Explainable Data Poison Attacks on Human Emotion Evaluation Systems based on EEG Signals

• URL: http://arxiv.org/abs/2301.06923v1
• Date: Tue, 17 Jan 2023 14:44:46 GMT
• Title: Explainable Data Poison Attacks on Human Emotion Evaluation Systems based on EEG Signals
• Authors: Zhibo Zhang, Sani Umar, Ahmed Y. Al Hammadi, Sangyoung Yoon, Ernesto Damiani, Claudio Agostino Ardagna, Nicola Bena, and Chan Yeob Yeun
• Abstract summary: This paper explains the data poisoning attacks using label-flipping during the training stage of the electroencephalogram (EEG) signal-based human emotion evaluation systems. EEG signal-based human emotion evaluation systems have shown several vulnerabilities to data poison attacks.
• Score: 3.8523826400372783
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: The major aim of this paper is to explain the data poisoning attacks using label-flipping during the training stage of the electroencephalogram (EEG) signal-based human emotion evaluation systems deploying Machine Learning models from the attackers' perspective. Human emotion evaluation using EEG signals has consistently attracted a lot of research attention. The identification of human emotional states based on EEG signals is effective to detect potential internal threats caused by insider individuals. Nevertheless, EEG signal-based human emotion evaluation systems have shown several vulnerabilities to data poison attacks. The findings of the experiments demonstrate that the suggested data poison assaults are model-independently successful, although various models exhibit varying levels of resilience to the attacks. In addition, the data poison attacks on the EEG signal-based human emotion evaluation systems are explained with several Explainable Artificial Intelligence (XAI) methods, including Shapley Additive Explanation (SHAP) values, Local Interpretable Model-agnostic Explanations (LIME), and Generated Decision Trees. And the codes of this paper are publicly available on GitHub.

Related papers

• Reputation-Based Federated Learning Defense to Mitigate Threats in EEG Signal Classification [10.57197051973977]
  It is difficult to create efficient learning models for EEG analysis because of the distributed nature of EEG data and related privacy and security concerns. This paper presents a reputation-based threat mitigation framework that defends potential security threats in electroencephalogram (EEG) signal classification.
  arXiv  Detail & Related papers  (2023-10-22T08:08:15Z)
• A Knowledge-Driven Cross-view Contrastive Learning for EEG Representation [48.85731427874065]
  This paper proposes a knowledge-driven cross-view contrastive learning framework (KDC2) to extract effective representations from EEG with limited labels. The KDC2 method creates scalp and neural views of EEG signals, simulating the internal and external representation of brain activity. By modeling prior neural knowledge based on neural information consistency theory, the proposed method extracts invariant and complementary neural knowledge to generate combined representations.
  arXiv  Detail & Related papers  (2023-09-21T08:53:51Z)
• DGSD: Dynamical Graph Self-Distillation for EEG-Based Auditory Spatial Attention Detection [49.196182908826565]
  Auditory Attention Detection (AAD) aims to detect target speaker from brain signals in a multi-speaker environment. Current approaches primarily rely on traditional convolutional neural network designed for processing Euclidean data like images. This paper proposes a dynamical graph self-distillation (DGSD) approach for AAD, which does not require speech stimuli as input.
  arXiv  Detail & Related papers  (2023-09-07T13:43:46Z)
• Exploring Model Dynamics for Accumulative Poisoning Discovery [62.08553134316483]
  We propose a novel information measure, namely, Memorization Discrepancy, to explore the defense via the model-level information. By implicitly transferring the changes in the data manipulation to that in the model outputs, Memorization Discrepancy can discover the imperceptible poison samples. We thoroughly explore its properties and propose Discrepancy-aware Sample Correction (DSC) to defend against accumulative poisoning attacks.
  arXiv  Detail & Related papers  (2023-06-06T14:45:24Z)
• Explainable Label-flipping Attacks on Human Emotion Assessment System [4.657100266392171]
  This paper provides an attacker's point of view on data poisoning assaults that use label-flipping. The proposed data poison attacksm based on label-flipping are successful regardless of the model. XAI techniques are used to explain the data poison attacks on EEG signal-based human emotion evaluation systems.
  arXiv  Detail & Related papers  (2023-02-08T15:04:27Z)
• Label Flipping Data Poisoning Attack Against Wearable Human Activity Recognition System [0.5284812806199193]
  This paper presents the design of a label flipping data poisoning attack for a Human Activity Recognition (HAR) system. Due to high noise and uncertainty in the sensing environment, such an attack poses a severe threat to the recognition system. This paper shades light on how to carry out the attack in practice through smartphone-based sensor data collection applications.
  arXiv  Detail & Related papers  (2022-08-17T17:52:13Z)
• EEG2Vec: Learning Affective EEG Representations via Variational Autoencoders [27.3162026528455]
  We explore whether representing neural data, in response to emotional stimuli, in a latent vector space can serve to both predict emotional states. We propose a conditional variational autoencoder based framework, EEG2Vec, to learn generative-discriminative representations from EEG data.
  arXiv  Detail & Related papers  (2022-07-16T19:25:29Z)
• Emotional EEG Classification using Connectivity Features and Convolutional Neural Networks [81.74442855155843]
  We introduce a new classification system that utilizes brain connectivity with a CNN and validate its effectiveness via the emotional video classification. The level of concentration of the brain connectivity related to the emotional property of the target video is correlated with classification performance.
  arXiv  Detail & Related papers  (2021-01-18T13:28:08Z)
• EEG-Based Brain-Computer Interfaces Are Vulnerable to Backdoor Attacks [68.01125081367428]
  Recent studies have shown that machine learning algorithms are vulnerable to adversarial attacks. This article proposes to use narrow period pulse for poisoning attack of EEG-based BCIs, which is implementable in practice and has never been considered before.
  arXiv  Detail & Related papers  (2020-10-30T20:49:42Z)
• A Novel Transferability Attention Neural Network Model for EEG Emotion Recognition [51.203579838210885]
  We propose a transferable attention neural network (TANN) for EEG emotion recognition. TANN learns the emotional discriminative information by highlighting the transferable EEG brain regions data and samples adaptively. This can be implemented by measuring the outputs of multiple brain-region-level discriminators and one single sample-level discriminator.
  arXiv  Detail & Related papers  (2020-09-21T02:42:30Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.