It is unlikely that you will be unlocking your phone with an EEG anytime soon since most of the research in EEG-based authentication focuses on high security applications and not average consumers. Environments such as banking, government, healthcare, and others require a level of security that traditional biometrics can not provide in the long term. This is mainly because cybercriminals have found increasingly creative methods of attacking biometrics with computer-generated voices, “deepfakes”, and other tactics. Based on the significant increase in brain-based biometric research, EEGs seem to be the solution to these issues, and it is only a matter of time before they are in use around the world.
Our research team at Queen’s University has spent the past year designing and testing a framework for EEG-based authentication that relies on machine learning to ensure security and accuracy. The traditional approach to security systems is centered around encryption which uses public and private keys to gain access to servers and data. We have found far more success using machine learning to authenticate users based on their brain signals. The system our research is built around starts with the PhysioNet EEG Motor Movement/Imagery dataset. This dataset is comprised of EEG recordings from 109 subjects while performing actions such as opening a fist or moving a foot. We use the recordings from each subject in the experiment to create motor movement passkeys that the system will use to differentiate the users. For example, one user might have a passkey of open right hand, open left hand, then move both feet. The EEG data of this passkey is then used to authenticate the user so that the system can be accessed with just their brain waves.
The algorithm for authenticating users begins with Independent Component Analysis (ICA) for the preprocessing step (Comon, P., 2008). The ICA separates the large 64-channel EEG recordings into 15 independent components making it much more manageable. An example of one of the recordings after the ICA is applied is shown in Figure 1 below with each component depicted as a heatmap. With motor movement passkeys that are three actions long, there is not enough data for each user to train an accurate machine learning model. Simulating data using the SMOTE algorithm on the post-ICA data provided the boost in training data that was desperately needed to ensure the accuracy of the system (Agrawal, A., Viktor, H. L., Paquet, E., 2015). The original dataset was increased by more than five times the number of recordings to give the model far greater accuracy in authenticating the correct user.
Due to the complexity and physical limitations of the system, EEG-based authentication is likely to be used in high security systems. In order to be authenticated by the system proposed in this research, the user will need to have an EEG recording device and connect it to the authentication network. The entire process from setting an EEG passkey to unlocking a device may take a significant amount of time that is only worth doing for securing hypersensitive information. Industries that work with information that requires the maximum amount of security are:
With the increase in data breaches, it is critical that sensitive information is secured properly (Voydock, V. L., Kent, S. T., 1983). There are a small number of people in organizations with access to incredibly large amounts of sensitive data and their access to these data systems is through a simple password. The need for more robust forms of biometric security affects everyone and has the potential to prevent catastrophic events before they even happen. In the future, it will seem ridiculous that entire financial organizations can be accessed through a few passwords. As threats to the current standard of security systems increase over the next few decades there will be demand for new solutions in digital security. EEGs could be the answer to this problem for the foreseeable future since it would require some serious sci-fi technology to replicate a person’s brain waves.
The experiments in this research show that machine learning techniques such as ICA and artificial neural networks work in tandem to create an authentication system based on EEG data that is both accurate and scalable. For cybersecurity applications where ease of use can be sacrificed for enhanced levels of protection, EEG-based authentication would be optimal. The results of the experiment demonstrate a high degree of perception in the artificial neural network and the ability to differentiate between the motor movements of users. The benefits of resampling and preprocessing the data proved to be invaluable in enhancing the accuracy of the network. Based on the performance of the EEG authentication algorithm and the breadth of the dataset, commercial implementation of the system could lead to vast improvements in the field of biometric encryption. We encourage anyone passionate about neurotechnology and AI to run the experiments on their own with the code in our GitHub.
Judah Cooper is a neurotechnology and artificial intelligence researcher from Queen's University. After founding a neurotechnology research lab in 2019, he has spent the past few years developing tools to make brain-computer interfaces more powerful and safe for users. With a background in Biomechanical Engineering, Judah has worked in both academic and private research and development pushing the frontier of brain technology.
Based on the research paper: https://www.academia.edu/
Agrawal, A., Viktor, H. L., & Paquet, E. (2015). SCUT: Multi-class imbalanced data classification using smote and cluster-based under sampling. Proceedings of the 7th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management. https://doi.org/10.5220/0005595502260234
Comon, P. (2008, December 12). Independent Component Analysis. HAL Open Science. Retrieved March 31, 2022, from https://hal.archives-ouvertes.fr/hal-00346684
Liu, S., Yao, Y., Xing, C., & Gedeon, T. (2020, October 18). Disguising personal identity information in EEG signals. arXiv.org. Retrieved March 31, 2022, from http://arxiv.org/abs/2010.08915
Voydock, V. L., & Kent, S. T. (1983). Security mechanisms in high-level network protocols. ACM Computing Surveys, 15(2), 135–171. https://doi.org/10.1145/356909.356913
Cooper, J. (2021, January 1). EEG-based authentication using binary classification neural networks. Academia.edu. Retrieved March 31, 2022, from https://www.academia.edu/64386498/EEG_based_authentication_using_binary_classification_neural_networks
Free Stock photos by Vecteezy
You might be interested in: