Skip to main content
SpringerLink
Log in

The Security and Privacy Concerns on Metaverse

  • Conference paper
  • First Online:
Computer Networks and IoT (IAIC 2023)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 2060))

Included in the following conference series:

  • 19 Accesses

Abstract

As the next development of the Internet, metaverse aims to construct an immersive, hyper-realistic, self-sustaining virtual space. In this space, humans can work, social and entertainment. Over the years, with the continuous development and emergence of various technologies, the realization of metaverse has become possible, and has attracted the attention of researchers. However, the privacy and security problems existing in the Internet world are no exception in metaverse, and even more serious problems will arise in metaverse. In this paper we comprehensively summarize the security and privacy threats in metaverse. Specifically we proposes a three-stage metaverse framework according to the user usage process, including: Ambient Perception, Avatar-Enabled Playing and Virtually Feedback. Meanwhile we point out and summarized the security and privacy issues in metaverse under three-stage framework and the according solutions to key challenges.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 64.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Yang, Q., et al.: Fusing blockchain and AI with metaverse: A survey. IEEE Open Journal of the Computer Society 3, 122–136 (2022)

    Article  Google Scholar 

  2. Stephenson, N.: Snow crash: A novel. Spectra (2003)

    Google Scholar 

  3. Lee, L.H., et al.: All one needs to know about metaverse: a complete survey on technological singularity, virtual ecosystem, and research agenda. Computers and Society (2021)

    Google Scholar 

  4. Mohammadi, N., Taylor, J.E.: Thinking fast and slow in disaster decision-making with Smart City Digital Twins. Nature Comput. Sci. 1(12), 771–773 (2021)

    Article  Google Scholar 

  5. Grieves, M., Vickers, J.: Digital twin: Mitigating unpredictable, undesirable emergent behavior in complex systems. Transdisc. Perspect. Complex Syst. New Find. Approaches, 85–113 (2017)

    Google Scholar 

  6. Leenes, R., Fischer-Huebner, S., Duquenoy, P., Zuccato, A., Martucci, L.: Privacy in the metaverse: regulating a complex social construct in a virtual world. In: FIDIS (2007)

    Google Scholar 

  7. Falchuk, B., Loeb, S., Neff, R.: The social metaverse: Battle for privacy. IEEE Technol. Soc. Maga. 37(2), 52–61 (2018)

    Article  Google Scholar 

  8. Hu, P., Li, H., Fu, H., Cansever, D., Mohapatra, P.: Dynamic defense strategy against advanced persistent threat with insiders. In: International Conference on Computer Communications (2015)

    Google Scholar 

  9. Dionisio, J.D.N., Burns, W.G., Gilbert, R.L.: 3d virtual worlds and the metaverse: current status and future possibilities. ACM Comput. Surv. 45, 1–38 (2013)

    Article  Google Scholar 

  10. Nevelsteen, K.J.L.: Virtual world, defined from a technological perspective and applied to video games, mixed reality, and the Metaverse. Comput. Animat. Virtual Worlds 29(1), e1752 (2018)

    Article  Google Scholar 

  11. Ning, H., et al.: A survey on the metaverse: the state-of-the-art, technologies, applications, and challenges. IEEE Internet Things J. 10, 14671–14688 (2023)

    Article  Google Scholar 

  12. Bourlakis, M., Papagiannidis, S., Li, F.: Retail spatial evolution: paving the way from traditional to metaverse retailing. Electron. Commer. Res. 9, 135–148 (2009)

    Article  Google Scholar 

  13. Díaz, J., Saldaña, C., Avila, C.: Virtual world as a resource for hybrid education. Int. J. Emerg. Technol. Learn. (iJET) 15(15), 94–109 (2020)

    Article  Google Scholar 

  14. Duan, H., et al.: Metaverse for social good: a university campus prototype. In: Proceedings of the 29th ACM International Conference on Multimedia (2021)

    Google Scholar 

  15. Park, S.M., Kim, Y.G.: A metaverse: taxonomy, components, applications, and open challenges. IEEE Access 10, 4209–4251 (2022)

    Article  Google Scholar 

  16. Wang, Y., Su, Z., Zhang, N., Xing, R., Liu, D., Luan, T.H., Shen, X.: A survey on metaverse: fundamentals, security, and privacy. IEEE Commun. Surv. Tutor. 25, 319–352 (2022)

    Article  Google Scholar 

  17. Janin, A.L., Mizell, D.W., Caudell, T.P.: Calibration of head-mounted display for augmented reality applications. In: Virtual Reality Annual International Symposium, 1993. IEEE (1993)

    Google Scholar 

  18. de Guzman, J.A., Thilakarathna, K., Seneviratne, A.: Security and privacy approaches in mixed reality: a literature survey. ACM Comput. Surv. 52, 1–37 (2019)

    Article  Google Scholar 

  19. de Guzman, J.A., Seneviratne, A., Thilakarathna, K.: Unravelling spatial privacy risks of mobile mixed reality data. In: Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies (2021)

    Google Scholar 

  20. Sikder, A.K., Petracca, G., Aksu, H., Jaeger, T., Uluagac, A.S.: A survey on sensor-based threats to internet-of-things (iot) devices and applications. Cryptography and Security (2018)

    Google Scholar 

  21. Pan, Z., Cheok, A.D., Yang, H., Zhu, J., Shi, J.: Virtual reality and mixed reality for virtual learning environments. Comput. Graph. 30(1), 20–28 (2006)

    Google Scholar 

  22. Lau, F., Rubin, S., Smith, M., Trajkovic, L.: Distributed denial of service attacks. In: Systems Man and Cybernetics (2000)

    Google Scholar 

  23. Schwarcz, D.: Transparently opaque: understanding the lack of transparency in insurance consumer protection. Social Sci. Res. Netw. (2013)

    Google Scholar 

  24. Shostack, A.: Elevation of privilege: drawing developers into threat modeling. In: Genetics Selection Evolution (2014)

    Google Scholar 

  25. Barbeau, M., Hall, J., Kranakis, E.: Detecting impersonation attacks in future wireless and mobile networks. In: Burmester, M., Yasinsac, A. (eds.) MADNES 2005. LNCS, vol. 4074, pp. 80–95. Springer, Heidelberg (2006). https://doi.org/10.1007/11801412_8

    Chapter  Google Scholar 

  26. Gulhane, A., et al.: Security, privacy and safety risk assessment for virtual reality learning environment applications. In: Consumer Communications and Networking Conference (2019)

    Google Scholar 

  27. Casey, P., Baggili, I., Yarramreddy, A.: Immersive virtual reality attacks and the human joystick. IEEE Trans. Depend. Secure Comput. 18(2), 550–562 (2019)

    Article  Google Scholar 

  28. Valluripally, S., Gulhane, A., Hoque, K.A., Calyam, P.: Modeling and defense of social virtual reality attacks inducing cybersickness. IEEE Trans. Depend. Secure Comput. 19(6), 4127–4144 (2021)

    Article  Google Scholar 

  29. Lebeck, K., Ruth, K., Kohno, T., Roesner, F.: Towards security and privacy for multi-user augmented reality: foundations with end users. In: IEEE Symposium on Security and Privacy (2018)

    Google Scholar 

  30. Schmalstieg, D., Hollerer, T.: Augmented Reality: Principles and Practice. Addison-Wesley Professional, Boston (2016)

    Google Scholar 

  31. Hasan, R., Saxena, N., Haleviz, T., Zawoad, S., Rinehart, D.: Sensing-enabled channels for hard-to-detect command and control of mobile devices. In: Computer and Communications Security (2013)

    Google Scholar 

  32. Deshotels, L.: Inaudible sound as a covert channel in mobile devices. In: WOOT’14 Proceedings of the 8th USENIX conference on Offensive Technologies (2014)

    Google Scholar 

  33. Subramanian, V., Uluagac, S., Cam, H., Beyah, R.: Examining the characteristics and implications of sensor side channels. In: International Conference on Communications (2013)

    Google Scholar 

  34. Figueiredo, L.S., Livshits, B., Molnar, D., Veanes, M.: Prepose: privacy, security, and reliability for gesture-based programming. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 122–137. IEEE (2016)

    Google Scholar 

  35. Samarati, P.: Protecting respondents identities in microdata release. IEEE Trans. Knowl. Data Eng. 13(6), 1010–1027 (2001)

    Article  Google Scholar 

  36. Yan, F., Zhang, H., Zhao, B.: A secure multi-party computing model based on trusted computing platform. In: 2009 Ninth IEEE International Conference on Computer and Information Technology, vol. 2, pp. 318–322. IEEE (2009)

    Google Scholar 

  37. Li, T., Sahu, A.K., Talwalkar, A., Smith, V.: Federated learning: challenges, methods, and future directions. IEEE Signal Process. Mag. 37(3), 50–60 (2020)

    Article  Google Scholar 

  38. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Symposium on the Theory of Computing (2009)

    Google Scholar 

  39. George, C., et al.: Seamless and secure vr: adapting and evaluating established authentication systems for virtual reality. In: NDSS (2017)

    Google Scholar 

  40. Gaebel, E., Zhang, N., Lou, W., Hou, Y.T.: Looks good to me: authentication for augmented reality. In Proceedings of the 6th International Workshop on Trustworthy Embedded Devices, pp. 57–67 (2016)

    Google Scholar 

  41. Pearson, J., et al.: Chameleon devices: investigating more secure and discreet mobile interactions via active camouflaging. In: Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, pp. 5184–5196 (2017)

    Google Scholar 

  42. Forte, A.G., Garay, J.A., Jim, T., Vahlis, Y.: EyeDecrypt — private interactions in plain sight. In: Abdalla, M., De Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 255–276. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10879-7_15

    Chapter  Google Scholar 

  43. Maloney, D., Zamanifard, S., Freeman, G.: Anonymity vs. familiarity: self-disclosure and privacy in social virtual reality. Virtual Reality Softw. Technol. (2020)

    Google Scholar 

  44. Ruth, K., Kohno, T., Roesner, F.: Secure multi-user content sharing for augmented reality applications. In: Usenix Security Symposium (2019)

    Google Scholar 

  45. Lampson, B.W.: Protection. ACM SIGOPS Oper. Syst. Rev. 8(1), 18–24 (1974)

    Article  Google Scholar 

  46. Sikder, A.K., Aksu, H., Uluagac, A.S.: 6thsense: a context-aware sensor-based attack detector for smart devices. In: Usenix Security Symposium (2017)

    Google Scholar 

  47. Zafar, Y., Har, D.: A novel countermeasure enhancing side channel immunity in FPGAs. In: 2008 International Conference on Advances in Electronics and Micro-Electronics (2008)

    Google Scholar 

  48. Giuseppe, P., Lisa, M.M., Ananthram, S., Trent, J.: Agility maneuvers to mitigate inference attacks on sensed location data. In: IEEE Conference Proceedings (2016)

    Google Scholar 

  49. Lebeck, K., et al.: Securing augmented reality output. In: 2017 IEEE Symposium on Security and Privacy (SP). IEEE (2017)

    Google Scholar 

  50. Ahn, S., Gorlatova, M., Naghizadeh, P., Chiang, M., Mittal, P.: Adaptive fog-based output security for augmented reality. In: ACM Special Interest Group on Data Communication (2018)

    Google Scholar 

  51. Wang, X., Yang, Y., Zeng, Y., Tang, C., Shi, J., Xu, K.: A novel hybrid mobile malware detection system integrating anomaly detection with misuse detection (2015)

    Google Scholar 

  52. Sundarkumar, G.G., Ravi, V., Nwogu, I., Govindaraju, V.: Malware detection via api calls, topic models and machine learning. In: Conference on Automation Science and Engineering (2015)

    Google Scholar 

  53. Almeida, V., Filgueiras, F., Doneda, D.: The ecosystem of digital content governance. IEEE Internet Comput. 25(3), 13–17 (2021)

    Article  Google Scholar 

  54. Woo, G., Lippman, A., Raskar, R.: Vrcodes: unobtrusive and active visual codes for interaction by exploiting rolling shutter. In: 2012 IEEE International Symposium on Mixed and Augmented Reality (ISMAR), pp. 59–64. IEEE (2012)

    Google Scholar 

  55. Lebeck, K., et al.: Towards security and privacy for multi-user augmented reality: foundations with end users. In: 2018 IEEE Symposium on Security and Privacy (SP). IEEE (2018)

    Google Scholar 

  56. Sun, M., Zheng, M., Lui, J.C.S., Jiang, X.: Design and implementation of an android host-based intrusion prevention system. In: Annual Computer Security Applications Conference (2014)

    Google Scholar 

  57. Wu, W.-C., Hung, S.-H.: Droiddolphin: a dynamic android malware detection framework using big data and machine learning. In: Research in Adaptive and Convergent Systems (2014)

    Google Scholar 

Download references

Acknowledgements

This work is supported by the National Natural Science Foundation of China (No. 62172155, 62072465, 62102325), the Natural Science Foundation of Hunan Province (No. 2022JJ40564) and the Science and Technology Innovation Program of Hunan Province (Nos. 2022RC3061, 2021RC2071).

Author information

Authors and Affiliations

  1. College of Computer, National University of Defense Technology, Changsha, 410073, Hunan, China

    Kejiang Liu, Tengfei Zheng, Tongqing Zhou, Chang Liu & Zhiping Cai

  2. School of Design, Hunan University, Changsha, 410082, Hunan, China

    Fang Liu

Authors
  1. Kejiang Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tengfei Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tongqing Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chang Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Fang Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Zhiping Cai
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Fang Liu or Zhiping Cai .

Editor information

Editors and Affiliations

  1. Huazhong University of Science and Technology, Wuhan, Hubei, China

    Hai Jin

  2. Chinese Academy of Science, Shenzhen, China

    Yi Pan

  3. Nanjing University of Science and Technology, Nanjing, China

    Jianfeng Lu

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Liu, K., Zheng, T., Zhou, T., Liu, C., Liu, F., Cai, Z. (2024). The Security and Privacy Concerns on Metaverse. In: Jin, H., Pan, Y., Lu, J. (eds) Computer Networks and IoT. IAIC 2023. Communications in Computer and Information Science, vol 2060. Springer, Singapore. https://doi.org/10.1007/978-981-97-1332-5_23

Download citation

  • DOI: https://doi.org/10.1007/978-981-97-1332-5_23

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-97-1331-8

  • Online ISBN: 978-981-97-1332-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation