EEG-Based Brain-Computer Interfaces Are Vulnerable to Backdoor Attacks

• URL: http://arxiv.org/abs/2011.00101v2
• Date: Sat, 2 Jan 2021 23:16:26 GMT
• Title: EEG-Based Brain-Computer Interfaces Are Vulnerable to Backdoor Attacks
• Authors: Lubin Meng, Jian Huang, Zhigang Zeng, Xue Jiang, Shan Yu, Tzyy-Ping Jung, Chin-Teng Lin, Ricardo Chavarriaga, Dongrui Wu
• Abstract summary: Recent studies have shown that machine learning algorithms are vulnerable to adversarial attacks. This article proposes to use narrow period pulse for poisoning attack of EEG-based BCIs, which is implementable in practice and has never been considered before.
• Score: 68.01125081367428
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Research and development of electroencephalogram (EEG) based brain-computer interfaces (BCIs) have advanced rapidly, partly due to deeper understanding of the brain and wide adoption of sophisticated machine learning approaches for decoding the EEG signals. However, recent studies have shown that machine learning algorithms are vulnerable to adversarial attacks. This article proposes to use narrow period pulse for poisoning attack of EEG-based BCIs, which is implementable in practice and has never been considered before. One can create dangerous backdoors in the machine learning model by injecting poisoning samples into the training set. Test samples with the backdoor key will then be classified into the target class specified by the attacker. What most distinguishes our approach from previous ones is that the backdoor key does not need to be synchronized with the EEG trials, making it very easy to implement. The effectiveness and robustness of the backdoor attack approach is demonstrated, highlighting a critical security concern for EEG-based BCIs and calling for urgent attention to address it.

Related papers

• Alignment-Based Adversarial Training (ABAT) for Improving the Robustness and Accuracy of EEG-Based BCIs [20.239554619810935]
  ABAT performs EEG data alignment before adversarial training. Data alignment aligns EEG trials from different domains to reduce their distribution discrepancies. adversarial training further robustifies the classification boundary.
  arXiv  Detail & Related papers  (2024-11-04T13:56:54Z)
• Professor X: Manipulating EEG BCI with Invisible and Robust Backdoor Attack [4.579605201643072]
  Professor X is an invisible and robust "mind-controller" that can arbitrarily manipulate the outputs of EEG BCI. Experiments on datasets of three common EEG tasks demonstrate the effectiveness and robustness of Professor X.
  arXiv  Detail & Related papers  (2024-09-30T10:10:52Z)
• Efficient Backdoor Defense in Multimodal Contrastive Learning: A Token-Level Unlearning Method for Mitigating Threats [52.94388672185062]
  We propose an efficient defense mechanism against backdoor threats using a concept known as machine unlearning. This entails strategically creating a small set of poisoned samples to aid the model's rapid unlearning of backdoor vulnerabilities. In the backdoor unlearning process, we present a novel token-based portion unlearning training regime.
  arXiv  Detail & Related papers  (2024-09-29T02:55:38Z)
• Adversarial Artifact Detection in EEG-Based Brain-Computer Interfaces [28.686844131216287]
  Machine learning has achieved great success in electroencephalogram (EEG) based brain-computer interfaces (BCIs) Recent studies have shown that EEG-based BCIs are vulnerable to adversarial attacks, where small perturbations added to the input can cause misclassification. This paper, for the first time, explores adversarial detection in EEG-based BCIs.
  arXiv  Detail & Related papers  (2022-11-28T11:05:32Z)
• Invisible Backdoor Attack with Dynamic Triggers against Person Re-identification [71.80885227961015]
  Person Re-identification (ReID) has rapidly progressed with wide real-world applications, but also poses significant risks of adversarial attacks. We propose a novel backdoor attack on ReID under a new all-to-unknown scenario, called Dynamic Triggers Invisible Backdoor Attack (DT-IBA) We extensively validate the effectiveness and stealthiness of the proposed attack on benchmark datasets, and evaluate the effectiveness of several defense methods against our attack.
  arXiv  Detail & Related papers  (2022-11-20T10:08:28Z)
• Adversarial EXEmples: A Survey and Experimental Evaluation of Practical Attacks on Machine Learning for Windows Malware Detection [67.53296659361598]
  adversarial EXEmples can bypass machine learning-based detection by perturbing relatively few input bytes. We develop a unifying framework that does not only encompass and generalize previous attacks against machine-learning models, but also includes three novel attacks. These attacks, named Full DOS, Extend and Shift, inject the adversarial payload by respectively manipulating the DOS header, extending it, and shifting the content of the first section.
  arXiv  Detail & Related papers  (2020-08-17T07:16:57Z)
• Classification and Recognition of Encrypted EEG Data Neural Network [10.171935814743678]
  A classification and recognition method of encrypted EEG data based on neural network is proposed. It adopts Paillier encryption algorithm to encrypt EEG data and resolves the problem of floating point operations. Our proposal has the satisfactory accuracy, efficiency and feasibility compared with other solutions.
  arXiv  Detail & Related papers  (2020-06-15T04:21:23Z)
• Tiny noise, big mistakes: Adversarial perturbations induce errors in Brain-Computer Interface spellers [45.439697770189134]
  An electroencephalogram (EEG) based brain-computer interface (BCI) speller allows a user to input text to a computer by thought. This study, for the first time, shows that P300 and steady-state visual evoked potential BCI spellers are very vulnerable.
  arXiv  Detail & Related papers  (2020-01-30T21:18:46Z)
• EEG-based Brain-Computer Interfaces (BCIs): A Survey of Recent Studies on Signal Sensing Technologies and Computational Intelligence Approaches and their Applications [65.32004302942218]
  Brain-Computer Interface (BCI) is a powerful communication tool between users and systems. Recent technological advances have increased interest in electroencephalographic (EEG) based BCI for translational and healthcare applications.
  arXiv  Detail & Related papers  (2020-01-28T10:36:26Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.