SafeMR: Privacy-aware Visual Information Protection for Mobile Mixed Reality

Guzman, Jaybie A. de; Thilakarathna, Kanchana; Seneviratne, Aruna

doi:10.1109/lcn44214.2019.8990850

Cited by 6 publications

(4 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The collected studies discussing or proposing threat models consider application developers [27,29,30,32,45,59,60,70,72,74,92,126,130,139,161], servers [7,30,92,123], content creators [40,92], device manufacturers [92,131], other users [69,105,125,150], and hackers 1 [40,62,139] as the attackers in VR, or rely on general privacy threat models like Lindunn [31,34,64,70]. Based on these studies and their system decomposition, we adopt a more comprehensive and pervasive privacy-centered attacker classification for VR that encompasses the privacy repercussions of the above threat models.…”

Section: Vr Threatsmentioning

confidence: 99%

SoK: Data Privacy in Virtual Reality

Munilla Garrido,

Nair,

Song

2024

PoPETs

View full text Add to dashboard Cite

The adoption of virtual reality (VR) technologies has rapidly gained momentum in recent years as companies around the world begin to position the so-called ''metaverse'' as the next major medium for accessing and interacting with the internet. While consumers have become accustomed to a degree of data harvesting on the web, the real-time nature of data sharing in the metaverse indicates that privacy concerns are likely to be even more prevalent in the new ''Web 3.0.'' Research into VR privacy has demonstrated that a plethora of sensitive personal information is observable by various would-be adversaries from just a few minutes of telemetry data. On the other hand, we have yet to see VR parallels for many privacy-preserving tools aimed at mitigating threats on conventional platforms. This paper aims to systematize knowledge on the landscape of VR privacy threats and countermeasures by proposing a comprehensive taxonomy of data attributes, protections, and adversaries based on the study of 74 collected publications. We complement our qualitative discussion with a statistical analysis of the risk associated with various data sources inherent to VR in consideration of the known attacks and defenses. By focusing on highlighting the clear outstanding opportunities, we hope to motivate and guide further research into this increasingly important field.

show abstract

Section: Vr Threatsmentioning

confidence: 99%

SoK: Data Privacy in Virtual Reality

Munilla Garrido,

Nair,

Song

2024

PoPETs

View full text Add to dashboard Cite

show abstract

“…Method. From the 68 selected studies, we identified 5 studies that proposed a VR information flow [37], [84], [25], [137], [46] and 21 with an explicit discussion or proposal for VR defense and (predominantly) threat models [28], [116], [26], [37], [84], [64], [55], [27], [29], [65], [56], [123], [42], [58], [113], [30], [134], [112], [95], [67], [6]. Two researchers extracted, discussed, and combined the associated artifacts, resulting in a holistic VR information flow that frames our threat and defense models.…”

Section: Vr Threat and Defense Modelsmentioning

confidence: 99%

“…The collected studies discussing or proposing threat models consider application developers [26], [84], [64], [55], [27], [29], [65], [56], [123], [42], [113], [30], [67], servers [30], [84], [6], content creators [37], [84], device manufacturers [116], [84], other users [112], [134], [95], and hackers 1 [37], [123], [58] as the attackers in VR, or rely on general privacy threat models like Lindunn [31], [60], [28], [64]. Based on these studies, we adopt a more comprehensive and pervasive privacy-centered attacker classification specific to VR that encompasses the privacy repercussions of the above threat models.…”

Section: Vr Threatsmentioning

confidence: 99%

SoK: Data Privacy in Virtual Reality

Garrido¹,

Nair²,

Song³

2023

Preprint

View full text Add to dashboard Cite

The adoption of virtual reality (VR) technologies has rapidly gained momentum in recent years as companies around the world begin to position the so-called "metaverse" as the next major medium for accessing and interacting with the internet. While consumers have become accustomed to a degree of data harvesting on the web, the real-time nature of data sharing in the metaverse indicates that privacy concerns are likely to be even more prevalent in the new "Web 3.0." Research into VR privacy has demonstrated that a plethora of sensitive personal information is observable by various wouldbe adversaries from just a few minutes of telemetry data. On the other hand, we have yet to see VR parallels for many privacy-preserving tools aimed at mitigating threats on conventional platforms. This paper aims to systematize knowledge on the landscape of VR privacy threats and countermeasures by proposing a comprehensive taxonomy of data attributes, protections, and adversaries based on the study of 68 collected publications. We complement our qualitative discussion with a statistical analysis of the risk associated with various data sources inherent to VR in consideration of the known attacks and defenses. By focusing on highlighting the clear outstanding opportunities, we hope to motivate and guide further research into this increasingly important field.

show abstract

“…A second line of work has focused on identifying specific demographic attributes like age and gender based on VR recordings [5,15,71]. As with the identification studies, these works utilize the passive observation of people using standard VR applications.…”

Section: Related Workmentioning

confidence: 99%

Exploring the Privacy Risks of Adversarial VR Game Design

Nair

Garrido²,

Song

et al. 2023

PoPETs

View full text Add to dashboard Cite

Fifty study participants playtested an innocent-looking "escape room" game in virtual reality (VR). Within just a few minutes, an adversarial program had accurately inferred over 25 of their personal data attributes, from anthropometrics like height and wingspan to demographics like age and gender. As notoriously data-hungry companies become increasingly involved in VR development, this experimental scenario may soon represent a typical VR user experience. Since the Cambridge Analytica scandal of 2018, adversarially-designed gamified elements have been known to constitute a significant privacy threat in conventional social platforms. In this work, we present a case study of how metaverse environments can similarly be adversarially constructed to covertly infer dozens of personal data attributes from seemingly-anonymous users. While existing VR privacy research largely focuses on passive observation, we argue that because individuals subconsciously reveal personal information via their motion in response to specific stimuli, active attacks pose an outsized risk in VR environments.

show abstract

SafeMR: Privacy-aware Visual Information Protection for Mobile Mixed Reality

Cited by 6 publications

References 12 publications

SoK: Data Privacy in Virtual Reality

SoK: Data Privacy in Virtual Reality

SoK: Data Privacy in Virtual Reality

Exploring the Privacy Risks of Adversarial VR Game Design

Contact Info

Product

Resources

About