Wednesday, February 3, 2016

Brain Waves Technologies: Security in Mind? I Don't Think So

By Alejandro Hernández (@nitr0usmx)


Only one or two decades ago, electroencephalography (EEG) technologies were found in an inner room of a hospital, for pure medical purposes. Nowadays, relatively cheap consumer devices measuring the brain activity are in the hands of curious kids, researchers, artists, creators and hackers. Let’s think about only a few of many inventions and uses of these technologies:

-       Brain-controlled Drone
I’ve been monitoring the news for the last year by searching for the keywords “brain waves” and I can tell you the volume of headlines is growing quickly. In other words, people out there are having fun with brain waves and are creating cool stuff using existing consumer devices and (mostly) insecure software.

Based on my observations using a cheap EEG device and known software, I think that many of these technologies might contain security flaws that make them vulnerable to Man-in-the-Middle attacks, replay attacks, Denial-of-Service attacks, and more.


A few months ago I shown at the Bio Hacking Village at DEF CON 23 and BruCON (full slide deck) some of the risks involved in the acquisition, transmission, and processing of EEG. I consider this pioneering research as a wake up call for vendors and developers of these technologies. I see this similarly to industrial systems, where 10 years ago only a few people were talking about SCADA/Industrial Control System (ICS) security and nowadays it’s a whole sub-industry. Even so, many programmable logical controllers are crashing due to basic malformed packets and many other ICS critical systems are vulnerable to replay attacks due to lack of authentication and encryption. Today, a similar scenario is playing out with brain wave/EEG technology.

It’s also important to briefly mention that some technologies such as Neuromore and NeuroElectrics’ NUBE could be used to upload your EEG activity to the cloud for multiple purposes, which is not addressed in depth here. In that case, privacy also plays an important role: Is your brain activity being sent to the cloud securely? Once in the cloud, is it being stored securely? Place your bets.

In the following sections, I exemplify some of the security concerns I saw while playing with my own brain activity using a Neurosky Mindwave device and a variety of EEG software. Because only a few examples are presented, I encourage you to take a look to the full DEF CON slide deck for more examples.

I should note that real attack scenarios are a bit hard to achieve because specific expertise in EEG is required; however, I believe that such attacks are 100 percent feasible.

Through Internet research, I reviewed many technical manuals, technical specifications, and brochures of EEG devices and software. I searched the documents for the keywords 'secur', 'crypt', 'auth', and 'passw'; 90 percent didn’t contain one such reference. It’s pretty obvious that security has not been considered at all.

The major impact of having no encryption or authentication is that an unauthorized person could read someone’s brain activity or impersonate someone’s waves through replay attacks or data tampering through Man-in-the-Middle (MitM) attacks. The resulting level of risk depends on how the EEG data is used.

Let’s consider a MitM attack scenario where an attacker modifies data on the fly during transmission, after data acquisition and before the brain waves reach the final destination for processing. NeuroServer is an EEG signal transceiver that uses TCP/IP and EDF format. Although the NeuroServer technology is old and unmaintained, it is still in use (mostly for research) and is included in BrainBay, an open-source bio and neurofeedback application.


I recorded the whole MITM attack (full screen is recommended):

For this demonstration, I changed only an ASCII string (the patient name); however, the actual EEG data can be easily manipulated in binary format.


Resilience is the ability to support or recover from adversity, in this case, Denial of Service (DoS) attacks.

Brain waves are data. Data needs to be structured and parsed, and parsers have bugs. Following is a malformed EDF header I created to remotely crash NeuroServer:

I recorded the execution of this remote DoS proof of concept code against NeuroServer:

I couldn’t believe that 1990s techniques are still killing 21st century technology: an infinite loop creating as much network sockets as possible and keeping them open. Following two applications crashing with this old technique:

-       Neuroelectrics NIC TCP Server Remote DoS

-       OpenViBE (software for Brain Computer Interfaces and Real Time Neurosciences) Acquisition Server Remote DoS


From its conception, EEG vendors created their own file formats. Therefore it was very difficult to share patients’ brain waves between hospitals and physicians. Years later, in 1992, the EDF format was conceived and adopted by many vendors. It’s worth mentioning that EDF and its improved version EDF+ (2003), are now old. There are some recent file format specifications and implementations in EEG software; in other words, it’s a new terrain to play.

I spent some time inspecting brochures, manuals and technical specifications to identify the most common file formats; resulting in the following table that shows that the most common formats used are proprietary as well as EDF(+):

Doctors/physicians use client-side software to open files containing recorded EEG data. The security problems with this technology are like those seen in any other software that has been developed insecurely, because in the end, parsing EEG data is like parsing any other file format and parsing involves security risks.

I performed trivial file format fuzzing on some EDF samples containing brain waves in order to identify general software flaws, not only security flaws. Most applications crashed within a few seconds with this malformed data, and most crashes were caused by invalid memory dereferences and other conditions that may or may not be security bugs.

For instance, I was able to force an abnormal termination in Persyst Advanced Review (Insight II), which is commercial software that opens ‘”virtually all commercial EEG formats,” according to its website.

In the following video, some other bugs I found in Natus Stellate Harmonie Viewer, BrainBay, and SigViewer which uses the BioSig library)

I think that bugs in client-side applications are less relevant since the attack surface is reduced because this software is only being used by specialized people. I don’t imagine any exploit code in the future for EEG software, but attackers often launch surprising attacks, so it should still be secured.


When brain waves are communicated over the air through Bluetooth or Wi-Fi, what about jamming? Easy to answer.

What about SHODAN, the search engine for the Internet of Things? I did some searches and found that a few pieces of EEG equipment are accessible on the Internet. The risk here is that an attacker could perform automated password cracking to gain unauthorized access through Remote Desktop. Also I noted that some equipment uses the old and unsupported Windows XP operating system. Hospitals, do you really need this equipment connected to the Internet?


What about regulatory compliance? Well, some efforts have been made to treat EEG data properly. For example, the ACNS (American Clinical Neurophysiology Society) has created some guidelines.
-       (2008) Standard for Transferring Digital Neurophysiological Data Between Independent Computer Systems
-       (2006) Guideline 8: Guidelines for Recording Clinical EEG on Digital Media. Nevertheless, “magnetic storage and CD-ROMs” is mentioned here.

However, the guidelines are somewhat outdated and do not consider the current technologies.


We need more security "in mind" for brain save technologies.

Best practices from the technology perspective, including secure design and secure programming, should be followed.

On the other hand, I think that regulators should issue security requirements in order to make sure a product is treating brain waves in a secure way.

We also need new standards and guidelines for secure treatment of brain waves, not only from and for the health care industry, but instead, for the wide range of industries where brain waves are used nowadays. In part, to prevent an unauthorized person from reading or impersonating EEG data, vendors should implement an authentication mechanism before any read or update of the EEG data or stream. Also, there must be authentication between the acquisition device, the EEG middleware, and the endpoints. An endpoint is the technology that does something with the decoded brain waves data; possible EEG technology endpoints include a drone, prosthesis, biometric mechanism, and more.

If you’re a developer, I encourage you to adopt more secure programming practices. If you’re a vendor, you should test the medical devices and software you are supplying.

The security of this technology is not advancing on pace with the risks. By now, security could be improved by implementing controls surrounding EEG tech such as SSL tunnels to encrypt brain waves in transit. Perhaps in the future we will have layer 7 bio-signals firewalls, sounds crazy right? But let's consider that 10 years ago nobody imagined an ICS /SCADA firewall / Intrusion Prevention System with Deep Packet Inspection in layer 7  to identify malformed packets while inspecting the network. The future is coming fast.

Finally, if you are now hooked on this topic and you are planning a trip to Spain, Dr. Alfonso Muñoz (@mindcrypt), a fellow Senior Security Consultant at IOActive, will present “Cryptography with brainwaves for funand... profit?” on March 3, 2016, at RootedCON in Madrid.

Also, feel free to check out these explanatory articles where this research was mentioned:


Happy brain waves hacking.

- Alejandro