Abstract
A brain-computer interface (BCI) system is a system that leverages brainwave information acquired by a designated brain monitoring device to interact with a computerized system. Over the past 40 years, many BCI applications have been developed in a variety of domains, from entertainment to medical field and even to computer security mechanisms. Until now, the development of BCI systems has focused on improving their accuracy, functionality, and ease of use, and not enough effort and attention has been invested in securing these systems and the sensitive data they acquire. In this article, we present the principles of brain activity data acquisition, with a special focus on EEG, and we present a taxonomy of BCI applications and domains. We also provide a comprehensive survey that covers eight possible attacks aimed at BCI systems. For each BCI application, we created an ecosystem and data and attack flow-diagram, which comprehensively describes the roles and interactions of the players associated with the BCI application and presents the most vulnerable vectors and components within its ecosystem; we identified gaps between existing security solutions and the presented attacks and vulnerabilities. Finally, we provide several concrete suggestions for improving the security of BCI systems in cyber-space.
Original language | English |
---|---|
Article number | 17 |
Journal | ACM Computing Surveys |
Volume | 53 |
Issue number | 1 |
DOIs | |
State | Published - 1 Feb 2020 |
Keywords
- Attack
- Brain-computer interface
- Cyber space
- Detection
- EEG
- Privacy
- Security
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science