EEG-Based Brain-Computer Interfaces are Vulnerable to Backdoor Attacks

Research and development of electroencephalogram (EEG) based brain-computer interfaces (BCIs) have advanced rapidly, partly due to deeper understanding of the brain and wide adoption of sophisticated machine learning approaches for decoding the EEG signals. However, recent studies have shown that ma...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on neural systems and rehabilitation engineering 2023, Vol.31, p.2224-2234
Main Authors: Meng, Lubin, Jiang, Xue, Huang, Jian, Zeng, Zhigang, Yu, Shan, Jung, Tzyy-Ping, Lin, Chin-Teng, Chavarriaga, Ricardo, Wu, Dongrui
Format: Article
Language:English
Subjects:
adversarial attack
Algorithms
backdoor attack
Brain
Brain modeling
Brain > computer interfaces
Convolution
Data models
EEG
Electroencephalography
Human-computer interface
Humans
Interfaces
Learning algorithms
Machine Learning
Perturbation methods
Poisoning
R&D
Research & development
Security
Training
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Research and development of electroencephalogram (EEG) based brain-computer interfaces (BCIs) have advanced rapidly, partly due to deeper understanding of the brain and wide adoption of sophisticated machine learning approaches for decoding the EEG signals. However, recent studies have shown that machine learning algorithms are vulnerable to adversarial attacks. This paper proposes to use narrow period pulse for poisoning attack of EEG-based BCIs, which makes adversarial attacks much easier to implement. One can create dangerous backdoors in the machine learning model by injecting poisoning samples into the training set. Test samples with the backdoor key will then be classified into the target class specified by the attacker. What most distinguishes our approach from previous ones is that the backdoor key does not need to be synchronized with the EEG trials, making it very easy to implement. The effectiveness and robustness of the backdoor attack approach is demonstrated, highlighting a critical security concern for EEG-based BCIs and calling for urgent attention to address it.
ISSN:1534-4320
1558-0210
DOI:10.1109/TNSRE.2023.3273214