Brain-Computer Interfaces (BCIs): Threats and Cyber Attacks
DOI:
https://doi.org/10.18041/1909-2458/ingeniare.33.9733Keywords:
Brain Computer Interfaces, Cyberattacks, Risk Management, BCI System, VulnerabilityAbstract
The Brain-Computer Interfaces-BCI, is a technology with which the different values obtained from brain signals can be acquired and processed in order to later pass them to final devices so that they interact according to what is arranged by the brain. Within the technological process, can have vulnerabilities and cybersecurity attacks such as denial of service, theft or alteration of information, making the system a vulnerable element, which can allow events that are beyond the control of end users or administrators. This article's objective is to present the security risks that may affect information on local Brain Computer Interfaces (BCI) and to offer a proposal on how the vulnerabilities found in a research environment could be controlled. As a result, a series of risks were obtained that can impact the availability, integrity or confidentiality of the data processed in the system, as well as a group of controls.
Downloads
References
F. M. Toma, “A hybrid neuro-experimental decision support system to classify overconfidence and performance in a simulated bubble using a passive BCI,” Expert Syst. Appl., vol. 212, p. 118722, 2023, doi: https://doi.org/10.1016/j.eswa.2022.118722.
L. Meng, J. Huang, Z. Zeng, et al., "EEG-Based Brain-Computer Interfaces Are Vulnerable to Backdoor Attacks". PREPRINT (Version 1), 2020. doi: 10.21203/rs.3.rs-108085/v1.
R. Anbarasan, D. Gómez Carmona, and R. Mahendran, “Human Taste-Perception: Brain Computer Interface (BCI) and Its Application as an Engineering Tool for Taste-Driven Sensory Studies,” Food Eng. Rev., vol. 14, no. 3, pp. 408-434, 2022, doi: 10.1007/s12393-022-09308-0.
A. F. Osorio-Sierra, M. J. Mateus-Hernández y H. F. Vargas-Montoya, "Proceso para la identificación, clasificación y control del comportamiento de familias Ransomware". Revista UIS Ingenierías. Vol. 19, n.° 3, pp. 131-142, 2020, revistas.uis.edu.co/index.php/revistauisingenierias.
Amazon AWS, "¿Qué es un ataque DoS?". Amazon Corp. https://aws.amazon.com/es/shield/ddos-attack-protection. (consultada octubre 15, 2022).
C. A. Ríos Agudelo, "Arquitectura para automatizar respuesta a incidentes de seguridad de la información relacionados con ataques internos mediante la ejecución de técnicas spoofing". Tesis de Maestría, Antioquia, Instituto tecnológico metropolitano-ITM. 2020. https://repositorio.itm.edu.co/handle/20.500.12622/4456.
E. Crespo-Martínez, "Análisis de vulnerabilidades con SQLMAP aplicada a entornos APEX 5". Ingenius N.° 25, pp. 103-112. enero-junio, 2021. doi: https://doi.org/10.17163/ings.n25.2021.10.
E.A. Mohamed, M.Z. Yusoff, A.S. Malik, et al., "Comparison of EEG signal decomposition methods in classification of motor-imagery BCI". Multimed Tools Appl 77, 21305–21327 (2018). https://doi.org/10.1007/s11042-017-5586-9.
I. Choi, I. Rhiu, Y. Lee, M.H. Yun y C.S. Nam, "A systematic review of hybrid brain-computer interfaces: Taxonomy and usability perspectives". In PLoS ONE, Vol. 12, Issue 4, 2017. https://doi.org/10.1371/journal.pone.0176674.
Instituto Nacional de Ciberseguridad, "El ataque del 'Man in the middle' en la empresa, riesgos y formas de evitarlo”. Incibe. 2020. https://www.incibe.es/protege-tu-empresa/blog/el-ataque-del-man-middle-empresa-riesgos-y-formas-evitarlo (consultada octubre 15, 2022).
M. A. Roldán Álvarez y H.F. Vargas Montoya, "Ciberseguridad en las redes móviles de telecomunicaciones y su gestión de riesgos". Revista Científica Ingeniería y Desarrollo, 38(2), pp. 279-297. Julio, 2021. https://doi.org/10.14482/inde.38.2.006.31.
MD, Joadder, J. Myszewski, M. Rahman y I. Wang, "A performance based feature selection technique for subject independent MI based BCI". Health Information Science and Systems 7, (15). August, 2019. https://doi.org/10.1007/s13755-019-0076-2.
N. Tibrewal, N. Leeuwis, and M. Alimardani, “Classification of motor imagery EEG using deep learning increases performance in inefficient BCI users,” PLoS One, vol. 17, no. 7 July, pp. 1-18, 2022, doi: 10.1371/journal.pone.0268880.
National Institute of Standards and Technology, "Guide for Conducting Risk Assessments - NIST 800-30". NIST. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf. (consultada octubre 15, 2022).
OWASP Fundation, "SQL Injection”. OWASP. https://owasp.org/www-community/attacks/SQL_Injection. (consultada octubre 15, 2022).
P. Ballarin Usieto y J. Mínguez, "La importancia de la ciberseguridad en brain-computer interfaces". https://www.bitbrain.com/es/blog/ciberseguridad-cerebro-computadora. (consultada octubre 20, 2022).
P. Chaudhary y R. Agrawal, "Emerging Threats to Security and Privacy in Brain Computer Interface". International Journal of Advanced Studies of Scientific Research, 3(12), pp. 340-344, 2018. https://ssrn.com/abstract=3326692.
R. Martín-Clemente, J. Olias, D. Thiyam, A. Cichocki, and S. Cruces, “Information Theoretic Approaches for Motor-Imagery BCI Systems: Review and Experimental Comparison,” Entropy, vol. 20, no. 1, p. 7, Jan. 2018, doi: 10.3390/e20010007.
S.L. Bernal, A.H. Celdrán, G.M. Pérez, M.T. Barros y S. Balasubramaniam, "Security in Brain-Computer Interfaces: State-of-the-Art, Opportunities, and Future Challenges". ACM Computing Surveys, 54(1), Jan. 2021. https://doi.org/10.1145/3427376.
S. Ajrawi, R. Rao, and M. Sarkar, “Cybersecurity in Brain-Computer Interfaces: RFID-based design-theoretical framework,” Informatics Med. Unlocked, vol. 22, p. 100489, 2021, doi: 10.1016/j.imu.2020.100489.
Secretaría del Senado, República de Colombia, "Ley Estatutaria 1581 de 2012". (2012). http://www.secretariasenado.gov.co/senado/basedoc/ley_1581_2012.html. Octubre, 2022.
Downloads
Published
Issue
Section
License
Copyright (c) 2022 Ingeniare
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
