-
Reputation-Based Federated Learning Defense to Mitigate Threats in EEG Signal Classification
Authors:
Zhibo Zhang,
Pengfei Li,
Ahmed Y. Al Hammadi,
Fusen Guo,
Ernesto Damiani,
Chan Yeob Yeun
Abstract:
This paper presents a reputation-based threat mitigation framework that defends potential security threats in electroencephalogram (EEG) signal classification during model aggregation of Federated Learning. While EEG signal analysis has attracted attention because of the emergence of brain-computer interface (BCI) technology, it is difficult to create efficient learning models for EEG analysis bec…
▽ More
This paper presents a reputation-based threat mitigation framework that defends potential security threats in electroencephalogram (EEG) signal classification during model aggregation of Federated Learning. While EEG signal analysis has attracted attention because of the emergence of brain-computer interface (BCI) technology, it is difficult to create efficient learning models for EEG analysis because of the distributed nature of EEG data and related privacy and security concerns. To address these challenges, the proposed defending framework leverages the Federated Learning paradigm to preserve privacy by collaborative model training with localized data from dispersed sources and introduces a reputation-based mechanism to mitigate the influence of data poisoning attacks and identify compromised participants. To assess the efficiency of the proposed reputation-based federated learning defense framework, data poisoning attacks based on the risk level of training data derived by Explainable Artificial Intelligence (XAI) techniques are conducted on both publicly available EEG signal datasets and the self-established EEG signal dataset. Experimental results on the poisoned datasets show that the proposed defense methodology performs well in EEG signal classification while reducing the risks associated with security threats.
△ Less
Submitted 22 October, 2023;
originally announced January 2024.
-
Data Poisoning Attacks on EEG Signal-based Risk Assessment Systems
Authors:
Zhibo Zhang,
Sani Umar,
Ahmed Y. Al Hammadi,
Sangyoung Yoon,
Ernesto Damiani,
Chan Yeob Yeun
Abstract:
Industrial insider risk assessment using electroencephalogram (EEG) signals has consistently attracted a lot of research attention. However, EEG signal-based risk assessment systems, which could evaluate the emotional states of humans, have shown several vulnerabilities to data poison attacks. In this paper, from the attackers' perspective, data poison attacks involving label-flipping occurring in…
▽ More
Industrial insider risk assessment using electroencephalogram (EEG) signals has consistently attracted a lot of research attention. However, EEG signal-based risk assessment systems, which could evaluate the emotional states of humans, have shown several vulnerabilities to data poison attacks. In this paper, from the attackers' perspective, data poison attacks involving label-flipping occurring in the training stages of different machine learning models intrude on the EEG signal-based risk assessment systems using these machine learning models. This paper aims to propose two categories of label-flipping methods to attack different machine learning classifiers including Adaptive Boosting (AdaBoost), Multilayer Perceptron (MLP), Random Forest, and K-Nearest Neighbors (KNN) dedicated to the classification of 4 different human emotions using EEG signals. This aims to degrade the performance of the aforementioned machine learning models concerning the classification task. The experimental results show that the proposed data poison attacks are model-agnostically effective whereas different models have different resilience to the data poison attacks.
△ Less
Submitted 8 February, 2023;
originally announced February 2023.
-
Explainable Data Poison Attacks on Human Emotion Evaluation Systems based on EEG Signals
Authors:
Zhibo Zhang,
Sani Umar,
Ahmed Y. Al Hammadi,
Sangyoung Yoon,
Ernesto Damiani,
Claudio Agostino Ardagna,
Nicola Bena,
Chan Yeob Yeun
Abstract:
The major aim of this paper is to explain the data poisoning attacks using label-flipping during the training stage of the electroencephalogram (EEG) signal-based human emotion evaluation systems deploying Machine Learning models from the attackers' perspective. Human emotion evaluation using EEG signals has consistently attracted a lot of research attention. The identification of human emotional…
▽ More
The major aim of this paper is to explain the data poisoning attacks using label-flipping during the training stage of the electroencephalogram (EEG) signal-based human emotion evaluation systems deploying Machine Learning models from the attackers' perspective. Human emotion evaluation using EEG signals has consistently attracted a lot of research attention. The identification of human emotional states based on EEG signals is effective to detect potential internal threats caused by insider individuals. Nevertheless, EEG signal-based human emotion evaluation systems have shown several vulnerabilities to data poison attacks. The findings of the experiments demonstrate that the suggested data poison assaults are model-independently successful, although various models exhibit varying levels of resilience to the attacks. In addition, the data poison attacks on the EEG signal-based human emotion evaluation systems are explained with several Explainable Artificial Intelligence (XAI) methods, including Shapley Additive Explanation (SHAP) values, Local Interpretable Model-agnostic Explanations (LIME), and Generated Decision Trees. And the codes of this paper are publicly available on GitHub.
△ Less
Submitted 17 January, 2023;
originally announced January 2023.
-
Reduced Bond Graph via machine learning for nonlinear multiphysics dynamic systems
Authors:
Youssef Hammadi,
David Ryckelynck,
Amin El-Bakkali
Abstract:
We propose a machine learning approach aiming at reducing Bond Graphs. The output of the machine learning is a hybrid modeling that contains a reduced Bond Graph coupled to a simple artificial neural network. The proposed coupling enables knowledge continuity in machine learning. In this paper, a neural network is obtained by a linear calibration procedure. We propose a method that contains two tr…
▽ More
We propose a machine learning approach aiming at reducing Bond Graphs. The output of the machine learning is a hybrid modeling that contains a reduced Bond Graph coupled to a simple artificial neural network. The proposed coupling enables knowledge continuity in machine learning. In this paper, a neural network is obtained by a linear calibration procedure. We propose a method that contains two training steps. First, the method selects the components of the original Bond Graph that are kept in the Reduced Bond Graph. Secondly, the method builds an artificial neural network that supplements the reduced Bond Graph. Because the output of the machine learning is a hybrid model, not solely data, it becomes difficult to use a usual Backpropagation Through Time to calibrate the weights of the neural network. So, in a first attempt, a very simple neural network is proposed by following a model reduction approach. We consider the modeling of the automotive cabins thermal behavior. The data used for the training step are obtained via solutions of differential algebraic equations by using a design of experiment. Simple cooling simulations are run during the training step. We show a simulation speed-up when the reduced bond graph is used to simulate the driving cycle of the WLTP vehicles homologation procedure, while preserving accuracy on output variables. The variables of the original Bond Graph are split into a set of primary variables, a set of secondary variables and a set of tertiary variables. The reduced bond graph contains all the primary variables, but none of the tertiary variables. Secondary variables are coupled to primary ones via an artificial neural network. We discuss the extension of this coupling approach to more complex artificial neural networks.
△ Less
Submitted 29 April, 2020;
originally announced April 2020.
