Universal adversarial perturbations for CNN classifiers in EEG-based BCIs

被引：32

作者：

Liu, Zihan ^{[1
]}

Meng, Lubin ^{[1
]}

Zhang, Xiao ^{[1
]}

Fang, Weili ^{[2
]}

Wu, Dongrui ^{[1
,3
]}

机构：

[1] Huazhong Univ Sci & Technol, Sch Artificial Intelligence & Automat, Minist Educ Image Proc & Intelligent Control, Key Lab, Wuhan 430074, Peoples R China

[2] Natl Univ Singapore, Sch Design & Environm, Singapore 117566, Singapore

[3] Zhejiang Lab, Hangzhou 311121, Peoples R China

来源：

JOURNAL OF NEURAL ENGINEERING | 2021年 / 18卷 / 04期

基金：

中国国家自然科学基金;

关键词：

brain-computer interface; convolutional neural network; electroencephalogram; universal adversarial perturbation;

D O I：

10.1088/1741-2552/ac0f4c

中图分类号：

R318 [生物医学工程];

学科分类号：

0831 ;

摘要：

Objective. Multiple convolutional neural network (CNN) classifiers have been proposed for electroencephalogram (EEG) based brain-computer interfaces (BCIs). However, CNN models have been found vulnerable to universal adversarial perturbations (UAPs), which are small and example-independent, yet powerful enough to degrade the performance of a CNN model, when added to a benign example. Approach. This paper proposes a novel total loss minimization (TLM) approach to generate UAPs for EEG-based BCIs. Main results. Experimental results demonstrated the effectiveness of TLM on three popular CNN classifiers for both target and non-target attacks. We also verified the transferability of UAPs in EEG-based BCI systems. Significance. To our knowledge, this is the first study on UAPs of CNN classifiers in EEG-based BCIs. UAPs are easy to construct, and can attack BCIs in real-time, exposing a potentially critical security concern of BCIs.

引用

页数：16

共 46 条

[1] Defense against Universal Adversarial Perturbations [J].

Akhtar, Naveed ;

Liu, Jian ;

Mian, Ajmal .

2018 IEEE/CVF CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR), 2018, :3389-3398

[2]

Ang KK, 2008, IEEE IJCNN, P2390, DOI 10.1109/IJCNN.2008.4634130

[3]

[Anonymous], 2015, ACS SYM SER

[4]

[Anonymous], 2017, INT C LEARN REPR

[5]

Athalye A, 2018, PR MACH LEARN RES, V80

[6]

Backes M., 2016, arXiv preprint arXiv:1606.04435, DOI DOI 10.1111/IJFS.12415

[7]

Baluja S., 2017, CoRRabs/1703.09387

[8]

Bashivan P., 2016, Proceedings of the 4th International Conference on Learning Representations (ICLR)

[9]

Behjati M, 2019, INT CONF ACOUST SPEE, P7345, DOI [10.1109/ICASSP.2019.8682430, 10.1109/icassp.2019.8682430]

[10]

Biggio Battista, 2013, Machine Learning and Knowledge Discovery in Databases. European Conference, ECML PKDD 2013. Proceedings: LNCS 8190, P387, DOI 10.1007/978-3-642-40994-3_25

← 1 2 3 4 5 →