UW Computer Security Research and Course Blog

Here’s another example CSE 490K Security Review.

Summary: Emotiv is primarily a video-game company that creates products that let people control games with their thoughts, both conscious and subconscious. Emotiv’s “Project Epoc” product is a stylish looking cap that uses electroencephalography (EEG) to measure the electrical activity of the wearer’s brain. It is able to sense the emotional state of a person as well as recognize a few simple intentions. It transmits the user’s input to the receiver wirelessly.

Assets and Security Goals:

1. Protecting the privacy of the user’s thoughts. People’s private thoughts should not be available for others to see.
2. Protecting the integrity of the user’s thoughts. People should not have thoughts that they didn’t think attributed to them.
3. Protecting the health and safety of the user. The device should not harm the user physically or mentally.

Potential Adversaries and Threats:

1. People want to know what other people are thinking. Employees want to steal ideas from coworkers, auctioneers want to know how much bidders are willing to pay, and desperate housewives want to know if their husbands know about their love affairs.
2. People want to trick other people. A malicious person could plant custom thoughts (like sell a certain stock) into a user by rewarding them in the game if they have that particular thought. This could be done by modifying the signals transmitted to the console, or by modifying the game program.
3. People want to physically harm other people. A malicious person could rig up the device to give an electric shock to heads of unsuspecting individuals.

Potential Weaknesses:

1. Weak encryption of transmitted signal. If the transmitted signal is not strongly encrypted, the privacy of the user’s thoughts could easily be compromised. This problem is exacerbated by the use of wireless communication, which makes capturing packets more undetectable.
2. Transmission of raw signals. If the device transmits the raw EEG signals to the console for processing, this provides much more information to hackers if they are able to compromise the system. A better solution is to first process the raw signals on the headset, and them transmit high level commands to the console. This would limit the amount of compromised information in the event of an attack.
3. Physical access to the user’s brain. The device needs to have access to the user’s brain in order to take EEG measurements. This is a problem because a malicious device could masquerade as the headset and also gain physical access to the user’s brain.