Mind your privacy: Privacy leakage through BCI applications using machine learning methods

With the digitization of almost every aspect of our lives, privacy leakage in cyber space has become a pressing concern. Brain–Computer Interface (BCI) systems have become more popular in recent years and are now being used for a variety of applications. BCI data represents an individual’s brain activity at a given time. Like many other kinds of data, BCI data can be utilized for malicious purposes. Electroencephalography (EEG) is one of the most popular brain activity acquisition methods of BCI applications. More specifically, BCI games, represent one of the main EEG applications. However, a malicious BCI application (e.g. game) could allow an attacker to take advantage of an unsuspecting user happily enjoying a game and record the user’s brain activity; by analyzing this data, the attacker can infer private information and characteristics regarding the user, without his/her consent or awareness. This study is the first to demonstrate the ability to predict and infer meaningful personality traits and cognitive abilities by analyzing resting-state EEG (rsEEG) recordings of an individual’s brain activity using a variety of machine learning methods. A comprehensive set of raw rsEEG scans, along with the dissociation level and executive function (EF) performance measures, for the 162 subjects were used in our evaluation. The best results we achieved were an accuracy of 73% for dissociation classification and less than 16% mean absolute error in predicting performance for all examined EFs. These encouraging results are better than those presented in prior research, both in terms of accuracy and data-validity and dataset size.