Explainable Data Poison Attacks on Human Emotion Evaluation Systems based on EEG Signals

TL;DR

This paper investigates how label-flipping data poisoning attacks can compromise EEG-based human emotion evaluation systems, using explainable AI methods to analyze attack impacts and model vulnerabilities.

Contribution

It introduces a method to explain data poisoning attacks on EEG emotion systems with XAI tools, highlighting model vulnerabilities and providing publicly available code.

Findings

Data poisoning attacks are effective across different models.

Vulnerabilities vary among models, affecting resilience.

XAI methods help interpret attack impacts.

Abstract

The major aim of this paper is to explain the data poisoning attacks using label-flipping during the training stage of the electroencephalogram (EEG) signal-based human emotion evaluation systems deploying Machine Learning models from the attackers' perspective. Human emotion evaluation using EEG signals has consistently attracted a lot of research attention. The identification of human emotional states based on EEG signals is effective to detect potential internal threats caused by insider individuals. Nevertheless, EEG signal-based human emotion evaluation systems have shown several vulnerabilities to data poison attacks. The findings of the experiments demonstrate that the suggested data poison assaults are model-independently successful, although various models exhibit varying levels of resilience to the attacks. In addition, the data poison attacks on the EEG signal-based human emotion evaluation systems are explained with several Explainable Artificial Intelligence (XAI) methods, including Shapley Additive Explanation (SHAP) values, Local Interpretable Model-agnostic Explanations (LIME), and Generated Decision Trees. And the codes of this paper are publicly available on GitHub.