Zihao Su,Kunlin Cai,Reuben Beeler,Lukas Dresel,Allan Garcia,Ilya Grishchenko,Yuan Tian,Christopher Kruegel,Giovanni Vigna

2024-09-17

Abstract:As Virtual Reality (VR) applications grow in popularity, they have bridged distances and brought users closer together. However, with this growth, there have been increasing concerns about security and privacy, especially related to the motion data used to create immersive experiences. In this study, we highlight a significant security threat in multi-user VR applications, which are applications that allow multiple users to interact with each other in the same virtual space. Specifically, we propose a remote attack that utilizes the avatar rendering information collected from an adversary's game clients to extract user-typed secrets like credit card information, passwords, or private conversations. We do this by (1) extracting motion data from network packets, and (2) mapping motion data to keystroke entries. We conducted a user study to verify the attack's effectiveness, in which our attack successfully inferred 97.62% of the keystrokes. Besides, we performed an additional experiment to underline that our attack is practical, confirming its effectiveness even when (1) there are multiple users in a room, and (2) the attacker cannot see the victims. Moreover, we replicated our proposed attack on four applications to demonstrate the generalizability of the attack. Lastly, we proposed a defense against the attack, which has been implemented by major players in the VR industry. These results underscore the severity of the vulnerability and its potential impact on millions of VR social platform users.

Cryptography and Security

Zhen Ling,Zupei Li,Chen Chen,Junzhou Luo,Wei Yu,Xinwen Fu

DOI: https://doi.org/10.1109/CNS.2019.8802674

2019-01-01

Abstract:Virtual reality (VR) techniques offer users immersive experiences in a virtual environment (VE) where they can enjoy gaming, training, shopping and social activities. However, security and privacy issues of VR are rarely investigated. In this paper, we introduce novel computer vision-based and motion sensor-based side channel attacks to infer keystrokes in a virtual environment. In the computer vision-based attack, a stereo camera records a user maneuvering a pointing device and inputting passwords. Various computer vision techniques are used to detect the touching frames in which the user taps a touchpad to enter keys on the virtual keyboard within the VE. We then estimate the pose of the headset and derive the orientation of the virtual pointing ray in each touching frame. In the motion sensor-based attack, we exploit sensors including accelerometer, gyroscope and magnetometer built inside the pointing device to retrieve orientation angles of the pointing device. With orientation angles of the pointing device, we can derive the empirical rotation angles and infer the clicked keys by assessing the similarity between the empirical rotation angles and the reference ones between keys. Extensive real-world experiments are performed to demonstrate the feasibility and effectiveness of these side channel attacks.

Yan Meng,Yuxia Zhan,Jiachun Li,Suguo Du,Haojin Zhu,Xuemin Shen

DOI: https://doi.org/10.1109/tmc.2024.3426046

IF: 6.075

2024-01-01

IEEE Transactions on Mobile Computing

Abstract:By providing users with an immersive visual and acoustic experience, virtual reality (VR) serves as a foundational technique for the emerging metaverse. One of the most promising aspects of VR is its ability to protect users' identities by transforming their physical appearances into avatars with arbitrary appearances in the virtual world. However, the increasing threat of de-anonymization attacks that seek to reveal users' identities poses significant privacy risks. We propose AvatarHunter, a non-intrusive and user-unaware de-anonymization attack leveraging victims' inherent movement signatures. AvatarHunter discreetly collects the avatar's gait information by recording videos in the VR scenario without requiring any permissions. Notably, we designed a Unity-based feature extractor that maintains the avatar's movement signature while enabling AvatarHunter to be resistant to changes in the avatar's appearance. We conduct real-world experiments on VRChat to evaluate AvatarHunter's effectiveness. The results demonstrate that in commercial settings, AvatarHunter achieves attack success rates (ASR) of 92.1% and 66.9% in closed-world and open-world avatar scenarios, respectively, significantly surpassing existing benchmarks. Additionally, simulations using an open-source dataset confirm that AvatarHunter can attain over 78% ASR in full-body tracking scenarios. Finally, we discuss several countermeasures and implement an obfuscation mechanism during the avatar rendering phase, significantly reducing the ASR.

Yan Meng,Yuxia Zhan,Jiachun Li,Suguo Du,Haojin Zhu,Xuemin Sherman Shen

DOI: https://doi.org/10.1109/infocom53939.2023.10229062

2023-01-01

Abstract:Virtual reality (VR) can provide users with an immersive experience in the metaverse. One of the most promising properties of VR is that users’ identities can be protected by changing their physical world appearances into arbitrary virtual avatars. However, recent proposed de-anonymization attacks demonstrate the feasibility of recognizing the user’s identity behind the VR avatar’s masking. In this paper, we propose AvatarHunter, a non-intrusive and user-unconscious de-anonymization attack based on victims’ inherent movement signatures. AvatarHunter imperceptibly collects the victim avatar’s gait information via recording videos from multiple views in the VR scenario without requiring any permission. A Unity-based feature extractor is designed that preserves the avatar’s movement signature while immune to the avatar’s appearance changes. Real-world experiments are conducted in VRChat, one of the most popular VR applications. The experimental results demonstrate that AvatarHunter can achieve attack success rates of 92.1% and 66.9% in closed-world and open-world avatar settings, respectively, which are much better than existing works.

Luoyu Mei,Ruofeng Liu,Zhimeng Yin,Qingchuan Zhao,Wenchao Jiang,Shuai Wang,Kangjie Lu,Tian He

2024-11-15

Abstract:Virtual reality (VR), while enhancing user experiences, introduces significant privacy risks. This paper reveals a novel vulnerability in VR systems that allows attackers to capture VR privacy through obstacles utilizing millimeter-wave (mmWave) signals without physical intrusion and virtual connection with the VR devices. We propose mmSpyVR, a novel attack on VR user's privacy via mmWave radar. The mmSpyVR framework encompasses two main parts: (i) A transfer learning-based feature extraction model to achieve VR feature extraction from mmWave signal. (ii) An attention-based VR privacy spying module to spy VR privacy information from the extracted feature. The mmSpyVR demonstrates the capability to extract critical VR privacy from the mmWave signals that have penetrated through obstacles. We evaluate mmSpyVR through IRB-approved user studies. Across 22 participants engaged in four experimental scenes utilizing VR devices from three different manufacturers, our system achieves an application recognition accuracy of 98.5\% and keystroke recognition accuracy of 92.6\%. This newly discovered vulnerability has implications across various domains, such as cybersecurity, privacy protection, and VR technology development. We also engage with VR manufacturer Meta to discuss and explore potential mitigation strategies. Data and code are publicly available for scrutiny and research at <a class="link-external link-https" href="https://github.com/luoyumei1-a/mmSpyVR/" rel="external noopener nofollow">this https URL</a>

Cryptography and Security,Computer Vision and Pattern Recognition

Mohd Sabra,Nisha Vinayaga Sureshkanth,Ari Sharma,Anindya Maiti,Murtuza Jadliwala

DOI: https://doi.org/10.48550/arXiv.2301.09041

2023-01-22

Cryptography and Security

Abstract:Virtual Reality (VR) is an exciting new consumer technology which offers an immersive audio-visual experience to users through which they can navigate and interact with a digitally represented 3D space (i.e., a virtual world) using a headset device. By (visually) transporting users from the real or physical world to exciting and realistic virtual spaces, VR systems can enable true-to-life and more interactive versions of traditional applications such as gaming, remote conferencing, social networking and virtual tourism. However, as with any new consumer technology, VR applications also present significant user-privacy challenges. This paper studies a new type of privacy attack targeting VR users by connecting their activities visible in the virtual world (enabled by some VR application/service) to their physical state sensed in the real world. Specifically, this paper analyzes the feasibility of carrying out a de-anonymization or identification attack on VR users by correlating visually observed movements of users' avatars in the virtual world with some auxiliary data (e.g., motion sensor data from mobile/wearable devices held by users) representing their context/state in the physical world. To enable this attack, this paper proposes a novel framework which first employs a learning-based activity classification approach to translate the disparate visual movement data and motion sensor data into an activity-vector to ease comparison, followed by a filtering and identity ranking phase outputting an ordered list of potential identities corresponding to the target visual movement data. Extensive empirical evaluation of the proposed framework, under a comprehensive set of experimental settings, demonstrates the feasibility of such a de-anonymization attack.

Vivek Nair,Gonzalo Munilla Garrido,Dawn Song,James F. O'Brien

DOI: https://doi.org/10.56553/popets-2023-0108

2023-12-13

Abstract:Fifty study participants playtested an innocent-looking "escape room" game in virtual reality (VR). Within just a few minutes, an adversarial program had accurately inferred over 25 of their personal data attributes, from anthropometrics like height and wingspan to demographics like age and gender. As notoriously data-hungry companies become increasingly involved in VR development, this experimental scenario may soon represent a typical VR user experience. Since the Cambridge Analytica scandal of 2018, adversarially designed gamified elements have been known to constitute a significant privacy threat in conventional social platforms. In this work, we present a case study of how metaverse environments can similarly be adversarially constructed to covertly infer dozens of personal data attributes from seemingly anonymous users. While existing VR privacy research largely focuses on passive observation, we argue that because individuals subconsciously reveal personal information via their motion in response to specific stimuli, active attacks pose an outsized risk in VR environments.

Cryptography and Security

Sameer Chauhan,Luv Sachdeva

2024-01-31

Abstract:Virtual reality and related technologies such as mixed and augmented reality have received extensive coverage in both mainstream and fringe media outlets. When the subject goes to a new AR headset, another AR device, or AR glasses, the talk swiftly shifts to the technical and design details. Unfortunately, no one seemed to care about security. Data theft and other forms of cyberattack pose serious threats to virtual reality systems. Virtual reality goggles are just specialist versions of computers or Internet of Things devices, whereas virtual reality experiences are software packages. As a result, AR systems are just as vulnerable as any other Internet of Things (IoT) device we use on a daily basis, such as computers, tablets, and phones. Preventing and responding to common cybersecurity threats and assaults is crucial. Cybercriminals can exploit virtual reality headsets just like any other computer system. This paper analysis the data breach induced by these assaults could result in a variety of concerns, including but not limited to identity theft, the unauthorized acquisition of personal information or network credentials, damage to hardware and software, and so on. Augmented reality (AR) allows for real-time monitoring and visualization of network activity, system logs, and security alerts. This allows security professionals to immediately identify threats, monitor suspicious activities, and fix any issues that develop. This data can be displayed in an aesthetically pleasing and intuitively structured format using augmented reality interfaces, enabling for faster analysis and decision-making.

Cryptography and Security,Information Theory

Hanqiu Wang,Zihao Zhan,Haoqi Shan,Siqi Dai,Max Panoff,Shuo Wang

2024-09-12

Abstract:The advent and growing popularity of Virtual Reality (VR) and Mixed Reality (MR) solutions have revolutionized the way we interact with digital platforms. The cutting-edge gaze-controlled typing methods, now prevalent in high-end models of these devices, e.g., Apple Vision Pro, have not only improved user experience but also mitigated traditional keystroke inference attacks that relied on hand gestures, head movements and acoustic side-channels. However, this advancement has paradoxically given birth to a new, potentially more insidious cyber threat, GAZEploit. In this paper, we unveil GAZEploit, a novel eye-tracking based attack specifically designed to exploit these eye-tracking information by leveraging the common use of virtual appearances in VR applications. This widespread usage significantly enhances the practicality and feasibility of our attack compared to existing methods. GAZEploit takes advantage of this vulnerability to remotely extract gaze estimations and steal sensitive keystroke information across various typing scenarios-including messages, passwords, URLs, emails, and passcodes. Our research, involving 30 participants, achieved over 80% accuracy in keystroke inference. Alarmingly, our study also identified over 15 top-rated apps in the Apple Store as vulnerable to the GAZEploit attack, emphasizing the urgent need for bolstered security measures for this state-of-the-art VR/MR text entry method.

Human-Computer Interaction,Computer Vision and Pattern Recognition

Ethan Wilson,Azim Ibragimov,Michael J. Proulx,Sai Deep Tetali,Kevin Butler,Eakta Jain

DOI: https://doi.org/10.1109/tvcg.2024.3372032

IF: 5.2

2024-01-01

IEEE Transactions on Visualization and Computer Graphics

Abstract:Eye tracking is routinely being incorporated into virtual reality (VR) systems. Prior research has shown that eye tracking data, if exposed, can be used for re-identification attacks [14]. The state of our knowledge about currently existing privacy mechanisms is limited to privacy-utility trade-off curves based on data-centric metrics of utility, such as prediction error, and black-box threat models. We propose that for interactive VR applications, it is essential to consider user-centric notions of utility and a variety of threat models. We develop a methodology to evaluate real-time privacy mechanisms for interactive VR applications that incorporate subjective user experience and task performance metrics. We evaluate selected privacy mechanisms using this methodology and find that re-identification accuracy can be decreased to as low as 14% while maintaining a high usability score and reasonable task performance. Finally, we elucidate three threat scenarios (black-box, black-box with exemplars, and white-box) and assess how well the different privacy mechanisms hold up to these adversarial scenarios. This work advances the state of the art in VR privacy by providing a methodology for end-to-end assessment of the risk of re-identification attacks and potential mitigating solutions. f.

computer science, software engineering

Tao Ni,Yuefeng Du,Qingchuan Zhao,Cong Wang

2024-12-19

Abstract:Virtual Reality (VR) technologies are increasingly employed in numerous applications across various areas. Therefore, it is essential to ensure the security of interactions between users and VR devices. In this paper, we disclose a new side-channel leakage in the constellation tracking system of mainstream VR platforms, where the infrared (IR) signals emitted from the VR controllers for controller-headset interactions can be maliciously exploited to reconstruct unconstrained input keystrokes on the virtual keyboard non-intrusively. We propose a novel keystroke inference attack named VRecKey to demonstrate the feasibility and practicality of this novel infrared side channel. Specifically, VRecKey leverages a customized 2D IR sensor array to intercept ambient IR signals emitted from VR controllers and subsequently infers (i) character-level key presses on the virtual keyboard and (ii) word-level keystrokes along with their typing trajectories. We extensively evaluate the effectiveness of VRecKey with two commercial VR devices, and the results indicate that it can achieve over 94.2% and 90.5% top-3 accuracy in inferring character-level and word-level keystrokes with varying lengths, respectively. In addition, empirical results show that VRecKey is resilient to several practical impact factors and presents effectiveness in various real-world scenarios, which provides a complementary and orthogonal attack surface for the exploration of keystroke inference attacks in VR platforms.

Cryptography and Security

Jingjie Li,Sunpreet Singh Arora,Kassem Fawaz,Younghyun Kim,Can Liu,Sebastian Meiser,Mohsen Minaei,Maliheh Shirvanian,Kim Wagner

2023-06-04

Abstract:Users readily embrace the rapid advancements in virtual reality (VR) technology within various everyday contexts, such as gaming, social interactions, shopping, and commerce. In order to facilitate transactions and payments, VR systems require access to sensitive user data and assets, which consequently necessitates user authentication. However, there exists a limited understanding regarding how users' unique experiences in VR contribute to their perception of security. In our study, we adopt a research approach known as ``technology probe'' to investigate this question. Specifically, we have designed probes that explore the authentication process in VR, aiming to elicit responses from participants from multiple perspectives. These probes were seamlessly integrated into the routine payment system of a VR game, thereby establishing an organic study environment. Through qualitative analysis, we uncover the interplay between participants' interaction experiences and their security perception. Remarkably, despite encountering unique challenges in usability during VR interactions, our participants found the intuitive virtualized authentication process beneficial and thoroughly enjoyed the immersive nature of VR. Furthermore, we observe how these interaction experiences influence participants' ability to transfer their pre-existing understanding of authentication into VR, resulting in a discrepancy in perceived security. Moreover, we identify users' conflicting expectations, encompassing their desire for an enjoyable VR experience alongside the assurance of secure VR authentication. Building upon our findings, we propose recommendations aimed at addressing these expectations and alleviating potential conflicts.

Cryptography and Security,Human-Computer Interaction

Anh Nguyen,Xiaokuan Zhang,Zhisheng Yan

2024-03-08

Abstract:In this paper, we present the first contactless side-channel attack for identifying 360 videos being viewed in a Virtual Reality (VR) Head Mounted Display (HMD). Although the video content is displayed inside the HMD without any external exposure, we observe that user head movements are driven by the video content, which creates a unique side channel that does not exist in traditional 2D videos. By recording the user whose vision is blocked by the HMD via a malicious camera, an attacker can analyze the correlation between the user's head movements and the victim video to infer the video title.

Human-Computer Interaction

Vivek Nair,Gonzalo Munilla Garrido,Dawn Song

DOI: https://doi.org/10.1145/3586183.3606754

2023-10-23

Abstract:Virtual reality (VR) telepresence applications and the so-called "metaverse" promise to be the next major medium of human-computer interaction. However, with recent studies demonstrating the ease at which VR users can be profiled and deanonymized, metaverse platforms carry many of the privacy risks of the conventional internet (and more) while at present offering few of the defensive utilities that users are accustomed to having access to. To remedy this, we present the first known method of implementing an "incognito mode" for VR. Our technique leverages local differential privacy to quantifiably obscure sensitive user data attributes, with a focus on intelligently adding noise when and where it is needed most to maximize privacy while minimizing usability impact. Our system is capable of flexibly adapting to the unique needs of each VR application to further optimize this trade-off. We implement our solution as a universal Unity (C#) plugin that we then evaluate using several popular VR applications. Upon faithfully replicating the most well-known VR privacy attack studies, we show a significant degradation of attacker capabilities when using our solution.

Cryptography and Security

Yan-Ming Chiou,Bob Price,Chien-Chung Shen,Syed Ali Asif

2024-04-24

Abstract:Integrating mixed reality (MR) with artificial intelligence (AI) technologies, including vision, language, audio, reasoning, and planning, enables the AI-powered MR assistant [1] to substantially elevate human efficiency. This enhancement comes from situational awareness, quick access to essential information, and support in learning new skills in the right context throughout everyday tasks. This blend transforms interactions with both the virtual and physical environments, catering to a range of skill levels and personal preferences. For instance, computer vision enables the understanding of the user's environment, allowing for the provision of timely and relevant digital overlays in MR systems. At the same time, language models enhance comprehension of contextual information and support voice-activated dialogue to answer user questions. However, as AI-driven MR systems advance, they also unveil new vulnerabilities, posing a threat to user safety by potentially exposing them to grave dangers [5, 6].

Human-Computer Interaction

Sarina Dastgerdy

2024-07-23

Abstract:Various industries have widely adopted Virtual Reality (VR) and Augmented Reality (AR) technologies to enhance productivity and user experiences. However, their integration introduces significant security challenges. This systematic literature review focuses on identifying devices used in AR and VR technologies and specifies the associated vulnerabilities, particularly during the reconnaissance phase and vulnerability assessment, which are critical steps in penetration testing. Following Kitchenham and Charters' guidelines, we systematically selected and analyzed primary studies. The reconnaissance phase involves gathering detailed information about AR and VR systems to identify potential attack vectors. In the vulnerability assessment phase, these vectors are analyzed to pinpoint weaknesses that malicious actors could exploit. Our findings reveal that AR and VR devices, such as headsets (e.g., HTC Vive, Oculus Quest), development platforms (e.g., Unity Framework, Google Cardboard SDK), and applications (e.g., Bigscreen VR, VRChat), are susceptible to various attacks, including remote code execution, cross-site scripting (XSS), eavesdropping, and man-in-the-room attacks. Specifically, the Bigscreen VR application exhibited severe vulnerabilities like remote code execution (RCE) via the 'Application.OpenURL' API, XSS in user inputs, and botnet propagation. Similarly, the Oculus Quest demonstrated susceptibility to side-channel attacks and ransomware. This paper provides a detailed overview of specific device vulnerabilities and emphasizes the importance of the initial steps in penetration testing to identify security weaknesses in AR and VR systems. By highlighting these vulnerabilities, we aim to assist researchers in exploring and mitigating these security challenges, ensuring the safe deployment and use of AR and VR technologies across various sectors.

Cryptography and Security

Samantha Aziz,Oleg Komogortsev

2024-11-18

Abstract:Virtual reality (VR) devices use a variety of sensors to capture a rich body of user-generated data, which can be misused by malicious parties to covertly infer information about the user. Privacy-enhancing techniques seek to reduce the amount of personally identifying information in sensor data, but these techniques are typically developed for a subset of data streams that are available on the platform, without consideration for the auxiliary information that may be readily available from other sensors. In this paper, we evaluate whether body motion data can be used to circumvent the privacy protections applied to eye tracking data to enable user identification on a VR platform, and vice versa. We empirically show that eye tracking, headset tracking, and hand tracking data are not only informative for inferring user identity on their own, but contain complementary information that can increase the rate of successful user identification. Most importantly, we demonstrate that applying privacy protections to only a subset of the data available in VR can create an opportunity for an adversary to bypass those privacy protections by using other unprotected data streams that are available on the platform, performing a user identification attack as accurately as though a privacy mechanism was never applied. These results highlight a new privacy consideration at the intersection between eye tracking and VR, and emphasizes the need for privacy-enhancing techniques that address multiple technologies comprehensively.

Human-Computer Interaction

Brandon Falk,Yan Meng,Yuxia Zhan,Haojin Zhu

DOI: https://doi.org/10.1145/3460120.3485345

2021-01-01

Abstract:Virtual reality (VR) is on the precipice of entering mainstream entertainment with devices equipped with a multitude of sensing, tracking, and internet capabilities that can reshape the current infotainment industry such as online gaming or conferences with novel features. With VR techniques, the online gamer or conference attendances could choose to keep their identity anonymous by easily altering their appearances (i.e., avatars). However, in this study, we present ReAvatar, a novel de-anonymization attack that identifies users by their virtual avatar via a correlation in specific recorded movements. Using 3D pose estimation, we train a sophisticated machine learning model with user movement data recorded while performing a set of movements in real life and then again with their avatars. We then map correlations between these two sets of movement data using a bespoke agglomerative clustering algorithm and establish relationship between the user's virtual and real-life identity. ReAvatar achieves 89.60% accuracy in detecting a unique user among multiple avatars. The security and privacy implications of this paper will be foundational for users and researchers alike that explore the realm of virtual reality.

Wen-Jie Tseng,Elise Bonnail,Mark McGill,Mohamed Khamis,Eric Lecolinet,Samuel Huron,Jan Gugenheimer

DOI: https://doi.org/10.1145/3491102.3517728

2022-04-29

Abstract:“Virtual-Physical Perceptual Manipulations” (VPPMs) such as redirected walking and haptics expand the user’s capacity to interact with Virtual Reality (VR) beyond what would ordinarily physically be possible. VPPMs leverage knowledge of the limits of human perception to effect changes in the user’s physical movements, becoming able to (perceptibly and imperceptibly) nudge their physical actions to enhance interactivity in VR. We explore the risks posed by the malicious use of VPPMs. First, we define, conceptualize and demonstrate the existence of VPPMs. Next, using speculative design workshops, we explore and characterize the threats/risks posed, proposing mitigations and preventative recommendations against the malicious use of VPPMs. Finally, we implement two sample applications to demonstrate how existing VPPMs could be trivially subverted to create the potential for physical harm. This paper aims to raise awareness that the current way we apply and publish VPPMs can lead to malicious exploits of our perceptual vulnerabilities.

Yu-Szu Wei,Yuan-Chun Sun,Shin-Yi Zheng,Hsun-Fu Hsu,Chun-Ying Huang,Cheng-Hsin Hsu

DOI: https://doi.org/10.1109/mipr62202.2024.00040

2024-01-01

Abstract:Virtual Reality (VR) applications take users' Head-Mounted Display (HMD) and controller trajectories as inputs for an immersive experience. Leakage of these trajectories threatens user privacy in several aspects, including but not limited to their identities. Existing privacy-preserving approaches, however, overlook the temporal correlation of VR user trajectories, which could be leveraged by attackers. In this paper, we develop a disturber to perturb VR user trajectories in both temporal and spatial domains on the fly. Such trajectory perturbations could, unfortunately, lead to distorted rendered VR viewports. Thus, we develop a compensator to recover from such distortion using efficient image-warping algorithms. Our evaluation results show the merits of our proposed solution: (i) our disturber alone reduces at most 0.42 re-identification rate of VR users compared to the state-of-the-art approach, (ii) our disturber alone outperforms the state-of-the-art approach by 2.43 dB in PSNR, 0.13 in SSIM, and 8.15 in VMAF under the same privacy-preserving settings, and (iii) our compensator further boosts the visual quality of a VR application by at most 6.83 dB in PSNR, 0.45 in SSIM, and 34.57 in VMAF, compared to disturber-only solution.