Intelli-Sec Neuro Blaze
On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces
[Summary] [In the News] [Project Members]
Brain computer interfaces (BCI) are becoming increasingly popular in the gaming and entertainment industries. Consumer-grade BCI devices are available for
a few hundred dollars and are used in a variety of applications, such as video games, hands-free keyboards, or as
an assistant in relaxation training. There are application
stores similar to the ones used for smart phones, where
application developers have access to an API to collect
data from the BCI devices.
The security risks involved in using consumer-grade BCI devices have never been studied and the impact of
malicious software with access to the device is unexplored. We take a first step in studying the security implications of such devices and demonstrate that this upcom-
ing technology could be turned against users to reveal
their private and secret information. We use inexpensive
electroencephalography (EEG) based BCI devices to test
the feasibility of simple, yet effective, attacks. The captured EEG signal could reveal the user’s private information about, e.g., bank cards, PIN numbers, area of living,
the knowledge of the known persons. This is the first
attempt to study the security implications of consumergrade BCI devices. We show that the entropy of the private information is decreased on the average by approximately 15% - 40% compared to random guessing attacks.
Here is a link to the PDF for those that want to know more.
Dawn Song (Faculty)
Ivan Martinovic(Faculty University of Oxford)
Mario Frank (Postdoc)
back to Intelli-Sec page