EEG - Blog Posts
Instructions unclear big eggplant shaped hole in wall now help
did you know that its impossible to throw an egg really hard onto your bedrooms wall right now try it
PINning down future problems
Study finds hackers could use brainwaves to steal passwords
Researchers at the University of Alabama at Birmingham suggest that brainwave-sensing headsets, also known as EEG or electroencephalograph headsets, need better security after a study reveals hackers could guess a user’s passwords by monitoring their brainwaves.
EEG headsets are advertised as allowing users to use only their brains to control robotic toys and video games specifically developed to be played with an EEG headset. There are only a handful on the market, and they range in price from $150 to $800.
Nitesh Saxena, Ph.D., associate professor in the UAB College of Arts and Sciences Department of Computer and Information Sciences, and Ph.D. student Ajaya Neupane and former master’s student Md Lutfor Rahman, found that a person who paused a video game and logged into a bank account while wearing an EEG headset was at risk for having their passwords or other sensitive data stolen by a malicious software program.
“These emerging devices open immense opportunities for everyday users,” Saxena said. “However, they could also raise significant security and privacy threats as companies work to develop even more advanced brain-computer interface technology.”
Saxena and his team used one EEG headset currently available to consumers online and one clinical-grade headset used for scientific research to demonstrate how easily a malicious software program could passively eavesdrop on a user’s brainwaves. While typing, a user’s inputs correspond with their visual processing, as well as hand, eye and head muscle movements. All these movements are captured by EEG headsets. The team asked 12 people to type a series of randomly generated PINs and passwords into a text box as if they were logging into an online account while wearing an EEG headset, in order for the software to train itself on the user’s typing and the corresponding brainwave.
“In a real-world attack, a hacker could facilitate the training step required for the malicious program to be most accurate, by requesting that the user enter a predefined set of numbers in order to restart the game after pausing it to take a break, similar to the way CAPTCHA is used to verify users when logging onto websites,” Saxena said.
The team found that, after a user entered 200 characters, algorithms within the malicious software program could make educated guesses about new characters the user entered by monitoring the EEG data recorded. The algorithm was able to shorten the odds of a hacker’s guessing a four-digit numerical PIN from one in 10,000 to one in 20 and increased the chance of guessing a six-letter password from about 500,000 to roughly one in 500.
EEG has been used in the medical field for more than half a century as a noninvasive method for recording electrical activity in the brain. Electrodes are placed on the surface of the scalp to detect brain waves. An EEG machine then amplifies the signals and records them in a wave pattern on graph paper or a computer. EEG can be combined with a brain-computer interface to allow a person to control external devices. This technology was once highly expensive and used mostly for scientific research, like the production of neuroprosthetic applications to help disabled patients control prosthetic limbs by thinking about the movements. However, it is now being marketed to consumers in the form of a wireless headset and is becoming popular in the gaming and entertainment industries.
“Given the growing popularity of EEG headsets and the variety of ways in which they could be used, it is inevitable that they will become part of our daily lives, including while using other devices,” Saxena said. “It is important to analyze the potential security and privacy risks associated with this emerging technology to raise users’ awareness of the risks and develop viable solutions to malicious attacks.”
One potential solution proposed by Saxena and his team is the insertion of noise anytime a user types a password or PIN while wearing an EEG headset.
In lab, doing EEG, being experienced :)
For music: I'm Back
{Ladin}
After a short break, keep working again!
I won't be taking classes because I'm in an internship this semester, but I'm still working in two labs and the obligation to do so is increasing :')
Be prepared to see posts full of articles, even though I'm still not ready to read..
For music: Hakim Bey
{Ladin}
The saga continues! Today my wife was supposed to get set up for an ambulatory EEG. The woman came out to set it up, but our outlets are too old and can’t accommodate the equipment. Her neurologist is now setting up a 72 hour EEG hospital stay.
At least our lives are never dull.
People who have any physical issues, I've created a discord server for you all! Hope that you'll have fun!
https://discord.com/invite/MgU9nvnK
“Brainprint” Biometric ID Hits 100% Accuracy
Psychologists and engineers at Binghamton University in New York say they’ve hit a milestone in the quest to use the unassailable inner workings of the mind as a form of biometric identification. They came up with an electroencephalograph system that proved 100 percent accurate at identifying individuals by the way their brains responded to a series of images. But EEG as a practical means of authentication is still far off.
Many earlier attempts had come close to 100 percent accuracy but couldn’t completely close the gap. “It’s a big deal going from 97 to 100 percent because we imagine the applications for this technology being for high-security situations,” says Sarah Laszlo, the assistant professor of psychology at Binghamton who led the research with electrical engineering professor Zhanpeng Jin.
Perhaps as important as perfect accuracy is that this new form of ID can do something fingerprints and retinal scans have a hard time achieving: It can be “canceled.”
Fingerprint authentication can be reset if the associated data is stolen, because that data can be stored as a mathematically transformed version of itself, points out Clarkson University biometrics expert Stephanie Schuckers. However, that trick doesn’t work if it’s the fingerprint (or the finger) itself that’s stolen. And the theft part, at least, is easier than ever. In 2014 hackers claimed to have cloned German defense minister Ursula von der Leyen’s fingerprints just by taking a high-definition photo of her hands at a public event.
Several early attempts at EEG-based identification sought the equivalent of a fingerprint in the electrical activity of a brain at rest. But this new brain biometric, which its inventors call CEREBRE, dodges the cancelability problem because it’s based on the brain’s responses to a sequence of particular types of images. To keep that ID from being permanently hijacked, those images can be changed or re-sorted to essentially make a new biometric passkey, should the original one somehow be hacked.
CEREBRE, which Laszlo, Jin, and colleagues described in IEEE Transactions in Information Forensics and Security, involves presenting a person wearing an EEG system with images that fall into several categories: foods people feel strongly about, celebrities who also evoke emotions, simple sine waves of different frequencies, and uncommon words. The words and images are usually black and white, but occasionally one is presented in color because that produces its own kind of response.
Each image causes a recognizable change in voltage at the scalp called an event-related potential, or ERP. The different categories of images involve somewhat different combinations of parts of your brain, and they were already known to produce slight differences in the shapes of ERPs in different people. Laszlo’s hypothesis was that using all of them—several more than any other system—would create enough different ERPs to accurately distinguish one person from another.
The EEG responses were fed to software called a classifier. After testing several schemes, including a variety of neural networks and other machine-learning tricks, the engineers found that what actually worked best was a system based on simple cross correlation.
In the experiments, each of the 50 test subjects saw a sequence of 500 images, each flashed for 1 second. “We collected 500, knowing it was overkill,” Laszlo says. Once the researchers crunched the data they found that just 27 images would have been enough to hit the 100 percent mark.
The experiments were done with a high-quality research-grade EEG, which used 30 electrodes attached to the skull with conductive goop. However, the data showed that the system needs only three electrodes for 100 percent identification, and Laszlo says her group is working on simplifying the setup. They’re testing consumer EEG gear from Emotiv and NeuroSky, and they’ve even tried to replicate the work with electrodes embedded in a Google Glass, though the results weren’t spectacular, she says.
For EEG to really be taken seriously as a biometric ID, brain interfaces will need to be pretty commonplace, says Schuckers. That might yet happen. “As we go more and more into wearables as a standard part of our lives, [EEGs] might be more suitable,” she says.
But like any security system, even an EEG biometric will attract hackers. How can you hack something that depends on your thought patterns? One way, explains Laszlo, is to train a hacker’s brain to mimic the right responses. That would involve flashing light into a hacker’s eye at precise times while the person is observing the images. These flashes are known to alter the shape of the ERP.
Researchers can identify you by your brain waves with 100 percent accuracy
Your responses to certain stimuli – foods, celebrities, words – might seem trivial, but they say a lot about you. In fact (with the proper clearance), these responses could gain you access into restricted areas of the Pentagon.
A team of researchers at Binghamton University, led by Assistant Professor of Psychology Sarah Laszlo and Assistant Professor of Electrical and Computer Engineering Zhanpeng Jin, recorded the brain activity of 50 people wearing an electroencephalogram headset while they looked at a series of 500 images designed specifically to elicit unique responses from person to person – e.g., a slice of pizza, a boat, Anne Hathaway, the word “conundrum.” They found that participants’ brains reacted differently to each image, enough that a computer system was able to identify each volunteer’s “brainprint” with 100 percent accuracy.
“When you take hundreds of these images, where every person is going to feel differently about each individual one, then you can be really accurate in identifying which person it was who looked at them just by their brain activity,” said Laszlo.
In their original study, titled “Brainprint,” published in 2015 in
Neurocomputing
, the research team was able to identify one person out of a group of 32 by that person’s responses, with only 97 percent accuracy, and that study only incorporated words, not images
Maria V. Ruiz-Blondet, Zhanpeng Jin, Sarah Laszlo. CEREBRE: A Novel Method for Very High Accuracy Event-Related Potential Biometric Identification. IEEE Transactions on Information Forensics and Security, 2016; 11 (7): 1618 DOI: 10.1109/TIFS.2016.2543524
Woman wearing an EEG headset.Credit: Jonathan Cohen/Binghamton University
