Universal Adversarial Perturbations For Classification In Brain-computer Interfaces

Posted on:2021-12-16

Degree:Master

Type:Thesis

Country:China

Candidate:Z H Liu

Full Text:PDF

GTID:2480306107960519

Subject:Control Science and Engineering

Abstract/Summary:

PDF Full Text Request

Brain-computer interface(BCI)is a system that directly interacts human brain signals with computers.Multiple convolutional neural network(CNN)classifiers have been proposed for electroencephalogram(EEG)based BCIs.These CNN models have been found vulnerable to adversarial examples,exposing a critical security concern of BCIs.However,considering the causality of attack and the time sequence of EEG signal,the common adversarial attacks are not convenient to be applied to BCIs.Universal adversarial perturbations(UAPs),which are small and example-independent,yet powerful enough to degrade the performance of a CNN model,when added to a benign example.The UAP can be computed offline in advance and as a template for real-time perturbation,added to the EEG signal,it can solve the above application problems simultaneously.This thesis mainly focuses on universal adversarial perturbations for CNN classifiers in EEG-Based BCIs,that is,how to craft a UAP to attack BCI and defense it.It is mainly divided into three parts:(1)Firstly,a Deep Fool based algorithm for generating a UAP is introduced.The idea of UAP is introduced into BCIs for the first time.We designed an iterative UAP for three EEG data and verified its effectiveness on three popular CNN classifiers in non-target attack scenarios.(2)We further propose a novel total loss minimization(TLM)approach to generate UAPs by using a optimized method,and our approach can be applied to both target and non-target attacks.Experiments demonstrated that our proposed can achieve better attack performance with a smaller perturbation,compared with the traditional Deep Fool based approach.In addition,the experiments also demonstrated that our proposed can achieves nearly 100% target rate in the target attack scenario,which can force the CNN model to classify all EEG data into any specified class.To our knowledge,this is the first study on UAPs for target attacks.(3)We study the defence of UAPs in BCIs for the first time,and analyse the performance from the detection of adversarial example and adversarial robustness of model.Experiments demonstrated that detection module and projected gradient descent method can defence against UAPs in different application scenarios..

Keywords/Search Tags:

Brain-computer interface, Electroencephalogram, Convolutional neural network, Universal adversarial perturbation

PDF Full Text Request

Related items

1	Classifier Design Of Hybrid Brain-computer Interface Based On EEG-NIRS
2	Research And Implementation Of Brain-computer Interface System Based On Convolutional Neural Network
3	EEG-Based Emotion Recognition Using Convolutional Neural Networks
4	Research On The Application Of Multi Stream Convolutional Neural Network In Brain Computer Interface Based On Motor Imagery
5	Study On Improved Convolutional Neural Network Based Classification For P300 Brain-Computer Interface
6	Research On Classification Of Motor Imagery EEG Signals Based On Ensemble Convolutional Neural Network
7	Research On Pattern Recognition Of Motor Imagery Brain Computer Interface
8	The Study Of EEG Classification Algorithms Based On Multi-Branch 3D Convolutional Neural Network And The Design Of BCI System
9	Researchon Motor Imagery Brain Computer Interface System Algorithm Based On Convolutional Neural Networks
10	Research On Brain Computer Interface And Brain Network Of Motor Imagery Electroencephalogram