QIF-T0074

critical

Cognitive inference from longitudinal in-ear EEG (personalized cognitive profiling)

Tier 4 — Demonstrated (Case Study / Observational)

Legacy status: EMERGING

Given continuous in-ear EEG from QIF-T0073, an ML pipeline trained on the target's neural data over days-to-weeks builds a personalized cognitive profile. Phase 1: baseline extraction (resting alpha power, theta/beta ratio, individual alpha frequency). Phase 2: event-related feature learning (P300 amplitude to stimuli, N400 to semantic content, auditory steady-state responses). Phase 3: longitudinal pattern recognition (attention cycles, emotional valence responses, fatigue signatures, cognitive load indicators). Phase 4: adaptive exploitation — the attacker can now predict the target's cognitive state in real-time and optimize content delivery (ads, misinformation, persuasion) to moments of maximal susceptibility (high theta/low beta = low vigilance, elevated P300 = high attention to specific content). This is the cognitive analog of behavioral advertising but operating on neural signals rather than click patterns. Foundation models for EEG (BENDR, LaBraM) make transfer learning from small per-user datasets feasible. The attack chain is: QIF-T0072 (acoustic access) → QIF-T0073 (neural data capture) → QIF-T0074 (cognitive exploitation).

Technique Details

Tactic: QIF-S.HV
Status: EMERGING
Bands: N3, N4, N5, N6, N7, S2, S3

✚ Therapeutic Application

Machine learning model trained on longitudinal in-ear EEG data to infer cognitive states, build personalized profiles, and enable adaptive neural-targeted content manipulation

Clinical Analog

Longitudinal EEG monitoring for neurofeedback and cognitive rehabilitation

Treats

ADHD neurofeedback training
depression treatment monitoring (alpha asymmetry tracking)
cognitive decline early detection (MCI/Alzheimer's)
personalized learning optimization

Neural Impact

7 of 7 neural bands affected

N3 N4 N5 N6 N7 S2 S3

Drag to rotate. Click a region to learn more.

Click or hover over a glowing region to see the attack techniques targeting it and their severity.

DSM-5-TR Diagnostic Mappings

Diagnostic category references for threat modeling, not diagnostic claims.

F82 Developmental Coordination Disorder F84 Pervasive developmental disorders F20 Schizophrenia Spectrum F44 Dissociative Disorders F90 ADHD F10 Alcohol-related disorders (F10) F42 OCD F95 Tic Disorders F32 Major Depressive Disorder F41.1 Generalized Anxiety Disorder F43.10 PTSD F30 Manic episode F01 Vascular dementia F50 Eating Disorders F52 Sexual Dysfunctions F60 Personality Disorders F45 Somatoform disorders F63 Impulse-Control Disorders F43 PTSD / Trauma F80 Communication Disorders F98.4 Stereotyped movement disorders

Pathway: N7 (PFC/M1) → executive function; N6 (hippocampus/amygdala) → emotion regulation

Following Poldrack (2006), brain region disruption does not uniquely predict psychiatric outcomes.

Scoring

NISS v1.1 NISS:1.1/BI:N/CR:H/CD:H/CV:I/RV:F/NP:T

CVSS v4.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N

4.0Medium

Governance

Neurorights at Risk

This technique threatens 5 of the 4 proposed neurorights (Ienca & Andorno, 2017).

MP Mental Privacy CL Cognitive Liberty MI Mental Integrity DI DI PC Psychological Continuity

Consent Complexity

1.80 / 4.0

FDORA §3305 Compliance

Cyber Device

Regulatory Coverage

0.3 / 1.0

524B Requirements

TM VA SA PM

Regulatory Gaps

! CVSS cannot express neural-specific impacts
! No FDA pathway for consumer sensor exploitation

Population Vulnerability

CRB vulnerability adjustment (γ=0.30) accounts for age, diagnosis severity, consent capacity, and device dependency.

Population	NISS Base	Adjusted	Severity	Delta
Adult (Default)	4.0	4.0	Medium	-
Child (10yr) + ADHD	4.0	4.7	Medium	+0.71
Adult with ALS	4.0	4.6	Medium	+0.64

Validation Status

Theoretical / Not yet validated. This technique has not been independently tested. See the validation dashboard for what has been tested.

Qinnovate Neural Security Atlas Edit this on GitHub