Explainable Data Poison Attacks on Human Emotion Evaluation Systems based on EEG Signals
This addresses security vulnerabilities in emotion detection systems for insider threat prevention, but it is incremental as it applies known attack methods to a specific domain.
The paper investigates data poisoning attacks via label-flipping on EEG-based human emotion evaluation systems, showing these attacks are model-independent but with varying resilience across models, and explains them using XAI methods like SHAP and LIME.
The major aim of this paper is to explain the data poisoning attacks using label-flipping during the training stage of the electroencephalogram (EEG) signal-based human emotion evaluation systems deploying Machine Learning models from the attackers' perspective. Human emotion evaluation using EEG signals has consistently attracted a lot of research attention. The identification of human emotional states based on EEG signals is effective to detect potential internal threats caused by insider individuals. Nevertheless, EEG signal-based human emotion evaluation systems have shown several vulnerabilities to data poison attacks. The findings of the experiments demonstrate that the suggested data poison assaults are model-independently successful, although various models exhibit varying levels of resilience to the attacks. In addition, the data poison attacks on the EEG signal-based human emotion evaluation systems are explained with several Explainable Artificial Intelligence (XAI) methods, including Shapley Additive Explanation (SHAP) values, Local Interpretable Model-agnostic Explanations (LIME), and Generated Decision Trees. And the codes of this paper are publicly available on GitHub.