Trending News
Home / Technology / BioScience / Brain-computer interfaces (BCI) are vulnerable to cyber attacks and need security and safety measures

Brain-computer interfaces (BCI) are vulnerable to cyber attacks and need security and safety measures

Every action our body performs begins with a thought, and with every thought comes an electrical signal. The electrical signals can be received by the brain-computer interface, consisting of an electroencephalograph (EEG) or an implanted electrode, which can then be translated, and then sent to the performing hardware to produce the desired action. BCI is an alternative system built on artificial mechanisms and acts as a bridge between the brain and external devices. The aim of BCI is to convey human intentions to external devices by directly extracting brain signals. Eventually, the brain and computers would be highly integrated.


Brain-computer interfaces are being applied in neuroprosthetics, through which paralyzed persons are able to control robotic arms, neurogaming where one can control keyboard, mouse etc using their thoughts and play games, neuroanalysis (psychology), and in defense to control robotic soldiers or fly planes with thoughts.


Recent experimental results show how electroencephalographic (EEG) signals, recorded from consumer-grade BCI devices, can be used to extract private information about a user. With sufficient computational power, this information can be exploited by others to make inferences about our memory, intentions, conscious and unconscious interests, as well as about our emotional reactions.


BCI are also vulnerable to privacy and security threats. Companies who opt to use BCI technology to collect private information about employee in the workplace. Even when used with the best of intentions, companies could risk becoming overly dependent on using brain data to evaluate, monitor, and train employees, and there are risks associated with that.

BCI are also vulnerable to hacking. Hackers can access a BCI headband and create/send manipulated EEG data. A hacker could also intercept and alter all data transmitted by your BCI. It’s possible that a hacker could steal your “passthoughts” user credentials and interact with your devices (laptop, car, etc.). They they could also be used by criminals to manipulate thoughts or even cause death, or used to control soldier’s brains and their actions. According to some Analysts Human Brain is going to become sixth war fighting domain.


The manufacturers of BCI devices focus on application development, without paying much attention to security and privacy related issues. Privacy and security issues arising from the misuse of BCI devices is an important issue that deserves immediate attention and development of suitable countermeasures.

BCI threats and vulnerabilites

The typical brain-computer interfaces consist of acquisition devices that capture the brain neural signals After signal acquisition, BCI systems transform these analog signals into digital signals. Then, using signal processing, the features are extracted and classified. Then, finally the signal output is sent to BCI applications. So far, most studies in this area have focused on developing BCI classifiers that are faster and more reliable, rather than investigating their possible security vulnerabilities.

Working of Brain-Computer Interfaces. | Download Scientific Diagram

BCI technology for the mass market collects information — processing it through an app before sending messages back to the user, whether it’s a physician, therapist or company collecting the data for a specific purpose. The attacker can intercept the transmission, save brain neural signals, and decompose the raw signals to obtain private information.  The captured EEG signal could reveal the user’s private information about, e.g., bank cards, PIN numbers, area of living, the knowledge of the known persons. Furthermore, attacker could inject false signals or modify the signal to jeopardize the safety of prosthetic limbs of patients  to give dangerous movement to patients injuring themselves or others.


The technology is premature, Usieto explained, and any mishandling could lead to abuse of confidential data regarding an individual’s health, personal preferences and emotions, said cybersecurity expert Pablo Ballarin Usieto. But Tamara Bonaci, a Northeastern University professor in Boston who specializes in the security and privacy of emerging biomedical technologies, is wary of how such data can be secured effectively. She fears BCI devices may give access not only to a user’s psychological information, but to private information like PINs and passwords, as well.


Moreover, as more BCIs start involving wireless communication, the security vulnerabilities are also getting further multiplied. The smartphone-based BCI applications are prone to attacks that originate in the mobile device itself. Therefore, most of the possible attacks on smartphone issues could also be considered as security and privacy issues of smartphone-based BCI applications.


The recent rise in mobile malware have made Mobile phones vulnerable to data leakage and tempering of sensitive information such as business documents, bank details, credit card information and make purchases. These applications can access private data which is acquired from BCI devices and stored in smartphones or SD card. This data can be illegally transferred by a malware to a remote server (e.g., privilege escalation attacks. Developers of malwares can analyse the private signals and attack the users of BCI devices.


Adversarial attacks on Machine learning

In recent years, advances in machine learning (ML) have enabled the development of more advanced BCI spellers, devices that allow people to communicate with computers using their thoughts. Recent research, however, suggests that machine learning algorithms can sometimes be fooled by attackers, whether they are used in computer vision, speech recognition, or other domains.


Researchers at Huazhong University of Science and Technology have recently carried out a study investigating the security of EEG-based BCI spellers, and more specifically, how they are affected by adversarial perturbations. Their paper, pre-published on arXiv, suggests that BCI spellers are fooled by these perturbations and are thus highly vulnerable to adversarial attacks. “This article aims to expose a critical security concern in EEG-based BCI spellers and more broadly, EEG-based BCIs, which has received little attention before,” Dongrui Wu, one of the researchers who carried out the study, told TechXplore. “It shows that one can generate tiny adversarial EEG perturbation templates for target attacks for both P300 and steady-state visual evoked potential (SSVEP) spellers, i.e., mislead the classification to any character the attacker wants, regardless of what the user-intended character is.”


Study unveils security vulnerabilities in EEG-based brain-computer interfaces (BCIs)

P300 BCI spellers are already used in several settings, including in clinics, to evaluate or detect disorders of consciousness. Adversarial attacks to BCI spellers could thus have numerous consequences, ranging from simple usability issues to severe patient misdiagnoses. “We believe that a new and more detailed understanding of how adversarial EEG perturbations affect BCI classification can inform the design of BCIs to defend against such attacks,” Wu explained.


“Defending adversarial attacks is a common research problem in many applications of machine learning, e.g., computer vision, speech recognition, and BCIs,” Wu said. “If we know the approach the attacker takes, then we can develop strategies to defend against it, just like how we defend against computer viruses: a virus breaks out first and then we find ways to kill it.”


Attackers are always trying to come up with new ways to circumvent security measures, so it is important for researchers to continue investigating system vulnerabilities and come up with new security measures. While it is unavoidable for targeted security solutions to be developed after a specific vulnerability has been identified, uncovering general issues with a system and taking precautions can be very useful.

BCI safeguards and Security technologies

The concept of security, refers to the “protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction to provide integrity, confidentiality and availability”.

  • Integrity is “protection against unauthorized modification or destruction of information. A state in which information has remained unaltered from the point it was produced by a source, during transmission, storage, and eventual receipt by the destination”.
  • Confidentiality: “preservation of authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information”.
  • Availability: “property that data or information is accessible and usable upon demand by an authorized person.”
  • Safety: “freedom from conditions that can cause death, injury, occupational illness, damage to or loss of equipment or property, or damage to the environment.”  This work considers the safety concept from the physiological, psychiatric, and psychological perspectives


There are some appropriate safeguards in the design of the neuromedical applications which can be deployed in the coming years. The communica- tion between neural implantable devices and patients must be kept confidential.The information should be  transmitted in an encrypted format.


Authentication is a process that ensures and confirms a user’s identity. Using EEG brain signals as authentication measure has been proposed in many literatures and proved to be effective.  BCI devices record brainwave signals when a subject performs a custom task (e.g., singing, breathing or finger movement). Then, brain signals are wirelessly transmitted to a computer application which collect and process this data. Their authentication system analyses the similarity between such brain data and training data to authenticate subjects.


The privacy risks implementing BCI can be overcome, Javier Minguez, Usieto’s research collaborator, told Digital Privacy News. He also is co-founder and chief technology officer at Bitbrain, a neurotechnology company also based in Spain. First, anonymity during the data-collection process cannot be understated. “The most-important aspect to address when acquiring the data is to comply with European GDPR, which is very strict,” Minguez said. Taking effect in May 2018, the U.K.’s General Data Protection Regulation sets limitations on what organizations can do with any personal data they collect across Europe. “There are many points that we need to address, but one of the most relevant for privacy is that the personal data always needs to be dissociated from the biomedical data,” Minguez said.


He also recommended using two protection layers with the BCI technology, though with a single encryption. The first layer would be the main server, where all data is stored. To ensure anonymity, an individual’s biometric and personal data should be encrypted and housed in different folders during this stage, Minguez explained. The second layer would be a corporate cloud server, where only the biometric data — having been encrypted in the main computer — is stored.


The adversary can even attack the authentication system via synthetic EEG signals, using EEG generative model based on the historical EEG data from a subject can also attack the authentication system. One of the countermeasures would be to use multiple authentication signals (e.g., the signals of singing, breathing, or being shocked). Besides, we can combine the existing authentication methods on smartphone device to perform multidimensional authentication.


All smartphones, as computers, are preferred targets of attacks. These attacks exploit weaknesses inherent in smartphones that can come from the communication mode—like Short Message Service (SMS), Multimedia Messaging Service (MMS), wifi, Bluetooth and GSM, the de facto global standard for mobile communications. There are also exploits that target software vulnerabilities in the browser or operating system. And some malicious software relies on the weak knowledge of an average user.


Companies are now incorporating security counter-measures in smartphones, from security in different layers of software to the dissemination of information to end users. The first layer of security in a smartphone is the operating system (OS). Beyond needing to handle the usual roles of an operating system (e.g. resource management, scheduling processes) on the device, it must also establish the protocols for introducing external applications and data without introducing risk. Above the operating system security, there is a layer of security software. This layer is composed of individual components to strengthen various vulnerabilities: prevent malware, intrusions, the identification of a user as a human, and user authentication. Smartphones are providing end-to-end encryption on some widely-used messaging apps to delivering rapid updates of security patches .


In the future, more effective countermeasures should be proposed to guarantee that neuromedical applications are not only safe and effective, but also these applications are robust enough to prevent attacks.


University of Washington’s BioRobotics Lab BCI security project

This project focuses on making improvements to privacy and security properties of BCI-enabled technologies. In doing so, the project consists of two major steps. The focus of the first step is to identify which components of an electroencephalography (EEG) signal can be used to extract private information. After identifying potential vulnerabilities, the researchers will quantify the amount of exposed information.


Based on the obtained results, the focus of the second step is the development of a software tool, aimed at preventing potential extraction of users’ private information. The proposed tool, referred to as the “BCI Anonymizer”, is based on  hypothesis that recorded brain signals can be decomposed into a collection of characteristic signal components in real time. From these components, one can extract information corresponding to a user’s intended BCI commands, while filtering out any potentially private information.


The aims of this project are expected to enhance the development of the closed-loop brain-controlled interfaces. The knowledge of how to extract private information from the recorded brain signals, and more importantly, how to decompose recorded signals to prevent the potential private information leakage, will advance the ability to select useful control commands from the brain in real time.


Moreover, as more BCIs start involving wireless communication, this project will provide enabling technology for addressing the emerging security and privacy issues.



References and resources also include:

About Rajesh Uppal

Check Also

Military employing Synthetic Biology for synthesis of Structural biomaterials for self-healing materials to fire-resistant drones

Biological materials are materials that are produced by living organisms, such as, blood, bone, proteins, …

Leave a Reply

Your email address will not be published. Required fields are marked *

error: Content is protected !!