作者: Xue Jiang , Xiao Zhang , Dongrui Wu
DOI: 10.1109/SSCI44817.2019.9002719
关键词: Black box (phreaking) 、 Convolutional neural network 、 Active learning (machine learning) 、 Transferability 、 Artificial intelligence 、 Electroencephalography 、 Computer science 、 Deep learning 、 Machine learning 、 Adversarial system 、 Brain–computer interface
摘要: Deep learning has made significant breakthroughs in many fields, including electroencephalogram (EEG) based brain-computer interfaces (BCIs). However, deep models are vulnerable to adversarial attacks, which deliberately designed small perturbations added the benign input samples fool model and degrade its performance. This paper considers transferability-based black-box where attacker trains a substitute approximate target model, then generates examples from attack model. Learning good is critical success of these but it requires large number queries We propose novel framework uses query synthesis active improve efficiency i n t raining Experiments on three convolutional neural network (CNN) classifiers EEG datasets demonstrated that our method can rate with same queries, or, other words, fewer achieve desired To knowledge, this first work integrates attacks for EEG-based BCIs.