Brain waves can be used to detect potentially harmful personal information

 Brain waves can be used to detect potentially harmful personal information

Cybersecurity and authentication have been under attack in recent months as, seemingly every other day, a new report of hackers gaining access to private or sensitive information comes to light. More than 500 million passwords were recently stolen when Yahoo revealed compromised security.

Securing systems has gone beyond simply creating a clever password that could prevent nefarious computer experts from hacking into your Facebook account. The more sophisticated the system, or the more critical, private information it holds, the more advanced the identification system protecting it becomes.

Fingerprint scans and iris identification are just two types of authentication methods. Once thought of as science fiction, the most secure systems widely use that. But fingerprints can be stolen, and iris scans can be replicated. Nothing has proven foolproof from being subject to computer hackers.

personal information


“The principal argument for behavioral, biometric authentication is that standard modes of authentication, like a password, authenticates you once before you access the service,” said Abdul Serwadda, a cybersecurity expert and assistant professor in the Department of Computer Science at Texas Tech University. “Now, once you’ve accessed the service, there is no way for the system to know it is still you. The system is blind as to who is using the service. So, behavioral authentication looks at other user-identifying patterns that can keep the system aware of the person using it. Through such patterns, the system can keep track of some confidence metric about who might be using it and immediately prompt for re-entry of the password whenever the confidence metric falls below a certain threshold.”

One of those patterns growing in popularity within the research community is the use of brain waves obtained from an electroencephalogram or EEG. Several research groups worldwide have recently showcased systems that use EEG to authenticate users with high-accuracy Travel Knowledge. However, those brain waves can tell more about a person than their identity. It could reveal medical, behavioral, or emotional aspects of a person that, if brought to light, could be embarrassing or damaging to that person. With EEG devices becoming much more affordable, accurate, and portable and applications being designed that allow people to read an EEG scan more readily, the likelihood of that happening is dangerously high.

“The EEG has become a commodity application. For $100, you can buy an EEG device that fits on your head like headphones,” Serwadda said. “Now there are brain-sensing apps on the market where you can buy the gadget, download the app on your phone, and begin to interact with the app using your brain signals. That led us to think that now we have these brain signals that were traditionally accessed only by doctors being handled by regular people. Now anyone who can write an app can get access to users’ brain signals and try to manipulate them to discover what is going on.”

That’s where Serwadda and graduate student Richard Matovu focused their attention: attempting to see if certain traits could be gleaned from a person’s brain waves. They presented their findings recently at the Institute of Electrical and Electronics Engineers (IEEE) International Conference on Biometrics.

Brain waves and cybersecurity

Serwadda said the technology is still evolving in using a person’s brain waves for authentication purposes. However, it is a heavily researched field that has drawn the attention of several federal organizations.

Dennis Bailey

Professional beer geek. Alcohol ninja. Social media scholar. Award-winning twitter fanatic. Writer. Basketball fan, mother of 2, audiophile, Saul Bass fan and communicator, collector, connector, creator. Producing at the sweet spot between simplicity and purpose to create strong, lasting and remarkable design. I'm a designer and this is my work.