Formal Adversarial Analysis of Machine Learning based Cyber Physical Authentication Systems

Advent of non-invasive sensors enables development of data driven authentication systems. For authentication purposes, sensor signal samples and claimed identity of a user are required to indicate whether the signal matches the identity. In this sense, feature extraction and machine learning techniques are used to categorize EEG signal as user or non-user data, respectively. But, chaotic nature of signals such as brain electroencephalograms (EEG) prevent us from perfect classification that leads to various accuracies (other than 100%). In this research, we provide a framework for adversarial analysis of machine learning techniques used in cyber physical authentication systems. We show its usage for EEG based authentication system. In theory, geometrical analysis are performed to compare the space of valid choices for attacker and the total choosing space. The obtained results are compared with expected results from theoretical analysis and the trade-off between security system performance (acceptance rate for valid users) and robustness (number of attacker efforts) is thoroughly analyzed.