workflow: (a) ID selection, (b) selfie cap [PITH_FULL_IMAGE:figures/full_fig_p001_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Motion analysis as an auxiliary component in the identity [PITH_FULL_IMAGE:figures/full_fig_p004_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Attack-proxy scenarios: (a) stationary replay with the [PITH_FULL_IMAGE:figures/full_fig_p005_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Partitioning protocol for genuine-versus-spoof screen [PITH_FULL_IMAGE:figures/full_fig_p006_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: Percentile bands around the selfie-capture moment for [PITH_FULL_IMAGE:figures/full_fig_p007_5.png] view at source ↗
read the original abstract

Mobile remote identity verification (RIdV) systems are exposed to attacks that manipulate or replace the facial video stream, including presentation attacks, real-time deepfakes, and video injection. Recent European requirements, including ETSI TS 119 461 and CEN/TS 18099, motivate complementary evidence channels beyond camera-based presentation-attack detection. This paper investigates whether passive motion traces recorded during selfie capture provide auxiliary evidence for spoof screening and user verification. We introduce CanSelfie, a dataset of 375 bona fide multi-sensor sequences collected at 50\,Hz from 30 participants using a commercial mobile RIdV application, together with stationary, handheld, and temporally shifted attack-proxy scenarios. We benchmark 7 multivariate time-series classifiers and 8 whole-series anomaly detectors across sensor configurations and temporal windows. For spoof screening, accelerometer-only ROCKAD obtains 0.00\% false rejection rate (FRR) and 43.8\% false acceptance rate (FAR), while QUANT+3-NN obtains the lowest overall FAR of 32.0\% at 2.37\% FRR; both reject all stationary attack proxies. For same-device and same-session user verification, WEASEL+MUSE reaches 1.07\% equal error rate (EER) using 9 sensor channels. The analysis shows that raw accelerometer data, preserving gravity and orientation cues, is the most informative modality, and that closed-set classification accuracy alone does not imply good verification performance because threshold calibration depends on score distributions. The findings suggest that short selfie-capture motion traces contain measurable spoof-related and identity-related information, supporting their use as a low-friction auxiliary signal while also identifying the need for cross-device, cross-session, and real injection-attack evaluation.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 1 minor

Summary. The paper introduces the CanSelfie dataset of 375 bona fide multi-sensor (50 Hz) selfie-capture sequences from 30 participants and benchmarks 7 multivariate time-series classifiers plus 8 whole-series anomaly detectors for two tasks: (1) spoof screening against stationary, handheld, and temporally shifted attack proxies, and (2) same-device same-session user verification. It reports concrete metrics such as 0.00% FRR / 43.8% FAR for accelerometer-only ROCKAD and 2.37% FRR / 32.0% FAR for QUANT+3-NN in spoof screening, together with 1.07% EER for WEASEL+MUSE using 9 channels in verification, and concludes that raw accelerometer traces contain measurable spoof- and identity-related information usable as a low-friction auxiliary signal for mobile remote identity verification.

Significance. If the separation observed with the chosen proxies generalizes to realistic deepfake and injection scenarios, the work would supply a passive, camera-independent channel that complements existing presentation-attack detection and satisfies the spirit of ETSI TS 119 461 and CEN/TS 18099. The empirical demonstration that raw accelerometer preserves useful gravity/orientation cues and that closed-set accuracy does not automatically translate to good verification performance are useful practical observations.

major comments (2)
  1. [Abstract] Abstract: the spoof-screening results (0.00% FRR for ROCKAD, 32.0% FAR for QUANT+3-NN) rest entirely on stationary, handheld, and temporally shifted attack proxies; these proxies do not span motion-matched real-time deepfakes or sensor-bypassing video-injection attacks, yet the abstract claims utility against exactly those threats. The manuscript itself flags the need for real injection-attack evaluation, confirming that the bridge from proxy results to the central claim remains untested.
  2. [Abstract] Abstract and evaluation sections: performance figures (0.00% FRR, 1.07% EER, etc.) are given without reported cross-validation scheme, error bars, exact temporal-window lengths, or sensitivity analysis to post-hoc threshold choices. Because the central empirical claim is the existence of measurable separation, the absence of these details makes it impossible to judge whether the quoted rates are stable or artifactual.
minor comments (1)
  1. [Abstract] Abstract: the statement that 'raw accelerometer data... is the most informative modality' is asserted without a pointer to the specific table, figure, or subsection that contains the supporting ablation.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the thoughtful and detailed review of our manuscript. We address each of the major comments below and outline the revisions we plan to implement.

read point-by-point responses

  1. Referee: Abstract: the spoof-screening results (0.00% FRR for ROCKAD, 32.0% FAR for QUANT+3-NN) rest entirely on stationary, handheld, and temporally shifted attack proxies; these proxies do not span motion-matched real-time deepfakes or sensor-bypassing video-injection attacks, yet the abstract claims utility against exactly those threats. The manuscript itself flags the need for real injection-attack evaluation, confirming that the bridge from proxy results to the central claim remains untested.

    Authors: We concur that the attack proxies employed—stationary, handheld, and temporally shifted—are not equivalent to motion-matched real-time deepfakes or sensor-bypassing injection attacks. The manuscript explicitly acknowledges this limitation by calling for real injection-attack evaluation. To strengthen the presentation, we will revise the abstract to more precisely delineate the scope of the proxy-based results and to avoid any implication of direct applicability to untested attack vectors, while retaining the suggestion that the motion traces contain measurable information warranting further study. revision: yes

  2. Referee: Abstract and evaluation sections: performance figures (0.00% FRR, 1.07% EER, etc.) are given without reported cross-validation scheme, error bars, exact temporal-window lengths, or sensitivity analysis to post-hoc threshold choices. Because the central empirical claim is the existence of measurable separation, the absence of these details makes it impossible to judge whether the quoted rates are stable or artifactual.

    Authors: We appreciate this observation regarding the reporting of methodological details. Although the full manuscript describes the evaluation protocol, we will enhance the abstract and evaluation sections in the revision by explicitly stating the cross-validation scheme (e.g., leave-one-subject-out or k-fold), including error bars or standard deviations for the reported metrics, specifying the temporal window lengths, and adding a brief sensitivity analysis for the threshold choices. This will allow readers to better assess the stability of the results. revision: yes

Circularity Check

0 steps flagged

No significant circularity; purely empirical benchmarking with no derivations or self-referential reductions

full rationale

The paper reports an empirical study: collection of a 375-sequence CanSelfie dataset from 30 participants, construction of stationary/handheld/temporally-shifted attack proxies, and benchmarking of 7 time-series classifiers plus 8 anomaly detectors across sensor subsets and windows. All reported metrics (e.g., ROCKAD 0% FRR / 43.8% FAR on accelerometer, WEASEL+MUSE 1.07% EER) are direct outputs of applying off-the-shelf algorithms to the collected data. No equations, fitted parameters renamed as predictions, uniqueness theorems, or ansatzes appear. The central suggestion that motion traces contain measurable spoof- and identity-related information follows immediately from the observed separation on the proxies; the paper itself flags the need for real injection-attack testing, confirming the evaluation is not self-referential. This is a standard data-driven benchmarking paper with no load-bearing circular steps.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

The central claim rests on the assumption that the collected dataset and proxy attack scenarios are representative, plus standard assumptions in time-series classification that sensor data distributions allow generalization; no free parameters or invented entities are introduced.

axioms (1)
  • domain assumption The stationary, handheld, and temporally shifted scenarios serve as valid proxies for real deepfake and injection attacks
    Invoked when reporting that methods reject all stationary attack proxies and generalize to spoof screening.

pith-pipeline@v0.9.0 · 5649 in / 1404 out tokens · 31740 ms · 2026-05-09T20:13:15.239124+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

51 extracted references · 51 canonical work pages

  1. [1]

    ´Alvarez Casado, P

    C. ´Alvarez Casado, P. Paananen, P. Siirtola, S. Pirttikangas, and M. Bordallo L ´opez. Meditation detection using sen- sors from wearable devices. InAdjunct Proceedings of the 2021 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2021 ACM In- ternational Symposium on Wearable Computers, pages 112– 116, 2021

    work page 2021

  2. [2]

    Bagnall, J

    A. Bagnall, J. Lines, A. Bostrom, J. Large, and E. Keogh. The great time series classification bake off: a review and ex- perimental evaluation of recent algorithmic advances.Data Mining and Knowledge Discovery, 31(3):606–660, 2017

    work page 2017

  3. [3]

    Cabello, E

    N. Cabello, E. Naghizade, J. Qi, and L. Kulik. Fast, accurate and explainable time series classification through random- ization.Data Mining and Knowledge Discovery, 38(3):748– 811, 2024

    work page 2024

  4. [4]

    Carta, C

    K. Carta, C. Barral, N. El Mrabet, and S. Mouille. Video injection attacks on remote digital identity verification solu- tion using face recognition. InProceedings of the 13th Inter- national Multi-Conference on Complexity, Informatics and Cybernetics (IMCIC 2022), pages 92–95, 2022

    work page 2022

  5. [5]

    Information technology — biometric data injection attack detection

    CEN. Information technology — biometric data injection attack detection. CEN/TS 18099:2025, European Committee for Standardization, 2025

    work page 2025

  6. [6]

    Chandola, A

    V . Chandola, A. Banerjee, and V . Kumar. Anomaly detec- tion: A survey.ACM Computing Surveys, 41(3):15:1–15:58, 2009

    work page 2009

  7. [7]

    DeepFaceLive: Real-time face swap for PC streaming or video calls

    DeepFaceLive contributors. DeepFaceLive: Real-time face swap for PC streaming or video calls. GitHub repository, 2024.https://github.com/iperov/ DeepFaceLive

    work page 2024

  8. [8]

    Dempster, F

    A. Dempster, F. Petitjean, and G. I. Webb. ROCKET: Ex- ceptionally fast and accurate time series classification using random convolutional kernels.Data Mining and Knowledge Discovery, 34(5):1454–1495, 2020

    work page 2020

  9. [9]

    Dempster, D

    A. Dempster, D. F. Schmidt, and G. I. Webb. Hydra: Com- peting convolutional kernels for fast and accurate time se- ries classification.Data Mining and Knowledge Discovery, 37(5):1779–1805, 2023

    work page 2023

  10. [10]

    Dempster, D

    A. Dempster, D. F. Schmidt, and G. I. Webb. QUANT: A minimalist interval method for time series classification. Data Mining and Knowledge Discovery, 38(4):2377–2402, 2024

    work page 2024

  11. [11]

    P. M. A. B. Estrela, R. de Oliveira Albuquerque, D. M. Ama- ral, W. F. Giozza, and R. T. de Sousa J´unior. A framework for continuous authentication based on touch dynamics biomet- rics for mobile banking applications.Sensors, 21(12):4212, 2021

    work page 2021

  12. [12]

    Electronic signatures and trust infrastructures (ESI); policy and security requirements for trust service compo- nents providing identity proofing of trust service subjects

    ETSI. Electronic signatures and trust infrastructures (ESI); policy and security requirements for trust service compo- nents providing identity proofing of trust service subjects. ETSI TS 119 461 V2.1.1, European Telecommunications Standards Institute, 2025.https://www.etsi.org/ deliver/etsi_ts/119400_119499/119461/02. 01.01_60/ts_119461v020101p.pdf

    work page 2025

  13. [13]

    Fatima, M

    K. Fatima, M. E. Schuckers, G. Cruz-Ortiz, D. Hou, S. Purnapatra, T. Andrews, A. Neupane, B. Marshall, and S. Schuckers. A large-scale study of performance and eq- uity of commercial remote identity verification technologies across demographics. In2024 IEEE International Joint Con- ference on Biometrics (IJCB), pages 1–8, 2024

    work page 2024

  14. [14]

    Guillaume, C

    A. Guillaume, C. Vrain, and W. Elloumi. Random di- lated shapelet transform: A new approach for time series shapelets. InPattern Recognition and Artificial Intelligence (ICPRAI 2022), volume 13363 ofLecture Notes in Computer Science, pages 653–664. Springer, Cham, 2022

    work page 2022

  15. [15]

    V . K. Hahn, M. Gomez-Barrero, A. Ross, and S. Marcel, ed- itors.Handbook of Biometric Template Protection: Moti- vation, Methods and Metrics. Computer Science. Springer Singapore, Singapore, 1 edition, 2026

    work page 2026

  16. [16]

    Information technology — biometric perfor- mance testing and reporting — Part 1: Principles and frame- work

    ISO/IEC. Information technology — biometric perfor- mance testing and reporting — Part 1: Principles and frame- work. ISO/IEC 19795-1:2021, International Organization for Standardization, 2021.https://www.iso.org/ standard/73515.html

    work page 2021

  17. [17]

    A. K. Jain, A. A. Ross, and K. Nandakumar.Introduction to Biometrics. Springer, New York, NY , 2011

    work page 2011

  18. [18]

    M. Kira, Z. Alajamy, A. T. Soliman, Y . Mesbah, and M. Maz- zara. Trustworthy Face Recognition as a Service: A Multi- Layered Approach for Mitigating Spoofing and Ensuring System Integrity.Future Internet, 2025

    work page 2025

  19. [19]

    Leimhofer, M

    J. Leimhofer, M. Petrovic, A. Dominik, D. Heider, and U. Hegerl. Cross-platform availability of smartphone sensors for depression indication systems: Mixed-methods umbrella review.Interactive Journal of Medical Research, 14:e69686, 2025

    work page 2025

  20. [20]

    C. Li, L. Wang, S. Ji, X. Zhang, Z. Xi, S. Guo, and T. Wang. Seeing is Living? Rethinking the security of facial live- ness verification in the deepfake era. In31st USENIX Se- curity Symposium (USENIX Security 22), pages 2673–2690, Boston, MA, 2022. USENIX Association

    work page 2022

  21. [21]

    Y . Li, Y . Li, and Z. Wang. Facecloseup: Enhancing Mo- bile Facial Authentication with Perspective Distortion-Based Liveness Detection.Computers, 14(7):254, jun 27 2025

    work page 2025

  22. [22]

    W. S. Lima, E. Souto, K. El-Khatib, R. Jalali, and J. Gama. Human activity recognition using inertial sensors in a smart- phone: An overview.Sensors, 19(14):3213, 2019

    work page 2019

  23. [23]

    F. T. Liu, K. M. Ting, and Z.-H. Zhou. Isolation forest. In 2008 Eighth IEEE International Conference on Data Mining (ICDM), pages 413–422, 2008

    work page 2008

  24. [24]

    C. H. Lubba, S. S. Sethi, P. Knaute, S. R. Schultz, B. D. Fulcher, and N. S. Jones. catch22: Canonical time-series characteristics: Selected through highly comparative time- series analysis.Data Mining and Knowledge Discovery, 33(6):1821–1852, 2019

    work page 2019

  25. [25]

    Mahbub, J

    U. Mahbub, J. Komulainen, D. Ferreira, and R. Chellappa. Continuous authentication of smartphones based on applica- tion usage.IEEE Transactions on Biometrics, Behavior, and Identity Science, 1(3):165–180, 2019

    work page 2019

  26. [26]

    Malhotra, A

    P. Malhotra, A. Ramakrishnan, G. Anand, L. Vig, P. Agar- wal, and G. Shroff. LSTM-based encoder-decoder for multi- sensor anomaly detection. InProceedings of the ICML 2016 Anomaly Detection Workshop, 2016

    work page 2016

  27. [27]

    Middlehurst, A

    M. Middlehurst, A. Ismail-Fawaz, A. Guillaume, C. Holder, D. Guijo-Rubio, G. Bulatova, L. Tsaprounis, L. Mentel, M. Walter, P. Sch¨afer, and A. Bagnall. aeon: A Python toolkit for learning from time series.Journal of Machine Learning Research, 25(289):1–10, 2024

    work page 2024

  28. [28]

    Middlehurst, P

    M. Middlehurst, P. Sch ¨afer, and A. Bagnall. Bake off redux: a review and experimental evaluation of recent time series classification algorithms.Data Mining and Knowledge Dis- covery, 38(4):1958–2031, 2024

    work page 1958

  29. [29]

    Mohamed, B

    M. Mohamed, B. Shrestha, and N. Saxena. SMASheD: Sniffing and manipulating Android sensor data for offensive purposes.IEEE Transactions on Information Forensics and Security, 12(4):901–913, 2017

    work page 2017

  30. [30]

    Nanda, S

    A. Nanda, S. W. A. Shah, J. J. Jeong, R. Doss, and J. Webb. Toward higher levels of assurance in remote identity proof- ing.IEEE Consumer Electronics Magazine, 13(1):62–71, 2023

    work page 2023

  31. [31]

    Nanda, S

    A. Nanda, S. W. A. Shah, J. J. Jeong, R. Doss, and J. Webb. Toward Higher Levels of Assurance in Remote Identity Proofing.IEEE Consumer Electronics Magazine, 13(1):62– 71, 1 2024

    work page 2024

  32. [32]

    G. Pei, J. Zhang, M. Hu, Z. Zhang, C. Wang, Y . Wu, G. Zhai, J. Yang, and D. Tao. Deepfake generation and detection: A benchmark and survey.ACM Computing Surveys, 2024

    work page 2024

  33. [33]

    M. Qiao, Y . Zhai, and Y . Wang. Contrastive learning for continuous touch-based authentication, 2025

    work page 2025

  34. [34]

    K. S ´a, G. Souza, B. Callegari, A. Belgamo, A. Cabral, J. Gorla, and A. Costa e Silva. Use of filters to smooth out signals collected through mobile devices in the static and dy- namic balance assessment: A systematic review.Applied Sciences, 12(13):6579, 2022

    work page 2022

  35. [35]

    Sch ¨afer and U

    P. Sch ¨afer and U. Leser. Multivariate time series classifi- cation with WEASEL+MUSE. InProceedings of the 3rd ECML/PKDD Workshop on Advanced Analytics and Learn- ing on Temporal Data (AALTD), 2018

    work page 2018

  36. [36]

    Schmidl, P

    S. Schmidl, P. Wenig, and T. Papenbrock. Anomaly detection in time series: a comprehensive evaluation.Proceedings of the VLDB Endowment, 15(9):1779–1797, 2022

    work page 2022

  37. [37]

    Schmitt and I

    M. Schmitt and I. Flechais. Digital deception: Generative artificial intelligence in social engineering and phishing.Ar- tificial Intelligence Review, 57(12):324, 2024

    work page 2024

  38. [38]

    Sch ¨olkopf, J

    B. Sch ¨olkopf, J. C. Platt, J. Shawe-Taylor, A. J. Smola, and R. C. Williamson. Estimating the support of a high- dimensional distribution.Neural Computation, 13(7):1443– 1471, 2001

    work page 2001

  39. [39]

    Sharif, Z

    A. Sharif, Z. E. Ansaroudi, G. Sciarretta, D. P ¨ohn, M. Mol- laeefar, W. Hommel, and S. Ranise. Protecting digital iden- tity wallet: a threat model in the age of eidas 2.0. InInter- national Conference on Risks and Security of Internet and Systems, pages 89–106. Springer, 2024

    work page 2024

  40. [40]

    Z. Shen, S. Li, X. Zhao, and J. Zou. MMAuth: A continu- ous authentication framework on smartphones using multiple modalities.IEEE Transactions on Information Forensics and Security, 17:1450–1465, 2022

    work page 2022

  41. [41]

    Sitov ´a, J

    Z. Sitov ´a, J. ˇSedˇenka, Q. Yang, G. Peng, G. Zhou, P. Gasti, and K. S. Balagani. Hmog: New behavioral biometric features for continuous authentication of smartphone users. IEEE Transactions on Information Forensics and Security, 11(5):877–892, 2015

    work page 2015

  42. [42]

    Stisen, H

    A. Stisen, H. Blunck, S. Bhattacharya, T. S. Prentow, M. B. Kjærgaard, A. K. Dey, T. Sonne, and M. M. Jensen. Smart devices are different: Assessing and mitigating mobile sens- ing heterogeneities for activity recognition. InProceedings of the 13th ACM Conference on Embedded Networked Sen- sor Systems (SenSys), pages 127–140, 2015

    work page 2015

  43. [43]

    D. M. J. Tax and R. P. W. Duin. Support vector data descrip- tion.Machine Learning, 54(1):45–66, 2004

    work page 2004

  44. [44]

    Theissler, M

    A. Theissler, M. Wengert, and F. Gerschner. ROCKAD: Transferring ROCKET to whole time series anomaly detec- tion. InAdvances in Intelligent Data Analysis XXI (IDA 2023), volume 13876 ofLecture Notes in Computer Science, pages 419–432. Springer, Cham, 2023

    work page 2023

  45. [45]

    J. Vincent. A deepfake attack reportedly fooled a facial recognition test used by banks. The Verge, 2022.https: //www.theverge.com/2022/5/18/23092964/ deepfake - attack - facial - recognition - liveness - test - banks - sensity - report, pub- lished 2022-05-18

    work page 2022

  46. [46]

    Z. Wang, W. Yan, and T. Oates. Time series classification from scratch with deep neural networks: A strong baseline. In2017 International Joint Conference on Neural Networks (IJCNN), pages 1578–1585, 2017

    work page 2017

  47. [47]

    Yamane, M

    T. Yamane, M. Kimura, and M. Morita. Effects of sampling frequency on human activity recognition with machine learn- ing aiming at clinical applications.Sensors, 25(12):3780, 2025

    work page 2025

  48. [48]

    Z. Yu, J. Komulainen, X. Li, and G. Zhao. Review of face presentation attack detection competitions. InHandbook of Biometric Anti-Spoofing: Presentation Attack Detection and Vulnerability Assessment, pages 287–336. Springer, 2023

    work page 2023

  49. [49]

    Zhang, J

    D. Zhang, J. Meng, J. Zhang, X. Deng, S. Ding, M. Zhou, Q. Wang, Q. Li, and Y . Chen. Sonarguard: Ultrasonic Face Liveness Detection on Mobile Devices.IEEE Transactions on Circuits and Systems for Video Technology, 33(8):4401– 4414, 8 2023

    work page 2023

  50. [50]

    Zheng, Q

    Z. Zheng, Q. Wang, and C. Wang. Spoofing Attacks and Anti-Spoofing Methods for Face Authentication Over Smart- phones.IEEE Communications Magazine, 61(12):213–219, 12 2023

    work page 2023

  51. [51]

    L. Zhou, E. Fischer, C. Tunca, C. M. Brahms, C. Er- soy, U. Granacher, and B. Arnrich. How we found our IMU: Guidelines to IMU selection and a comparison of seven IMUs for pervasive healthcare applications.Sensors, 20(15):4090, 2020

    work page 2020