Computer Science > Machine Learning
[Submitted on 3 Dec 2019 (v1), revised 30 Jan 2021 (this version, v3), latest version 24 Jun 2021 (v5)]
Title:Universal Adversarial Perturbations for CNN Classifiers in EEG-Based BCIs
View PDFAbstract:Multiple convolutional neural network (CNN) classifiers have been proposed for electroencephalogram (EEG) based brain-computer interfaces (BCIs). However, CNN models have been found vulnerable to universal adversarial perturbations (UAPs), which are small and example-independent, yet powerful enough to degrade the performance of a CNN model, when added to a benign example. This paper proposes a novel total loss minimization (TLM) approach to generate UAPs for EEG-based BCIs. Experimental results demonstrated the effectiveness of TLM on three popular CNN classifiers for both target and non-target attacks. We also verified the transferability of UAPs in EEG-based BCI systems. To our knowledge, this is the first study on UAPs of CNN classifiers in EEG-based BCIs, and also the first study on optimization based UAPs for target attacks. UAPs are easy to construct, and can attack BCIs in real-time, exposing a potentially critical security concern of BCIs.
Submission history
From: Dongrui Wu [view email][v1] Tue, 3 Dec 2019 03:00:08 UTC (1,448 KB)
[v2] Thu, 2 Jul 2020 22:38:54 UTC (1,465 KB)
[v3] Sat, 30 Jan 2021 20:34:58 UTC (1,466 KB)
[v4] Thu, 18 Feb 2021 16:03:24 UTC (1,466 KB)
[v5] Thu, 24 Jun 2021 02:03:24 UTC (2,105 KB)
Current browse context:
cs.LG
References & Citations
Bibliographic and Citation Tools
Bibliographic Explorer (What is the Explorer?)
Litmaps (What is Litmaps?)
scite Smart Citations (What are Smart Citations?)
Code, Data and Media Associated with this Article
CatalyzeX Code Finder for Papers (What is CatalyzeX?)
DagsHub (What is DagsHub?)
Gotit.pub (What is GotitPub?)
Papers with Code (What is Papers with Code?)
ScienceCast (What is ScienceCast?)
Demos
Recommenders and Search Tools
Influence Flower (What are Influence Flowers?)
Connected Papers (What is Connected Papers?)
CORE Recommender (What is CORE?)
IArxiv Recommender
(What is IArxiv?)
arXivLabs: experimental projects with community collaborators
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.
Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs.