Enhancing the Security &amp; Privacy of Wearable Brain-Computer Interfaces

Tarkhani, Zahra; Qendro, Lorena; Brown, Malachy O'Connor; Hill, Oscar; Mascolo, Cecilia; Madhavapeddy, Anil

doi:10.48550/arxiv.2201.07711

Cited by 1 publication

(2 citation statements)

References 41 publications

(49 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Also, FDA approval does not remove the threat to the user's physical health if the device is maliciously programmed, e.g. neural attacks (Bernal et al 2023), and with MitM it is possible to capture data between devices (Tarkhani et al 2022). Big Tech's push for more power creates privacy and security challenges.…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Brain-Computer Interface Integration With Extended Reality (XR): Future, Privacy And Security Outlook

Lahtinen,

Costin,

Suarez-Tangil

2024

eccws

View full text Add to dashboard Cite

The Brain-Computer Interface (BCI) is a rapidly evolving technology set to revolutionize our perception of the Internet of Things (IoT). BCI facilitates direct communication between the brain and external devices, enabling the control or interaction of devices without physical intervention. BCI technology is becoming more sophisticated, allowing third-party software embedded in emerging technologies such as Virtual Reality (VR), Augmented Reality (AR), and Mixed Reality (MR) to access sensors that read brain activity. These can be grouped under the umbrella term Extended Reality (XR). While BCI technology is disrupting the way data is collected, interpreted, and utilized within IoT networks, it is important to consider the potential privacy and security threats that it poses. Previous and not-so-recent cybersecurity research only scratched the surface in terms of security and privacy aspects of the then-emerging neural and brain-connecting technologies. However, recent advances in reconstructing language, music tracks, and imagery solely based on decoding neural signals pose a significant risk of mental privacy invasion and cybersecurity abuse. In this paper, we present an analysis of the potential threats posed by the integration of BCI with VR, AR, and MR. We analyze the involvement of major technological players in shaping BCI and XR advancements, examining the potential for these technologies to create detailed user profiles and reshape the monetization of user data in the ever-more-aggressive data-driven economy. We also outline a position view on the cybersecurity aspects that are not related to privacy and profiling per se, for example, cybersecurity attacks on the brain (e.g., ``brain rewriting'' attacks) facilitated by potentially vulnerable XR-BCI devices and software. The paper concludes by emphasizing the need for further research on the privacy and security implications of XR-BCI integration and inviting deeper exploration of the topic beyond theoretical papers and toward a more applied experimental setup.

show abstract

Section: Discussionmentioning

confidence: 99%

“…Attacks could include unauthorized access or traffic sniffing in the BCI network. Tarkhani et al (2022) were able to successfully capture data using Man-inthe-Middle (MitM) where the Bluetooth device was acting as a headset. The problem was that authentication was insufficient between the devices.…”

Section: Bci Security and Privacymentioning

confidence: 99%