Physiological computing uses human physiological data as system inputs in real time. It includes, or significantly overlaps with, brain-computer interfaces, affective computing, adaptive automation, health informatics, and physiological signal based biometrics. Physiological computing increases the communication bandwidth from the user to the computer, but is also subject to various types of adversarial attacks, in which the attacker deliberately manipulates the training and/or test examples to hijack the machine learning algorithm output, leading to possibly user confusion, frustration, injury, or even death. However, the vulnerability of physiological computing systems has not been paid enough attention to, and there does not exist a comprehensive review on adversarial attacks to it. This paper fills this gap, by providing a systematic review on the main research areas of physiological computing, different types of adversarial attacks and their applications to physiological computing, and the corresponding defense strategies. We hope this review will attract more research interests on the vulnerability of physiological computing systems, and more importantly, defense strategies to make them more secure.
翻译:生理计算利用人类生理数据作为系统实时投入,包括或与大脑-计算机界面、感知计算、适应性自动化、健康信息学和生理信号生物鉴别学有重大重叠。生理计算增加了从用户到计算机的通信带宽,但也受到各种对抗性攻击,攻击者故意操纵培训和(或)试验实例,以劫持机器学习算法产出,从而可能导致用户混淆、沮丧、伤害甚至死亡。然而,生理计算系统的脆弱性没有得到足够的重视,也没有对它进行对抗性攻击的全面审查。本文填补了这一空白,对生理计算、不同类型的对抗性攻击及其在生理计算中的应用以及相应的防御战略等主要研究领域进行了系统审查。我们希望这一审查将吸引更多关于生理计算系统脆弱性的研究兴趣,更重要的是,为使之更加安全而采取防御战略。