![]() ![]() ![]() In this respect, our mitigation plan is to exploit statistical tools minimizing the number of false negatives, therefore potentially allowing enumeration among the most likely candidates. Second, and since the attacks we carry out essentially test familiar versus unfamiliar information, there is also a risk of false positives (e.g., an all zero code or a close to correct code). For example, one could target (approx 1000) different users by repeatedly showing them (approx 10) PIN codes among the 10,000 possible ones and recover one PIN with good confidence. Yet, we also note that this setting could be extended to a reasonable threat model. In this respect, we first insist that the primary goal of the following experiments is to investigate the information leakages in EEG signals thoroughly, and this limited number of PIN codes allowed us to draw conclusions with good statistical confidence. We used 32 Ag–AgCl electrodes for the EEG signals collection.įirst and concretely, the number of possible PIN codes for a typical smart card would of course be much larger than the 6 ones we investigate (e.g., 10,000 for a 4-digit PIN). ![]() Five other random 4-digit codes were generated for each user (meaning a total of six 4-digit codes per user).Each (real or random) PIN was then shown on a computer exactly 150 times to each user (in a random order), meaning a total of 900 events for which we recorded the EEG signal in sets of 300, together with a tag T ranging from 1 to 6 (with (T=1) the correct PIN and (T=2) to 6 the incorrect ones). This PIN code was given by the users before the experiment started, stored during the experiment and deleted afterward for confidentiality reasons. In our experiments, eight people (next denoted as users) agreed to provide the 4-digit PIN code that they consider the most significant to them, meaning the one they use the most frequently in their daily life. All these threats are gaining relevance with the availability of EEG-based gaming devices to a general public. Or less invasively, they can be connected to linguistic research on the reactions of the brain to semantic associations and incongruities (e.g.,, ). These impressive results leveraged a broad literature in neuroscience, which established the possibility to extract such private information (e.g., see for lie detection and for neural markers of religious convictions). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |