Towards Zero-trust Security for the Metaverse
- URL: http://arxiv.org/abs/2302.08885v1
- Date: Fri, 17 Feb 2023 14:13:02 GMT
- Title: Towards Zero-trust Security for the Metaverse
- Authors: Ruizhi Cheng, Songqing Chen, Bo Han
- Abstract summary: We develop a holistic research agenda for zero-trust user authentication in social virtual reality (VR)
Our proposed research includes four concrete steps: investigating biometrics-based authentication that is suitable for continuously authenticating VR users, leveraging federated learning for protecting user privacy in biometric data, improving the accuracy of continuous VR authentication with multimodal data, and boosting the usability of zero-trust security with adaptive VR authentication.
- Score: 14.115124942695887
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: By focusing on immersive interaction among users, the burgeoning Metaverse
can be viewed as a natural extension of existing social media. Similar to
traditional online social networks, there are numerous security and privacy
issues in the Metaverse (e.g., attacks on user authentication and
impersonation). In this paper, we develop a holistic research agenda for
zero-trust user authentication in social virtual reality (VR), an early
prototype of the Metaverse. Our proposed research includes four concrete steps:
investigating biometrics-based authentication that is suitable for continuously
authenticating VR users, leveraging federated learning (FL) for protecting user
privacy in biometric data, improving the accuracy of continuous VR
authentication with multimodal data, and boosting the usability of zero-trust
security with adaptive VR authentication. Our preliminary study demonstrates
that conventional FL algorithms are not well suited for biometrics-based
authentication of VR users, leading to an accuracy of less than 10%. We discuss
the root cause of this problem, the associated open challenges, and several
future directions for realizing our research vision.
Related papers
- An Empirical Study on Oculus Virtual Reality Applications: Security and
Privacy Perspectives [46.995904896724994]
This paper develops a security and privacy assessment tool, namely the VR-SP detector for VR apps.
Using the VR-SP detector, we conduct a comprehensive empirical study on 500 popular VR apps.
We find that a number of security vulnerabilities and privacy leaks widely exist in VR apps.
arXiv Detail & Related papers (2024-02-21T13:53:25Z) - Privacy-Preserving Gaze Data Streaming in Immersive Interactive Virtual Reality: Robustness and User Experience [11.130411904676095]
Eye tracking data, if exposed, can be used for re-identification attacks.
We develop a methodology to evaluate real-time privacy mechanisms for interactive VR applications.
arXiv Detail & Related papers (2024-02-12T14:53:12Z) - Deep Motion Masking for Secure, Usable, and Scalable Real-Time Anonymization of Virtual Reality Motion Data [49.68609500290361]
Recent studies have demonstrated that the motion tracking "telemetry" data used by nearly all VR applications is as uniquely identifiable as a fingerprint scan.
We present in this paper a state-of-the-art VR identification model that can convincingly bypass known defensive countermeasures.
arXiv Detail & Related papers (2023-11-09T01:34:22Z) - Blockchain-empowered Federated Learning for Healthcare Metaverses:
User-centric Incentive Mechanism with Optimal Data Freshness [66.3982155172418]
We first design a user-centric privacy-preserving framework based on decentralized Federated Learning (FL) for healthcare metaverses.
We then utilize Age of Information (AoI) as an effective data-freshness metric and propose an AoI-based contract theory model under Prospect Theory (PT) to motivate sensing data sharing.
arXiv Detail & Related papers (2023-07-29T12:54:03Z) - Unique Identification of 50,000+ Virtual Reality Users from Head & Hand
Motion Data [58.27542320038834]
We show that a large number of real VR users can be uniquely and reliably identified across multiple sessions using just their head and hand motion.
After training a classification model on 5 minutes of data per person, a user can be uniquely identified amongst the entire pool of 50,000+ with 94.33% accuracy from 100 seconds of motion.
This work is the first to truly demonstrate the extent to which biomechanics may serve as a unique identifier in VR, on par with widely used biometrics such as facial or fingerprint recognition.
arXiv Detail & Related papers (2023-02-17T15:05:18Z) - Security and Privacy in Virtual Reality -- A Literature Survey [0.0]
We explore the state-of-the-art in VR privacy and security, we categorise potential issues and threats, and we analyse causes and effects of the identified threats.
We focus on the research previously conducted in the field of authentication in VR, as it stands as the most investigated area in the topic.
We also provide an overview of other interesting uses of VR in the field of cybersecurity, such as the use of VR to teach cybersecurity or evaluate the usability of security solutions.
arXiv Detail & Related papers (2022-04-30T08:45:09Z) - Wireless Edge-Empowered Metaverse: A Learning-Based Incentive Mechanism
for Virtual Reality [102.4151387131726]
We propose a learning-based Incentive Mechanism framework for VR services in the Metaverse.
First, we propose the quality of perception as the metric for VR users in the virtual world.
Second, for quick trading of VR services between VR users (i.e., buyers) and VR SPs (i.e., sellers), we design a double Dutch auction mechanism.
Third, for auction communication reduction, we design a deep reinforcement learning-based auctioneer to accelerate this auction process.
arXiv Detail & Related papers (2021-11-07T13:02:52Z) - Biometrics: Trust, but Verify [49.9641823975828]
Biometric recognition has exploded into a plethora of different applications around the globe.
There are a number of outstanding problems and concerns pertaining to the various sub-modules of biometric recognition systems.
arXiv Detail & Related papers (2021-05-14T03:07:25Z) - Towards Secure and Usable Authentication for Augmented and Virtual
Reality Head-Mounted Displays [5.476958867922322]
ZeTA protocol allows secure authentication even in shared spaces for the AR & VR context.
Research goal is to evaluate different designs of ZeTA concerning their usability and users' risk perception regarding their security.
arXiv Detail & Related papers (2020-07-22T20:34:14Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.