QIF-T0018

medium

Adversarial filter attack

Tier 3 — Demonstrated (Lab-proven)

Legacy status: DEMONSTRATED

Craft minimal perturbations that pass through BCI analog/digital filters but flip decoder output. Exploits gap between what filters remove and what classifiers rely on.

Technique Details

Tactic: QIF-M.SV
Status: DEMONSTRATED
Bands: S1, S2

✚ Therapeutic Application

Crafted input perturbations that pass through BCI signal filters to reach decoder/classifier

Neural Impact

2 of 7 neural bands affected

S1 S2

Drag to rotate. Click a region to learn more.

Click or hover over a glowing region to see the attack techniques targeting it and their severity.

Scoring

NISS v1.1 NISS:1.1/BI:L/CR:H/CD:H/CV:I/RV:P/NP:N

CVSS v4.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L

5.4Medium

Governance

Neurorights at Risk

This technique threatens 3 of the 4 proposed neurorights (Ienca & Andorno, 2017).

MP Mental Privacy CL Cognitive Liberty MI Mental Integrity

Consent Complexity

0.30 / 4.0

FDORA §3305 Compliance

Cyber Device

Regulatory Coverage

0.7 / 1.0

524B Requirements

TM VA SBOM SA PM

Regulatory Gaps

! CVSS partially captures risk; neural dimensions missing

Population Vulnerability

CRB vulnerability adjustment (γ=0.30) accounts for age, diagnosis severity, consent capacity, and device dependency.

Population	NISS Base	Adjusted	Severity	Delta
Adult (Default)	5.4	5.4	Medium	-
Child (10yr) + ADHD	5.4	6.4	Medium	+0.95
Adult with ALS	5.4	6.3	Medium	+0.87

Validation Status

Theoretical / Not yet validated. This technique has not been independently tested. See the validation dashboard for what has been tested.

Qinnovate Neural Security Atlas Edit this on GitHub