BCI Security

The problem

Brain-computer interfaces (BCIs) represent a direct communication link between the brain and an external device. Recent experimental results show how electroencephalographic (EEG) signals, recorded from consumer-grade BCI devices, can be used to extract private information about a user. With sufficient computational power, this information can be exploited by others to make inferences about our memory, intentions, conscious and unconscious interests, as well as about our emotional reactions. Privacy and security issues arising from the misuse of BCI devices is an important issue that deserves immediate attention and careful consideration.

Privacy_threats_4

Our solution

This project focuses on making improvements to privacy and security properties of BCI-enabled technologies. In doing so, the project consists of two major steps. The focus of the first step is to identify which components of an electroencephalography (EEG) signal can be used to extract private information. After identifying potential vulnerabilities, we will quantify the amount of exposed information. Based on the obtained results, the focus of the second step is the development of a software tool, aimed at preventing potential extraction of users’ private information. The proposed tool, which we refer to as the “BCI Anonymizer”, is based on our hypothesis that recorded brain signals can be decomposed into a collection of characteristic signal components in real time. From these components, one can extract information corresponding to a user’s intended BCI commands, while filtering out any potentially private information.

Impact

The aims of this project are expected to enhance the development of the closed-loop brain-controlled interfaces. The knowledge of how to extract private information from the recorded brain signals, and more importantly, how to decompose recorded signals to prevent the potential private information leakage, will advance the ability to select useful control commands from the brain in real time. Moreover, as more BCIs start involving wireless communication, this project will provide enabling technology for addressing the emerging security and privacy issues.

Affiliated Students and Faculty: Katherine PrattHoward Chizeck

Related Media:

Our ongoing work in improving privacy and security of brain-computer interfaces was recently presented on NPR’s All Things Considered and GeekWire Radio.

NPRbrainpcb

Publications:

T. Bonaci, M. R. Calo, H. J. Chizeck, App Stores for the Brain: Privacy and Security in Brain-Computer Interfaces‘, IEEE Technology and Society Magazine, vol. 34, issue 2, June 2015

T. Bonaci, J. Herron, C. Matlack, H. J. Chizeck, ‘Securing the Exocortex: A Twenty-First Century Cybernetics Challenge’, the Proceedings of the IEEE 2014 Conference on Norbert Wiener in the 21st Century, Boston, MA, June 2014

T. Bonaci, M. R. Calo, H. J. Chizeck, ‘App Stores for the Brain: Privacy and Security in Brain-Computer Interfaces’, the Proceedings of the IEEE International Symposium on Ethics in Engineering, Science and Technology, Chicago, IL, May 2014 (best paper award)

Presentations:

T. Bonaci, J. Herron, T. Libey, B. Mogen, H. J. Chizeck, ‘How Susceptible is the Brain to the Side-Channel Private Information Extraction? An Experimental Analysis Using Non-invasive Brain-Computer Interfaces’, Society for Neuroscience 44th Annual Meeting, Washington, DC, November 2014

T. Bonaci, J. Herron, T. Libey, B. Mogen, H. J. Chizeck, ‘How Susceptible is the Brain to the Side-Channel Private Information Extraction? An Experimental Analysis Using Non-invasive Brain-Computer Interfaces’, International Neuroethics Society Annual Meeting, Washington, DC, November 2014 (AJOB top submission)

T. Bonaci and H. J . Chizeck, ‘Experimental Analysis of Brain malware in Brain-Computer Interfaces’, NeuroFutures Conference 2014, June 2014, Seattle, WA

Patents:

H. J. Chizeck, and T. Bonaci, “Brain-Computer Interface Anonymizer”, Application Number: US 14/174,818, February 2014.

 Funding Sources:

nsf1CSNE