Rise of the Metaverse’s Immersive Virtual Reality Malware and the Man-in-the-Room Attack &amp; Defenses

Vondrek, M.; Baggili, Ibrahim; Casey, Peter; Mekni, Mehdi

doi:10.1016/j.cose.2022.102923

Cited by 34 publications

(13 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Method. From the 68 selected studies, we identified 5 studies that proposed a VR information flow [37], [84], [25], [137], [46] and 21 with an explicit discussion or proposal for VR defense and (predominantly) threat models [28], [116], [26], [37], [84], [64], [55], [27], [29], [65], [56], [123], [42], [58], [113], [30], [134], [112], [95], [67], [6]. Two researchers extracted, discussed, and combined the associated artifacts, resulting in a holistic VR information flow that frames our threat and defense models.…”

Section: Vr Threat and Defense Modelsmentioning

confidence: 99%

SoK: Data Privacy in Virtual Reality

Garrido¹,

Nair²,

Song³

2023

Preprint

View full text Add to dashboard Cite

The adoption of virtual reality (VR) technologies has rapidly gained momentum in recent years as companies around the world begin to position the so-called "metaverse" as the next major medium for accessing and interacting with the internet. While consumers have become accustomed to a degree of data harvesting on the web, the real-time nature of data sharing in the metaverse indicates that privacy concerns are likely to be even more prevalent in the new "Web 3.0." Research into VR privacy has demonstrated that a plethora of sensitive personal information is observable by various wouldbe adversaries from just a few minutes of telemetry data. On the other hand, we have yet to see VR parallels for many privacy-preserving tools aimed at mitigating threats on conventional platforms. This paper aims to systematize knowledge on the landscape of VR privacy threats and countermeasures by proposing a comprehensive taxonomy of data attributes, protections, and adversaries based on the study of 68 collected publications. We complement our qualitative discussion with a statistical analysis of the risk associated with various data sources inherent to VR in consideration of the known attacks and defenses. By focusing on highlighting the clear outstanding opportunities, we hope to motivate and guide further research into this increasingly important field.

show abstract

Section: Vr Threat and Defense Modelsmentioning

confidence: 99%

SoK: Data Privacy in Virtual Reality

Garrido¹,

Nair²,

Song³

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…They also found that attacks such as Man-In-The-Middle (MITM) were plausible due to the lack of encryption, where an attacker can potentially inject themselves into a private room in the virtual world without the need for further authentication. In addition, Vondrek et al [ 49 ] also demonstrated how malware could be used to conduct man-in-the-room attacks in VR systems.…”

Section: Visualization and Cybersecurity Issuesmentioning

confidence: 99%

“…They developed a tool for analyzing memory dumps from a VR system and showed that various pieces of information can be extracted from the memory dumps as potential sources of digital evidence. In addition, the use of forensics of immersive VR systems can also reveal vulnerabilities in the system that an adversary can exploit [ 48 , 49 ]. This will be useful for developers to facilitate the design of security mechanisms to safeguard their systems.…”

Section: Countermeasuresmentioning

confidence: 99%

“…This is a promising research direction because AI-driven cybersecurity techniques can be used in a variety of different Metaverse areas. For example, it can potentially be used to detect identity fraud and impersonations [ 40 ], to detect XR malware intended to cause physical harm [ 12 , 50 , 61 ] or exploit vulnerabilities [ 49 ], to monitor behavior that violates social norms and online abuse, to mitigate cybersickness by dynamically adjusting virtual world functionality [ 60 ], for behavior and biometric authentication [ 37 , 39 , 63 ], and many others.…”

Section: Open Research Directionsmentioning

confidence: 99%

See 1 more Smart Citation

Visualization and Cybersecurity in the Metaverse: A Survey

Chow

Susilo

et al. 2022

J. Imaging

View full text Add to dashboard Cite

The popularity of the Metaverse has rapidly increased in recent years. However, despite the attention, investment, and promise of the Metaverse, there are various cybersecurity issues that must be addressed before the Metaverse can truly be adopted in practice for serious applications. The realization of the Metaverse is envisioned by many as requiring the use of visualization technologies such as Virtual Reality (VR) and Augmented Reality (AR). This visual aspect of the Metaverse will undoubtedly give rise to emerging cybersecurity threats that have not received much attention. As such, the purpose of this survey is to investigate cybersecurity threats faced by the Metaverse in relation to visualization technologies. Furthermore, this paper discusses existing work and open research directions on the development of countermeasures against such threats. As the Metaverse is a multidisciplinary topic, the intention of this work is to provide a background of the field to aid researchers in related areas.

show abstract

“…If the desired behavior is to assign the input data item to one category among several, this is a classification task, e.g., object recognition. Other examples of tasks are machine translation, transcription, anomaly detection, etc [18] [19].…”

Section: Machine Learningmentioning

confidence: 99%

Reinforcement Learning Toolkits for Gaming: A Comparative Qualitative Analysis

Mekni¹,

Jayaramireddy²,

Naraharisetti³

2022

JSEA

Self Cite

View full text Add to dashboard Cite

Historically viewed as a niche economic sector, gaming is now projected to exceed a global annual revenue of $218.7 billion in 2024, taking advantage of recent Artificial Intelligence (AI) advances. In recent years, specific AI techniques namely; Machine Learning (ML) and Reinforcement Learning (RL), have seen impressive progress and popularity. Techniques developed within these two fields are now able to analyze and learn from gameplay experiences enabling more interactive, immersive, and engaging games. While the number of ML and RL algorithms is growing, their implementations through frameworks and toolkits are also extensive too. Moreover, the game design and development community lacks a framework for informed evaluation of available RL toolkits. In this paper, we present a comprehensive survey of RL toolkits for games using a qualitative evaluation methodology.

show abstract

Rise of the Metaverse’s Immersive Virtual Reality Malware and the Man-in-the-Room Attack & Defenses

Cited by 34 publications

References 12 publications

SoK: Data Privacy in Virtual Reality

SoK: Data Privacy in Virtual Reality

Visualization and Cybersecurity in the Metaverse: A Survey

Reinforcement Learning Toolkits for Gaming: A Comparative Qualitative Analysis

Contact Info

Product

Resources

About