Adversarial Training for the Adversarial Robustness of EEG-Based Brain-Computer Interfaces

Yunhuan Li; Xi Yu; Shujian Yu; Badong Chen

doi:10.1109/MLSP55214.2022.9943479

Adversarial Training for the Adversarial Robustness of EEG-Based Brain-Computer Interfaces

Yunhuan Li
, Xi Yu
, Shujian Yu
, Badong Chen

电子与信息学部

Xi'an Jiaotong University
University of Florida
University of Tromsø – The Arctic University of Norway

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

13 引用（Scopus）

摘要

Electroencephalogram (EEG) based brain-computer interfaces (BCIs) are becoming popular in clinical diagnosis applications. However, this raises a new issue on the robustness of deep neural networks-based BCIs against environmental noise and adversarial attacks. Unfortunately, there is no adversarial defense approach tailored for EEG adversarial robustness so far. In this work, we systematically evaluate the performance of 5 popular adversarial training (AT)-based defense approaches on three large-scale and real-world EEG datasets with 3 popular EEG classification models, under 3 different white-box attacks. Through extensive experiments, we demonstrate that the naïve AT is a promising adversarial defense approach in EEG-based BCIs. However, existing regularization terms originated from vision tasks do not generalize well to EEG signals. Our results shed light on the future development of the EEG adversarial defense approach.

源语言	英语
主期刊名	2022 IEEE 32nd International Workshop on Machine Learning for Signal Processing, MLSP 2022
出版商	IEEE Computer Society
ISBN（电子版）	9781665485470
DOI	https://doi.org/10.1109/MLSP55214.2022.9943479
出版状态	已出版 - 2022
活动	32nd IEEE International Workshop on Machine Learning for Signal Processing, MLSP 2022 - Xi'an, 中国期限: 22 8月 2022 → 25 8月 2022

出版系列

姓名	IEEE International Workshop on Machine Learning for Signal Processing, MLSP
卷	2022-August
ISSN（印刷版）	2161-0363
ISSN（电子版）	2161-0371

会议

会议	32nd IEEE International Workshop on Machine Learning for Signal Processing, MLSP 2022
国家/地区	中国
市	Xi'an
时期	22/08/22 → 25/08/22

访问文件

10.1109/MLSP55214.2022.9943479

其它文件与链接

链接到 Scopus 的出版物

引用此

Li, Y., Yu, X., Yu, S., & Chen, B. (2022). Adversarial Training for the Adversarial Robustness of EEG-Based Brain-Computer Interfaces. 在 2022 IEEE 32nd International Workshop on Machine Learning for Signal Processing, MLSP 2022 (IEEE International Workshop on Machine Learning for Signal Processing, MLSP; 卷 2022-August). IEEE Computer Society. https://doi.org/10.1109/MLSP55214.2022.9943479

@inproceedings{cca95e9226aa4ca4a157a29da7d575bf,

title = "Adversarial Training for the Adversarial Robustness of EEG-Based Brain-Computer Interfaces",

abstract = "Electroencephalogram (EEG) based brain-computer interfaces (BCIs) are becoming popular in clinical diagnosis applications. However, this raises a new issue on the robustness of deep neural networks-based BCIs against environmental noise and adversarial attacks. Unfortunately, there is no adversarial defense approach tailored for EEG adversarial robustness so far. In this work, we systematically evaluate the performance of 5 popular adversarial training (AT)-based defense approaches on three large-scale and real-world EEG datasets with 3 popular EEG classification models, under 3 different white-box attacks. Through extensive experiments, we demonstrate that the na{\"i}ve AT is a promising adversarial defense approach in EEG-based BCIs. However, existing regularization terms originated from vision tasks do not generalize well to EEG signals. Our results shed light on the future development of the EEG adversarial defense approach.",

keywords = "Adversarial attack, Adversarial defense, Brain-computer interface, Electroen-cephalogram",

author = "Yunhuan Li and Xi Yu and Shujian Yu and Badong Chen",

note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; 32nd IEEE International Workshop on Machine Learning for Signal Processing, MLSP 2022 ; Conference date: 22-08-2022 Through 25-08-2022",

year = "2022",

doi = "10.1109/MLSP55214.2022.9943479",

language = "英语",

series = "IEEE International Workshop on Machine Learning for Signal Processing, MLSP",

publisher = "IEEE Computer Society",

booktitle = "2022 IEEE 32nd International Workshop on Machine Learning for Signal Processing, MLSP 2022",

}

Li, Y, Yu, X, Yu, S & Chen, B 2022, Adversarial Training for the Adversarial Robustness of EEG-Based Brain-Computer Interfaces. 在 2022 IEEE 32nd International Workshop on Machine Learning for Signal Processing, MLSP 2022. IEEE International Workshop on Machine Learning for Signal Processing, MLSP, 卷 2022-August, IEEE Computer Society, 32nd IEEE International Workshop on Machine Learning for Signal Processing, MLSP 2022, Xi'an, 中国, 22/08/22. https://doi.org/10.1109/MLSP55214.2022.9943479

Adversarial Training for the Adversarial Robustness of EEG-Based Brain-Computer Interfaces. / Li, Yunhuan; Yu, Xi; Yu, Shujian 等.
2022 IEEE 32nd International Workshop on Machine Learning for Signal Processing, MLSP 2022. IEEE Computer Society, 2022. (IEEE International Workshop on Machine Learning for Signal Processing, MLSP; 卷 2022-August).

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

TY - GEN

T1 - Adversarial Training for the Adversarial Robustness of EEG-Based Brain-Computer Interfaces

AU - Li, Yunhuan

AU - Yu, Xi

AU - Yu, Shujian

AU - Chen, Badong

PY - 2022

Y1 - 2022

N2 - Electroencephalogram (EEG) based brain-computer interfaces (BCIs) are becoming popular in clinical diagnosis applications. However, this raises a new issue on the robustness of deep neural networks-based BCIs against environmental noise and adversarial attacks. Unfortunately, there is no adversarial defense approach tailored for EEG adversarial robustness so far. In this work, we systematically evaluate the performance of 5 popular adversarial training (AT)-based defense approaches on three large-scale and real-world EEG datasets with 3 popular EEG classification models, under 3 different white-box attacks. Through extensive experiments, we demonstrate that the naïve AT is a promising adversarial defense approach in EEG-based BCIs. However, existing regularization terms originated from vision tasks do not generalize well to EEG signals. Our results shed light on the future development of the EEG adversarial defense approach.

AB - Electroencephalogram (EEG) based brain-computer interfaces (BCIs) are becoming popular in clinical diagnosis applications. However, this raises a new issue on the robustness of deep neural networks-based BCIs against environmental noise and adversarial attacks. Unfortunately, there is no adversarial defense approach tailored for EEG adversarial robustness so far. In this work, we systematically evaluate the performance of 5 popular adversarial training (AT)-based defense approaches on three large-scale and real-world EEG datasets with 3 popular EEG classification models, under 3 different white-box attacks. Through extensive experiments, we demonstrate that the naïve AT is a promising adversarial defense approach in EEG-based BCIs. However, existing regularization terms originated from vision tasks do not generalize well to EEG signals. Our results shed light on the future development of the EEG adversarial defense approach.

KW - Adversarial attack

KW - Adversarial defense

KW - Brain-computer interface

KW - Electroen-cephalogram

UR - https://www.scopus.com/pages/publications/85142685967

U2 - 10.1109/MLSP55214.2022.9943479

DO - 10.1109/MLSP55214.2022.9943479

M3 - 会议稿件

AN - SCOPUS:85142685967

T3 - IEEE International Workshop on Machine Learning for Signal Processing, MLSP

BT - 2022 IEEE 32nd International Workshop on Machine Learning for Signal Processing, MLSP 2022

PB - IEEE Computer Society

T2 - 32nd IEEE International Workshop on Machine Learning for Signal Processing, MLSP 2022

Y2 - 22 August 2022 through 25 August 2022

ER -

Adversarial Training for the Adversarial Robustness of EEG-Based Brain-Computer Interfaces

摘要

出版系列

会议

访问文件

其它文件与链接

学术指纹

引用此