See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/365476538

Security and Privacy in Metaverse: A Comprehensive Survey

Article  in  Big Data Mining and Analytics · November 2022

DOI: 10.26599/BDMA.2022.9020047

CITATIONS READS

11 661

3 authors, including:

Yan Huang Yi Li
Kennesaw State University Kennesaw State University
1 PUBLICATION   11 CITATIONS    19 PUBLICATIONS   354 CITATIONS   

SEE PROFILE SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Affective Games for ASD View project

All content following this page was uploaded by Yan Huang on 17 November 2022.

The user has requested enhancement of the downloaded file.

BIG DATA MINING AND ANALYTICS
ISSN 1007-0214 0x/xx ppxxx–xxx
DOI: 10.26599/BDMA.2022.9020047
Volume x, Number x, xxxxxxx 20xx

Security and Privacy in Metaverse: A Comprehensive Survey

Yan Huang, Yi (Joy) Li∗ , and Zhipeng Cai.

Abstract:
Metaverse describes a new shape of cyberspace and has become a hot-trending word since 2021. There are
many explanations about what Meterverse is and attempts to provide a formal standard or definition of Metaverse.
However, these definitions could hardly reach universal acceptance. Rather than providing a formal definition of
the Metaverse, we list the four must-have characteristics of the Metaverse: Socialization, Immersive Interaction,
Real World-building, and Expandability. These characteristics carve the Metaverse into a novel, fantastic digital
world but also make it suffer from all security/privacy risks, such as personal information leakage, eavesdropping,
unauthorized access, phishing, data injection, broken authentication, insecure design, and more. This paper first
introduces the four characteristics, then the current progress and typical applications of the Metaverse are surveyed
and categorized into four economic sectors. Based on the four characteristics and the findings of the current
progress, the security and privacy issues in the Metaverse are investigated. We then identify and discuss more
potential critical security and privacy issues that can be caused by combining the four characteristics. Lastly, the
paper also raises some other concerns regarding society and humanity.

Keywords: Metaverse, cybersecurity, privacy protection, cyber infrastructure, extended reality

Metaverse is the next digital era that will change every-

thing (Fig. 1 [78]). For any emerging technology in cy-
1 Introduction berspace, it is reasonable to be cautious, and one should
consider its security and privacy issues from day one.
Metaverse, a word coined in the 1992 novel Snow
Likewise, we must be fully prepared for security and
Crash, became popular in 2021 after Mark Zuckerberg
privacy protection in the Metaverse before it flourishes
bet the future of Meta (former Facebook) on it. It de-
in our daily lives. In order to do that, a good understand-
scribes a virtual space accessible to everyone through
ing of what exactly Metaverse is and an investigation of
the Internet and defines a new generation of the so-
its current progress will be needed.
cial world on the Internet. The Times Journal says the
What is Metaverse? There are many discussions
about what the Metaverse is and how it fits into current
• Yan Huang and Yi (Joy) Li are with the Department of Software cyberspace. Different from other virtual spaces, Meta-
Engineering and Game Development, Kennesaw State Univer-
verse is targeting to build a digital copy mapped from
sity, Atlanta 30060, USA. E-mail: [email protected]
and [email protected] our real world with imaginary extension. The Meta-
• Zhipeng Cai is with the Department of Computer Sci- verse is still in the early development stage. Many new
ence, Georgia State University, Atlanta 30303, USA. E-mail: technologies are on the way to carve the shape of the
[email protected] immersive digital space. Therefore, it is challenging to
∗ To whom correspondence should be addressed. define this term elaborately and accurately in academia.
Manuscript received: 2022-10-4; accepted: 2022-11-16 On the other hand, to become the new generation of cy-
 2 Big Data Mining and Analytics, 9020047 2022, x(x): xxx-xxx

berspace on the Internet, it is our insights that Meta-

verse has to include four characteristics: socialization,
immersive interaction, imitation of the real world, and
expandability. (1) Socialization: Metaverse connects
people who have access to the Internet. Users in the
Metaverse are able to post/share their social profiles and
interact with other users. (2) Immersive Interaction:
Users are able to have better machine-human interac-
tions, such as extended reality (XR) and brain-computer
interface, that are far more immersive and intuitive than
traditional interactions based on sentences, images, and
videos. (3) Real World-building: Metaverse is able to
provide virtual world spaces for many kinds of real-life
activities such as meeting, playing, shopping, traveling,
etc. (4) Expandability: Metaverse has more possibil-
ities and extensions than the real world, especially in
science fiction and fantasy. In Metaverse, users can en-
joy more functionalities that they cannot achieve in the
real world, such as digital modeling and virtual educa-
tional science exploration. In addition, Metaverse not
only contains the summation of these four characteris-
tics but also reaches the next level of user experiences Fig. 1 The Metaverse Cover in Time Journal [78]
with cross-reinforcement of the four. For example, as
the movie “Ready Player One” depicted, people can
verse. Then we analyze and discuss security and privacy
have a cyber-life in the virtual world, where they can
issues and solutions of current Metaverse applications.
make friends, play, do business, and have other real-life
Lastly, we further explore and forecast possible security
and fictional activities with immersive interactions.
and privacy issues in the future Metaverse.
Why we care about the Security and Privacy in
Metaverse? Metaverse has all the benefits of the 2 Metaverse Progress and Applications
above four characteristics while also suffering from all
their security/privacy risks, such as personal informa- Current progress of Metaverse?
tion leakage, eavesdropping, data theft, unauthorized Before the potable VR headsets or AR glasses be-
access, phishing, data injection, broken authentication, came hot-trending gaming tools on the market, the clos-
insecure design, and more. What is worse, the com- est implementation for metaverse was the Second Life
bination of these four characteristics makes current se- platform, which many researchers referred to as “meta-
curity and privacy issues more critical. For example, verse” when working on the platform. Second Life
personal information is more likely to be stolen be- is a 3D digital gaming world that provides a digital
cause Metaverse includes more personal elements to replica of the real world. Users can interact with each
build such immersive social cyberspace. Furthermore, other and the environment using textural, oral, ges-
Metaverse may cause issues that we have never expe- tural, and graphic languages. Educators treated the
rienced before. For instance, hackers may hack into a platform as an innovative teaching method for diverse
human’s physical body from a brain-computer interface classrooms [28,40], researchers used it for embodiment
connected to Metaverse. and behavioral change [15], healthcare professionals at-
Therefore, it is high time for engineers, researchers, tempted to use it for advocating healthy behaviors in the
and entrepreneurs to discuss and understand the impact treatment of substance abuse [15], companies made use
of the upcoming revolution. We wish to provide in- of it for social networking and team building projects.
sights into future Metaverse and methodically address However, as immersive technologies and IoT technolo-
the challenges and practical solutions. gies emerged, Second Life soon lost its weight in the
In this paper, we survey the current progress of Meta- foundation of the new metaverse era.
 Yan Huang et al.: Security and Privacy in Metaverse: A Comprehensive Survey 3

Immersive technologies, including virtual reality,

augmented reality, mixed reality, and extended reality,
embraced a rapid development in both hardware and
software through the 2010s. Meta Platform pushes the
Metaverse industry further to a new level with 10 mil-
lion Oculus Quest 2 headsets deliveries. The break-
through in immersive technologies has enabled the fun-
damental infrastructure of the Metaverse. The inter-
net has expanded into multiple dimensions, in which
the real and virtual worlds have blended together. The
human-computer interaction has ever become human-
machine fusion. Digital twins, native virtualization,
virtual and real fusion, and interaction, are the base
structure of the Metaverse. Although the Metaverse is
still merely at the beginning stage and far from taking
shapes, many applications can serve as discrete pieces
for later integration and formation.
Metaverse-related technologies include but are not Fig. 2 Current technologies and applications in Metaverse eco-
nomics
limited to the combination of artificial intelligence (AI),
data mining and deep learning, VR/AR/XR, the inter-
net of things (IoT), blockchain, edge computing, cloud falls on the more convenient delivery of expert opinions
computing, and 3D reconstruction. and big data analysis to facilitate the activities. Smart
Research studies have explored using technologies appliances and tools enable real-world building, and ap-
for innovative education, healthcare, socialization, and plications can be easily expanded to other sectors, such
more. The industry has also explored Metaverse as retail and virtual tours. Mixed reality technology and
economic activities such as entertainment experience, sensors are integrated to provide possible immersive in-
blockchain, non-fungible tokens (NFTs), Web 3.0, and teractions.
so on. In this section, we discuss the typical applica- The secondary sector of the economy covers the man-
tions in different fields based on the popular four-sector ufacturing of goods, including the processing of mate-
model in economy [36], how they match the four char- rials produced by the primary sector, construction, and
acteristics mentioned in the prior section, and their po- the public utility industries of electricity, gas, and water.
tential extension in the Metaverse. Figure 2 depicts how Aerospace, shipbuilding and energy utilities are also in-
Metaverse technologies support innovative applications cluded in this sector.
in three sectors. The applications on the list of each sec- Digital human models (DHMs) are the main applica-
tor are not exhaustive but are some typical examples. tion intensively used in both the manufacturing industry
The primary sector of the economy is making direct and related academic research fields [102]. Six cate-
use of natural resources, including agriculture, forestry gories were identified that have utilized DHMs through
and fishing, mining, and oil and gas extraction. Ar- prior study reports : (1) the Automotive industry; (2) In-
tificial intelligence and data mining construct reliable dustrial plants; (3) the Aerospace industry; (4) the Mil-
models for farmers and companies to optimize their op- itary industry; (5) the Energy industry. Among them,
erations based on computing and simulations. VR ap- assembly/maintenance, automotive interior assessment,
plications could provide a virtual farming experience, and workplace design and optimization are the top three
while AR applications can integrate with smart sensors application type that DHMs are applied to, which add
to serve as a fully digitized virtual assistant. Precision up to 76.1% of the total. Virtual assembly and mainte-
farming [48], heavy equipment simulation and train- nance have been largely used to replace physical proto-
ing, market learning and planning, remote experts con- typing and traditional procedures. On the other hand,
sulting, hazards training for mining, and simulation of AI and blockchain techniques are also playing growing
oil leakage are a few current typical applications in the roles in the manufacturing industries.
fields. In this sector, the socialization character mainly In aviation and aerospace, VR/AR/MR have played
 4 Big Data Mining and Analytics, 9020047 2022, x(x): xxx-xxx

essential roles in training pilots. Unanticipated events, perspective-taking of public healthcare awareness eas-
weather changes, terrain, and airspace information can ier. Empathy training can strengthen the social net-
all be simulated with multiple variations for pilots to work and improve social support for suffering patients
practice skills in safe environments. The technologies and families. Pilot studies have reported positive feed-
are also used in assisting aircraft maintenance and en- back using VR to cultivate empathy for older peo-
gineer training. Remote and virtual assistance can im- ple [19], nausea and vomiting management [90], visual
prove work efficiency. Furthermore, airlines are invest- deficit [7], and Parkinson’s Disease [63].
ing in bringing in VR headsets to enhance the inflight Virtual assistants based on AI [49] also started to
experience of their passengers [4]. serve in daily lives. From innovative IoT tools to hu-
In the second sector, real-world building and immer- manoids, from completely virtual companions to vir-
sive interactions are realized by virtual planning, de- tual idols and virtual customer service, with the help
sign, engineering, and management. Applications can of deep learning, big data, and AI, are replacing some
be expanded to other sectors, such as educational train- actual human labor or assistants. Media, movies, en-
ing and remote management, thus also further enhanc- tertainment tools, games, financial markets, tours, and
ing socialization. more, are embracing new technologies and attempting
The tertiary sector involves services. Services include to provide more customized services dedicated to their
but are not limited to retail businesses, transportation target audience.
and distribution, restaurants, tourism, insurance, bank- In the tertiary sector, real-world building and immer-
ing, healthcare, and legal services. The following para- sive interactions are delivered through assistant services
graphs list typical Metaverse applications and current provided by robots or virtual agents that connect related
progress in this sector. fields. Added remote or virtual services further enhance
Digital twins have gone a long way to provide more the socialization characteristic in this sector. Applica-
immersive interactions in displays, tours, and art pre- tions can be expanded to different aspects within the
sentations. With the support of scanning cameras and sector or other sectors.
3D reconstruction, VR can replicate existing master- The quaternary sector includes intellectual activities
pieces, galleries, and museums with incredible resolu- and pursuits. Most businesses in this sector are engaged
tion, and bring the site to a remote user. One can stay in research and development, information technology,
at home and enjoy the virtual visits, with the ability to education, and consulting services. The following para-
skip tour lines, 360 degrees of appreciation, and even graphs list typical Metaverse applications and current
possible interactions without causing any damage to the progress in this sector.
original items. On the other hand, onsite visits often in- The most generic applications of Metaverse, espe-
tegrate AR technology with geographic markers to en- cially services and solutions, would be education and
able virtual prompts of related information, audio tours, remote office solutions. 3D reconstructions and simu-
and possible interactions with the objects, eliminating lations can be used to convey knowledge to teach any
the extra physical signs that are limited by space restric- user in the world. From lower skills such as vocabu-
tion and aesthetics concerns. These applications can be lary and concept teaching to higher-order thinking skills
further extended with social attributes such as a virtual such as cognition and leadership, immersive technolo-
guestbook that allows visitors from different time di- gies can provide various help in the specific knowl-
mensions to communicate, as well as trivia quizzes with edge hierarchies. Complicated scenarios that are hard
a leaderboard to enable competition and better retention to elaborate in real life can be created virtually under
of knowledge after a virtual visit. carefully designed system constraints, to provide a re-
IoT and immersive technologies have made modern peatable and interactive experience for users to achieve
healthcare ever smarter. They provide assistance not their learning goals. On the other hand, the remote
only for clinical diagnosis, treatment and research [99], office can bring people together when necessary with-
but also for prevention for onset and relapse [91], re- out limitations on physical distance and travel expenses.
habilitation [83], and medical education [59]. Further- The current telecommunication or video calls may have
more, not just benefiting people’s health, but the em- provided essential solutions during the COVID-19 pan-
bodiment and immersiveness of immersive technolo- demic, but only being able to see facial expressions and
gies, and the remote distribution of IoT have made hear voices are hardly natural office experiences. The
 Yan Huang et al.: Security and Privacy in Metaverse: A Comprehensive Survey 5

new Quest Pro released by Meta just recently will pro-

vide the features of facial tracking, eye tracking, and
possible body tracking, increasing the presence to a
great extent. Companies could customize their own
virtual office or virtual campus and bring teams to-
gether with more native communications, thus increas-
ing meeting and working efficiency.
Military in Metaverse mainly focus on training,
experimentation, and mission rehearsal [5]. Many
wargames and simulations are designed to utilize
VR/AR technology with data analysis, to train the mili-
tary on strategy, decision-making, reactions, and more,
to enhance their defense strength in the absence of real-
world combat [6]. More advanced mixed reality tech-
nologies have already been integrated into the navi-
gation of navy ships and military flights, as well as
their simulators. Furthermore, the social benefit of Fig. 3 Four characteristics of the Metaverse
Metaverse can help recruitment and interconnections in
teams. ternet platform, blockchain, and the game engine will
Blockchain and decentralization technologies have still be hot topics in the next decade on digital infras-
made digital currency and assets so popular that they tructure construction. Based on the infrastructure, the
are closely involved with economic activities and in- ecosystem for both businesses and consumers will be
vestment. Non-fungible tokens (NFTs) are crypto- built with innovative content and interactions. Enter-
graphic tokens built on the Ethereum blockchain tech- tainment, research, manufacturing, healthcare, and edu-
nology, which endorses their value in ownership and cation will all benefit from the ecosystems.
scarcity [58, 83]. People invest in cryptocurrencies, es-
pecially Bitcoin and Ethereum, not just to trade and 3 Existing Security and Privacy Issues and
exchange, but also to make profits just like other tra- Solutions in Metaverse
ditional financial investments. The mainstream use of
NFTs today is for artwork. NFTs are used to mark and Based on the progress and vista of Metaverse, we an-
verify the origin of artwork, therefore asserting its in- alyze the existing security and privacy issues and solu-
vestment value. Art galleries, game assets, virtual real tions in Metaverse based on the four characteristics as
estate, and other digital collectible assets are the top shown in Fig. 3.
NFT marketplaces, which added up to $11.3 billion in 3.1 Socialization Related Security and Privacy Is-
the market value in 2021 [2]. sues and Solutions
In the quaternary sector, since the sector focuses on
higher intellectual activities, immersive interactions are In the Metaverse, users can have social interactions with
naturally embedded among many technology-related each other through the Internet, which means the In-
fields. Researches and development with the help of ternet serves as the backbone for communication and
Metaverse technologies resolve real-world building is- connections. Therefore, Metaverse suffers from all the
sues, and further improve socialization through profes- network-related security and privacy issues exposed in
sional social computing methodologies. Applications social networks.
can be expanded to serve all the above sectors. 3.1.1 Security issues and Solutions
The above-mentioned ongoing research and com- The interactivity of online services accepts input from
mercial usage of Metaverse technologies are contin- users, which gives hackers a chance to steal data from
uously expanding. Infinite possibilities and exten- a venerable system by using injection attacks [32]. To
sions of innovative applications are yet to be ex- prevent this, end-user devices should validate all user
plored. 5G/6G telecommunication network, cloud com- input, permit only minimally privileged accounts to
puting/edge computing, AI empowerment, industrial in- send user input to the server, and run SQL Server with
 6 Big Data Mining and Analytics, 9020047 2022, x(x): xxx-xxx

Table 1 Metaverse Applications, Security and Privacy Issues and Solutions Comparison

Security and Privacy Issues Solutions

Injection Attacks [32], End User Validation [80], Strong Authentication and Cryptographic
Man-in-the-Middle Attacks [12], Protocols [11, 51], Attack Detection and Monitor [14, 54],
Socialization
Cross Site Scripting [30], Deep Learning-Based Detection [34], Secure Programming Practice [71]
Privacy Leakage [13, 20, 70] K-Anonymity [89], L-Diversity [66],Differential Privacy [31]
Insecure Deserialization [57, 75, 96],
Immersive Firewall [75],Static Scan [57], End-to-End Authentication Protocol [50],
Sensory Data Leakage [46, 47, 101],
Interaction Two-Factor [94] or Three-Factor [81] Authentication, Local Storage [9]
Biometrics Leakage [24, 25, 103]
Real World Graph-based framework for privacy preservation [62],
Meta User Relations [44, 61, 65]
Building Differential Privacy [100]
Third-Party Tracking [56], Third-Party Tracking/Cross-App Tracking Analysis Tools and
Expandability
Cross-App Tracking [79] Detection Algorithms [87], Machine Learning Based Blocking Model [27]
Virtual Economy Security [53],
Data Security and Privacy Blockchain [76], NFT [8], Cryptocurrency [33],
Combination
in Digital Twin [74], Federated Learning [74, 97], Reinforcement Learning [73]
Data Poison [45]

the least necessary privileges [80]. Man-in-the-middle The private or sensitive information of users can be
attacks eavesdrop on or alter the communication be- leaked from public information from a secure social net-
tween user and server and may intercept/modify data work platform. Social network sites ask users to cre-
packets, thus compromising confidentiality, integrity, ate a profile that contains sensitive information [20].
and availability of the system [12]. The most effective Users are willing to share their other activities to en-
way to prevent this attack is by utilizing strong authen- joy the services provided by the platform, such as shop-
tication and cryptographic protocols [11, 51]. Authen- ping services from the business platform and friends-
tication algorithms can be applied to preserve the data making services on Facebook, etc [20]. A malicious
integrity in communication channels [23], while cryp- party can collect sensitive information of social network
tographic protocols can be used to achieve data avail- users from their online profiles and public information.
ability [43]. Meanwhile, attack detection algorithms In [77], the researcher found that privacy in publishing
are necessary to monitor the system and prevent fur- social network data is being used by unexpected people
ther attacks if detected [14]. Cross Site Scripting such as social network providers, analysts, adversaries,
(XSS) attacks inject external malicious JavaScript code etc. Meanwhile, the social network platform provider
into websites. Attackers can inject malicious JavaScript may trade the collected users’ profile and activity in-
code directly into the client website or into a store lo- formation in the data market [16, 18, 70], thus increas-
cation where it will be requested by the client web- ing the unpredictable risk of privacy leakage. Analysts
site [30]. Metaverse with embedded web pages is ven- can collect users’ information from public data or pur-
erable to this type of attack. A web proxy with XXS chase from the social network provider. These data can
detection algorithms can be used to mitigate possi- be used to mine purposely for marketing and advertis-
ble cross-site scripting attempts [54]. Recently, deep ing [64, 92]. Adversaries can utilize personal informa-
learning model utilization improved the XXS detection tion to send phishing or scam messages. These mes-
accuracy and effectiveness [34]. From the software sages with real personal information dramatically in-
engineering aspect, the Open Web Application Secu- crease the success rate of phishing or scam, thus causing
rity Project (OWASP) published XSS Prevention Cheat severe troubles to social network users [38]. Recently,
Sheet [71] to guide software engineers in preventing Generative adversarial networks (GAN) have been em-
XXS attacks in web application development. ployed to generate fake voices, images, or videos that
3.1.2 Privacy issues and Solutions hear/look real based on the public voice, image, or
Privacy leakage happens almost every where in social video data. These almost real fake data have caused
networks, even in a well-maintained, secure platform. more critical fraud and crime than ever before [52, 67].
 Yan Huang et al.: Security and Privacy in Metaverse: A Comprehensive Survey 7

The best way to protect users’ privacy is to cut the data 3.2 Immersive Interaction Related Security and
exposure on the clients’ side. K-anonymity [89] and L- Privacy Issues and Solutions
diversity [66] are algorithms to hide users’ real data in
a set of fake data, thus preventing users’ real data be The immersive interaction involves many devices,
detected. Differential privacy [31] is a statistical disclo- such as wearable devices, headsets, base stations, and
sure control algorithm that can disturb each user’s real controllers, with massive data exchange. Data serializa-
data but still can have a relatively accurate statistical re- tion and deserialization are essential to exchange (send
sult from a group of people. To prevent GAN based and receive) data. However, attackers may be able to in-
attacks, anti-GAN algorithms [21, 88] are invented to ject hostile serialized data into the communication and
add noise to users’ different types of data to prevent make it the initial entry point to a complex system. This
fake data generation. The noise is invisible to people kind of attack is called Insecure Deserialization which
but will lead the GAN to generate fake data that are dif- is one of the top 10 security risks [96]. For exam-
ferent from the real data. ple, [75] shows a deserialization vulnerability in the An-
Users’ confidential information may also be leaked droid system that allows for arbitrary code execution in
from data breaches. There are more than 9000 data the context of many apps and services and elevates the
breaches since 2005 that led to the loss of 11.5 billion privileges of malicious applications. There are multiple
individual records that made a significant financial and methods to avoid insecure deserialization attacks: the
technical impact [39, 41]. In [22], Chen et al. proposed data serialization should be encrypted and monitored;
possible solutions to prevent and detect data breaches the data sources should always be authenticated; a fire-
in the platform. Based on their analysis, we suggest wall can be utilized in a computing-capable device [75].
the following defending strategies. Basic security pro- The deserialization vulnerability can be analyzed with
tection mechanisms are always needed and should be static scan [57]. Further improvement and enhancement
enhanced, including firewall, antivirus, authentication, can be executed based on the analysis report.
and access control. Besides, data leak prevention and Communication among all these devices and re-
detection techniques are necessary for platforms. These mote/cloud services gives users an immersive experi-
techniques can be categorized into content-based ap- ence. These devices are also embedded with many sen-
proaches and context-based approaches. Content-based sors that can collect more sensitive information, such as
approaches [82, 86] are mostly rule-based algorithms fingerprints, locations, and facial identities [46,47,101].
that detect data fingerprints that are added to or exist A security breach can cause more critical risks to users
in stored data. A data leak is detected if a known fin- of these devices because many biometrics (e. g. fin-
gerprint is detected in external space. Context-based gerprint and facial identity) are unique and will not
approaches [68, 85, 85] use machine learning and data change throughout the life span of users. As a result,
mining-based algorithms to detect abnormal access pat- rigorous protection should be applied to each device
terns to internal data or to detect the watermark in the and communication. An efficient end-to-end authenti-
unauthorized data. Context-based and content-based cation protocol was proposed [50] to secure the infor-
approaches are strongly encouraged to be performed si- mation collected from wearable health monitoring sen-
multaneously to keep monitoring the security status of sors based on quadratic residues. For wearable devices
data [26]. with limited computational capability and battery, some
Sometimes, platforms can also leak information from lightweight authentication protocols can be applied.
inadvertent data publication or improper security or Das et al. [29] invented a scheme that allows users to
privacy protection configuration. For example, Net- mutually authenticate their wearable devices and the
flix published an anonymized dataset for a $1 million mobile terminal and establish a session key among these
prize recommendation competition [13]. However, the devices for secure communication between the wear-
anonymized dataset was used to infer users’ sensitive able device and the mobile terminal. Two-factor [94]
information by linking with other datasets. To avoid or three-factor [81] authentication methods are widely
this kind of risk, platforms should employ high-level used to enhance security protection.
security and privacy protection mechanisms with proper While biometrics-based authentication such as using
configurations. The platform should always include ex- voice [25], fingerprint [24], and face [103] is popular
perts to evaluate the impacts before any data release. nowadays because of their convenience, these methods
 8 Big Data Mining and Analytics, 9020047 2022, x(x): xxx-xxx

may also cause the risk of leaking users’ biometrics. usually built among applications to compose a single
Pagnin et al. [72] discussed the possibility and impact multi-functional Metaverse, as in mobile devices. How-
of biometrics leakage in authentication systems. The ever, these communication channels allow one app to
best practice is to keep all biometrics in the local de- read the system component’s status and the other app’s
vice and never send them out. As Apple did for their outgoing information, which may create a back door
touchID, the fingerprint will be stored and encrypted in for third-party tracking/cross-app tracking [79]. As a
the local chip instead of their remote server [9]. Their result, users’ privacy can be leaked from third-party
devices will compare the authenticating fingerprint with tracking/cross-app tracking.
stored fingerprint records. The only output from the au- The first step of the solution would be to prevent
thentication system is TRUE or FALSE. Thus, even if third-party tracking/cross-app tracking is to block un-
the device or remote service provider is hacked, the fin- necessary tracking channels in the system. Both Apple
gerprints are still safe. and Google have built strict cross-app tracking authen-
tication in their iOS and Android mobile system [55].
3.3 Real World-Building Related Security and Pri-
Users get to decide which app can have the right to
vacy Issues and Solutions
track other apps. Even with this, users may make mis-
The world-building environment simulates the real takes in decisions or even simply click the wrong button
world. Each user has character settings in the world- and give away the control. On the other hand, seam-
building environment with complete information on ev- lessly interconnected devices in the Metaverse via Blue-
ery aspect, including hobbies, interests, friendships, and tooth and other communication protocols promise un-
expertise. The complete information of a user can build limited room for third-party tracking/cross-app track-
a user profile that reveals significant meta relations [65]. ing [17,56]. To further improve the solution, third-party
The user profiles, together with the knowledge graph, tracking/cross-app tracking analysis tools and detection
are typically used for recommendation systems [44,61]. algorithms should be applied [87]. Considering that
However, massive users’ privacy is at risk of being the computational power of devices is usually limited
leaked from user profiling. Some privacy protection in the early metaverse era, especially with mobile and
mechanisms should be applied to protect users’ privacy other portable devices, a lightweight detection mech-
while maintaining the world-building environment and anism can be utilized to detect and block third-party
accurate recommendation system. Hasan et al. [42] dis- tracking/cross-app tracking by using a blocklist to block
cussed user profiling with big data techniques, the as- known threat requests and some machine learning mod-
sociated privacy challenges, and the approaches to pre- els to detect and block malicious activities from a third
serving user privacy. Li et al. proposed a graph-based party [27].
framework for privacy preservation [62]. In their work,
a graph was built for dataset representation, background 4 Possible Security and Privacy Issues and
knowledge specification, anonymity operation design, Solutions in Metaverse
and attack inferring analysis. This framework can ac-
commodate various datasets of the world-building en- Metaverse simulates the real world with many exten-
vironment. In [100], the authors added information sions. The economy is one must-have factor to sup-
perturbation mechanisms with differential privacy into port all the activities in Metaverse. Some traditional
the recommendation system and created an encryption companies, including restaurants such as McDonald’s
paradigm to enforce privacy protection. and retailers such as Nike, are preparing for the Meta-
verse to become a space where one can go shopping,
3.4 Expandability Related Security and Privacy Is-
play games, meet friends, attend concerts, work and
sues and Solutions
generally build a virtual life [53]. In preparing for
Metaverse extends the real-world building environment these activities, digital assets, such as digital arts, vir-
by adding more functions. For example, users can have tual goods, and services, have gained their investment
“in-person” meetings in a VR room, shop in a virtual value in Metaverse and become important in the virtual
mall, or operate surgery remotely. These functionali- economy. Blockchain [76] technology, cryptocurrency,
ties are added to the Metaverse system through many and NFT play a vital role in supporting and securing
different applications. Communication channels are the virtual economy in Metaverse, by certificating the
 Yan Huang et al.: Security and Privacy in Metaverse: A Comprehensive Survey 9

unique identity (recorded in the blockchain) of virtual other security problem in DT. Data poisoning attacks
assets that can be owned and traded [8]. Normal cur- pollute DT learning by tampering with the training data
rency may still be functioning in Metaverse, but the tra- or labels, thus decreasing the model’s utility. If the at-
ditional centralized payment system has many problems tacker dominates the training process, it can manipulate
people want to avoid in the new digital world, such as the training result. In [73], the authors proposed a rein-
unreliability system, credit fraud, and privacy leakage. forcement learning (RL)-based intelligent central server
Cryptocurrency is a digital currency that is based on with the capability of recognizing heterogeneity or data
blockchain [33]. Thus, it does not rely on any central poison attack in the FL training process. When minor-
platform. Users can have an anonymized, secure pay- ity clients or data poison attacks are detected, the central
ment experience based on cryptocurrency. Cryptocur- server will remove their updates to keep the best perfor-
rency and NFT also have their drawbacks, such as legal mance of the trained model.
issues and collusion between majority entities. These In the complicated environment of the Metaverse,
issues are expected to be resolved or mitigated with phishing also gets more sophisticated. Users create their
technology improvement. avatars and deal with other users’ avatars representing
World-building is one of the necessary characteris- actual humans. Pictures or 3D models are used to build
tics of the Metaverse. The real world simulation has the avatars based on their real or preferred appearance.
been practiced for more than 50 years. Recently, a new These avatars can be easily copied and used in phishing,
technology, Digital Twin (DT), has the ability to present which will not be similar to traditional phishing emails.
an up-to-date environment in operation that includes the It could be an avatar acting like users’ friends or family
environment’s condition and relevant historical data. To in a virtual space like Meta Worlds Horizon. A form
be more sepecific, a DT system is a digital representa- of deep learning technique may be maliciously used to
tion of a physical asset, environment, or system that was imitate appearances, actions, and voices to deceive, thus
initially developed to automatically aggregate, analyze, getting credential information, digital assets, and NFTs
and visualize complex information through continu- from targeted users. Moreover, cybercriminals can copy
ous interactions with the real world [93]. The world- known digital marketplaces and create fake replication
building utilizes DT to model not only the physical to trap users into spending money. Fake replications can
world but also the behavior and performance of physi- be exactly the same as the official virtual space, which
cal entities in the digital world. That is to say, DT keeps makes businesses dangerous in Metaverse, especially
querying massive of data from the environment or ob- for Metaverse newcomers.
ject it represents. These data are stored and processed in For better comparison, all the discussed existing and
DT to decide the overall quality and utility of the DT. In possible security and privacy issues and solutions in
other words, if we want to derive a DT that has no dif- Metaverse are listed in Table 1.
ference from the environment or object it represents, the
environment or object should be transparent to DT and 5 Other Related Issues in Metaverse
have no privacy. Federated Learning (FL) can serve as a
solution for privacy protection because clients only up- In addition to the issues discussed in the previous
load training parameters to the DT instead of raw data. sections in more technological terms, possible mental
Pang et al. proposed a framework that fused city DT and physical health concerns, safety issues, and societal
with FL to achieve a novel collaborative paradigm that problems raised by Metaverse cannot be overlooked.
allows multiple city DTs to share the local strategy and Similar cases have been identified in the Second Life
status quickly [74]. In their work, an FL central server [60] a few years earlier as the common issue of simula-
serves as a global DT and gains the correlations between tion and multi-player gaming platforms. Some of them
various response plans and infection trends. Communi- can happen or even worsen in the upcoming Metaverse,
cation during DT training among all the twins needs to since it consists of not only one gaming platform but an
be protected. Xiong et al. investigate the security vul- entire ecosystem.
nerabilities of the existing neural communication sys- The constant transition between the virtual world and
tem and develop a new defense mechanism to facilitate reality and their mixtures can cause both physical and
secure two-way communication [98]. mental problems. Because of the limitation of the cur-
Besides privacy issues, data poison attack [45] is an- rent immersive technologies, the hardware causes fa-
 10 Big Data Mining and Analytics, 9020047 2022, x(x): xxx-xxx

tigue and motion sickness in a relatively short period of Since the Metaverse is open to everyone, legit or
time, typically after two or three hours of usage. This malicious, the “Darkverse” is expected to flourish too,
can cause longer reaction time, cognitive fatigue, con- as long as malicious users master the necessary tech-
centration decrease, avoidance of deep thinking, or even niques. The darkverse is similar to the dark web, ex-
loss of interest in real life. Similar to internet addic- cept it exists inside the Metaverse. Illegal or criminal
tion, too much exposure to Metaverse could also cause activities will be more challenging to be detected and
cybersyndrome [69]. Physical disorders can be expe- intercepted by law enforcement agencies because of the
rienced, including weight gain or loss, neck or back pseudo-physical presence of the users and non-so-easy-
pain, dry and red eyes, and other physical discomforts. to-break tokens.
Balance disorders, failure in hand-eye coordination, vi- The Second Life was infamous once because of vir-
sion impairment, and spatial miscalculation can also tual grope and sexual harassment. Despite how ad-
happen. Mentally, social disorders could happen, such vanced and wholesome the Metaverse may seem, the
as neglecting friends and family, sociophobia, or even same problems could still happen. On Meta’s Horizon
depression, because of the gap in self-expectation and Worlds, where a maximum of 20 avatars can hang out
real-life position. together and build within the virtual space, women are
In addition to the previous section mentioned privacy already complaining about sexual harassment [1]. Bet-
and security issues, social engineering attacks [84] will ter mechanisms and safety solutions will be needed to
emerge more since more social communications are car- regulate or prohibit the digital twin version of miscon-
ried out in the digitized Metaverse. Social engineering duct and toxic behaviors.
often intentionally uses psychological manipulation to Other issues include technical difficulties and possi-
trick users. Human feelings, such as curiosity or fear, ble impact on the current economic activities. For ex-
are made into traps to tempt victims. Baiting, Scare- ample, customizable avatars, either humanoids or com-
ware, Pretexting, Phishing, and Spear phishing are com- pletely virtual, will still fall into the tricky “uncanny
monly seen methods used by social engineering attack- valley” [35] just like the Second Life [10]. Mori states
ers. Social security numbers, health records, passwords, that “as a robot is becoming more vivid, the emotional
or even virtual identity, will be harvested if the Meta- response from a human being to the robot will be-
verse residents have no precautions or awareness. come increasingly positive and empathic, until a point
In a larger societal scale, identity crisis can happen is reached beyond which the response quickly becomes
to people, especially teenagers who do not have mature that of strong repulsion” [3]. Many researchers have
cognition yet. The digital twin of the person or virtual investigated the situation but only to find it hard to re-
avatar may create a mismatch between their real iden- solve. This brings up even more challenges in the field
tity and the virtual world, both in appearance and inter- since immersiveness will provide more presence and,
nal mental status. Too much virtual involvement may thus, cause stronger repulsion if it falls into the uncanny
blur the boundary of both worlds, and malicious ideol- valley. A careful balancing of human-like features in
ogy may be easily instilled, such as bias, discrimination, the design of virtual avatars or androids cannot be un-
violence, and even viral propaganda. derestimated.
Customizable avatars and more data computing pow- Last but not least, there are plenty of new words be-
ered AI will easily cause “information cocoons” or ing coined along with “Metaverse”, such as “Metasoci-
so-called “echo room effect” and thus shallow cogni- ety”, “Metaeconomics”, “Metamanagement”, “Metaen-
tion [37]. Intelligent recommendations, big data anal- terprise”, “Metacity”, and so on [95]. The job market
ysis, adaptation engines, and IoT personalized digital may face a crisis and transition once more; some current
assistants will isolate individuals, especially younger and traditional profitable jobs may be replaced. New
generations, who habitually rely on smart devices and products and services, job profiles, and business models
their recommendations. What the individual receives will be needed to adapt to the challenges and impacts.
is no longer comprehensive knowledge but fragmented
and biased information source. It is threatening to the 6 Conclusions
culture that the younger generations are vulnerable to
the influence of the Metaverse, resulting in losing deep In this paper, we have identified the four core char-
thinking and critical thinking skills. acteristics that help define and summarize the current
 Yan Huang et al.: Security and Privacy in Metaverse: A Comprehensive Survey 11

progress of using cutting-edge technologies under the Systems and Mining, pages 312–319, Berlin, Heidelberg,
umbrella of Metaverse. Also investigated topics are 2011. Springer Berlin Heidelberg.
the existing security and privacy issues and solutions [13] Robert M Bell, Yehuda Koren, and Chris Volinsky. The
bellkor solution to the netflix prize. KorBell Team’s Report
of Metaverse accordingly to the four core characteris-
to Netflix, 2007.
tics. The discussion is then further expanded to other [14] Bharat Bhushan, G. Sahoo, and Amit Kumar Rai. Man-
possible security and privacy issues. Finally, we also in-the-middle attack in wireless and computer network-
discussed other general related issues in Metaverse. ing — a review. In 2017 3rd International Conference
By reviewing and summarizing the literature, we wish on Advances in Computing,Communication Automation
to inspire the discussions on necessary provisions for (ICACCA) (Fall), pages 1–6, 2017.
[15] Ana Boa-Ventura. Virtual Worlds and Behavioral Change.
Metaverse-related research and applications regarding
Advances in Social Networking and Online Communities,
security and privacy issues, and provide insight for fu- pages 271–286, 2011.
ture studies. [16] Zhipeng Cai and Zaobo He. Trading private range count-
ing over big iot data. In 2019 IEEE 39th International
Acknowledgement Conference on Distributed Computing Systems (ICDCS),
pages 144–153, 2019.
This work is partially supported by National Science [17] Zhipeng Cai and Xu Zheng. A private and efficient mech-
Foundation: NSF 1912753. anism for data uploading in smart cyber-physical systems.
IEEE Transactions on Network Science and Engineering,
References
7(2):766–775, 2020.
[1] The metaverse has a groping problem already. [18] Zhipeng Cai, Xu Zheng, Jinbao Wang, and Zaobo He. Pri-
[2] Non-fungible Token Market Size, Share, Trends, and vate data trading towards range counting queries in inter-
Forecast 2030. net of things. IEEE Transactions on Mobile Computing,
[3] The Uncanny Valley: The Original Essay by Masahiro pages 1–1, 2022.
Mori, June 2012. [19] Aleda M. H. Chen, Mary E. Kiersma, Karen S. Yehle, and
[4] Emirates unveils first airline virtual reality app in Oculus Kimberly S. Plake. Impact of an Aging Simulation Game
store, September 2021. on Pharmacy Students’ Empathy for Older Adults. Amer-
[5] The Full Potential of a Military Metaverse, February 2022. ican Journal of Pharmaceutical Education, 79(5), June
2015.
[6] Us military pioneers metaverse experiences that are amaz-
[20] Xi Chen and Katina Michael. Privacy issues and solu-
ingly sophisticated, May 2022.
tions in social network sites. IEEE Technology and Society
[7] Drew Alexander, Thuy Nguyen, Patrick Keller, Jason Or-
Magazine, 31(4):43–53, 2012.
losky, Shilpa Brown, Elena Wood, Onyeka Ezenwoye, and
[21] Zhenzhu Chen, Anmin Fu, Yinghui Zhang, Zhe Liu, Fan-
Wanda Jirau-Rosaly. Design of Visual Deficit Simulation
jian Zeng, and Robert H. Deng. Secure collaborative deep
for Integration into a Geriatric Physical Diagnosis Course.
learning against gan attacks in the internet of things. IEEE
In 2020 IEEE Conference on Virtual Reality and 3D User
Internet of Things Journal, 8(7):5839–5849, 2021.
Interfaces Abstracts and Workshops (VRW), pages 838–
[22] Long Cheng, Fang Liu, and Danfeng (Daphne) Yao. En-
839, March 2020.
terprise data breach: causes, challenges, prevention, and
[8] Lennart Ante. The non-fungible token (nft) market and future directions. WIREs Data Mining and Knowledge
its relationship with bitcoin and ethereum. FinTech, Discovery, 7(5):e1211, 2017.
1(3):216–224, 2022. [23] Stefano Chessa, Roberto Di Pietro, Erina Ferro, Gaetano
[9] Apple. About touch id advanced security technology, Giunta, and Gabriele Oligeri. Mobile application secu-
2022. rity for video streaming authentication and data integrity
[10] Elif Ayiter. Syncretia: A Sojourn into the Uncanny Val- combining digital signature and watermarking techniques.
ley. In Roy Ascott, Gerald Bast, Wolfgang Fiel, Mar- In 2007 IEEE 65th Vehicular Technology Conference -
garete Jahrmann, and Ruth Schnell, editors, New Reali- VTC2007-Spring, pages 634–638, 2007.
ties: Being Syncretic, pages 26–29. Springer Vienna, Vi- [24] T Charles Clancy, Negar Kiyavash, and Dennis J Lin. Se-
enna, 2009. cure smartcardbased fingerprint authentication. In Pro-
[11] Mourade Azrour, Jamal Mabrouki, Azedine Guezzaz, and ceedings of the 2003 ACM SIGMM workshop on Biomet-
Yousef Farhaoui. New enhanced authentication protocol rics methods and applications, pages 45–52, 2003.
for internet of things. Big Data Mining and Analytics, [25] A. Cocioceanu, M. Barbulescu, T. Ivanoaica, M. Rapor-
4(1):1–9, 2021. taru, and A. I. Nicolin. Testing voice-based biometrics au-
[12] Xiaolong Bai, Liang Hu, Zixing Song, Feiyan Chen, and thentication platforms for romanian utterances through in-
Kuo Zhao. Defense against dns man-in-the-middle spoof- frequent consonant clusters. In 2016 15th RoEduNet Con-
ing. In Zhiguo Gong, Xiangfeng Luo, Junjie Chen, Jing- ference: Networking in Education and Research, pages
sheng Lei, and Fu Lee Wang, editors, Web Information 1–4, 2016.
 12 Big Data Mining and Analytics, 9020047 2022, x(x): xxx-xxx

[26] Elisa Costante, Davide Fauri, Sandro Etalle, Jerry [38] Diksha Goel and Ankit Kumar Jain. Mobile phishing
Den Hartog, and Nicola Zannone. A hybrid framework for attacks and defence mechanisms: State of art and open
data loss prevention and detection. In 2016 IEEE security research challenges. Computers Security, 73:519–544,
and privacy workshops, pages 324–333. IEEE, 2016. 2018.
[27] Federico Cozza, Alfonso Guarino, Francesco Isernia, Del- [39] Seena Gressin. The equifax data breach: What to do. Fed-
fina Malandrino, Antonio Rapuano, Raffaele Schiavone, eral Trade Commission, 8, 2017.
and Rocco Zaccagnino. Hybrid and lightweight detection [40] Dean A. F. Gui, Lan Li, Dora Wong, and Gigi Au Yeung.
of third party tracking: Design, implementation, and eval- ’Good to use for virtual consultation time’: Second Life
uation. Computer Networks, 167:106993, 2020. activities for and beyond the technical and web-based En-
[28] Gibbons Damiana, Alecia Magnifico, Eduardo S. Jun- glish writing classroom. Metaverse Creativity, 2(1):57–
queira, Laura Nicosia, and Michael Wagner. Book Re- 76, 2012.
view: Multimodal Pedagogies in Diverse Classrooms: [41] Hicham Hammouchi, Othmane Cherqi, Ghita Mezzour,
Representation, Rights and Resources, the Digital Pen- Mounir Ghogho, and Mohammed El Koutbi. Digging
cil: One-to-One Computing for Children, the Second Life deeper into data breaches: An exploratory data analysis of
Herald: The Virtual Tabloid That Witnessed the Dawn of hacking breaches over time. Procedia Computer Science,
the Metaverse, the Media and International Communica- 151:1004–1009, 2019.
tion. E-Learning and Digital Media, 5(4):497–507, 2008. [42] Omar Hasan, Benjamin Habegger, Lionel Brunie, Nadia
[29] Ashok Kumar Das, Mohammad Wazid, Neeraj Ku- Bennani, and Ernesto Damiani. A discussion of privacy
mar, Muhammad Khurram Khan, Kim-Kwang Raymond challenges in user profiling with big data techniques: The
Choo, and YoungHo Park. Design of secure and eexcess use case. In 2013 IEEE International Congress
lightweight authentication protocol for wearable devices on Big Data, pages 25–30, 2013.
environment. IEEE Journal of Biomedical and Health In-
[43] Masahito Hayashi and Ángeles Vázquez-Castro. Physi-
formatics, 22(4):1310–1322, 2018.
cal layer security protocol for poisson channels for passive
[30] G.A. Di Lucca, A.R. Fasolino, M. Mastoianni, and P. Tra-
man-in-the-middle attack. IEEE Transactions on Informa-
montana. Identifying cross site scripting vulnerabilities
tion Forensics and Security, 15:2295–2305, 2020.
in web applications. In Proceedings. Sixth IEEE Inter-
[44] Chu Huang, Qianzhen Zhang, Deke Guo, Xiang Zhao, and
national Workshop on Web Site Evolution, pages 71–80,
Xi Wang. Discovering association rules with graph pat-
2004.
terns in temporal networks. Tsinghua Science and Tech-
[31] Cynthia Dwork. Differential privacy: A survey of results.
nology, 28(2):344–359, 2023.
In Manindra Agrawal, Dingzhu Du, Zhenhua Duan, and
[45] W. Ronny Huang, Jonas Geiping, Liam Fowl, Gavin Tay-
Angsheng Li, editors, Theory and Applications of Mod-
lor, and Tom Goldstein. Metapoison: Practical general-
els of Computation, pages 1–19, Berlin, Heidelberg, 2008.
purpose clean-label data poisoning. In H. Larochelle,
Springer Berlin Heidelberg.
M. Ranzato, R. Hadsell, M.F. Balcan, and H. Lin, edi-
[32] Khaled Elshazly, Yaser Fouad, Mohamed Saleh, and Adel
tors, Advances in Neural Information Processing Systems,
Sewisy. A survey of sql injection attack detection and
volume 33, pages 12080–12091. Curran Associates, Inc.,
prevention. Journal of Computer and Communications,
2020.
02:1–9, 01 2014.
[33] Fan Fang, Carmine Ventre, Michail Basios, Leslie Kan- [46] Yan Huang, Zhipeng Cai, and Anu G. Bourgeois. Search
than, David Martinez-Rego, Fan Wu, and Lingbo Li. locations safely and accurately: A location privacy protec-
Cryptocurrency trading: a comprehensive survey. Finan- tion algorithm with accurate service. Journal of Network
cial Innovation, 8(1):1–59, 2022. and Computer Applications, 103:146–156, 2018.
[34] Yong Fang, Yang Li, Liang Liu, and Cheng Huang. Deep- [47] Yan Huang, Xin Guan, Hongyang Chen, Yi Liang, Shan-
xss: Cross site scripting detection based on deep learning. shan Yuan, and Tomoaki Ohtsuki. Risk assessment of pri-
In Proceedings of the 2018 International Conference on vate information inference for motion sensor embedded
Computing and Artificial Intelligence, ICCAI 2018, page iot devices. IEEE Transactions on Emerging Topics in
47–51, New York, NY, USA, 2018. Association for Com- Computational Intelligence, 4(3):265–275, 2020.
puting Machinery. [48] William Hurst, Frida Ruiz Mendoza, and Bedir Tekinerdo-
[35] Zhixin Fang, Libai Cai, and Gang Wang. MetaHuman gan. Augmented Reality in Precision Farming: Concepts
Creator The starting point of the metaverse. In 2021 Inter- and Applications. Smart Cities, 4(4):1454–1468, Decem-
national Symposium on Computer Technology and Infor- ber 2021.
mation Science (ISCTIS), pages 154–157, June 2021. [49] Thien Huynh-The, Quoc-Viet Pham, Xuan-Qui Pham,
[36] Allan G. B. Fisher. Production, Primary, Secondary and Thanh Thi Nguyen, Zhu Han, and Dong-Seong Kim. Ar-
Tertiary. Economic Record, 15(1):24–38, 1939. tificial Intelligence for the Metaverse: A Survey, February
[37] Jiajia Ge. Multiple Influences of Intelligent Technology 2022.
on Network Behavior of College Students in the Meta- [50] Qi Jiang, Jianfeng Ma, Chao Yang, Xindi Ma, Jian Shen,
verse Age. Journal of Environmental and Public Health, and Shehzad Ashraf Chaudhry. Efficient end-to-end au-
2022:e2750712, June 2022. thentication protocol for wearable health monitoring sys-
Yan Huang et al.: Security and Privacy in Metaverse: A Comprehensive Survey 13

tems. Computers Electrical Engineering, 63:182–195, [64] Xueting Liao, Danyang Zheng, and Xiaojun Cao. Coro-
2017. navirus pandemic analysis through tripartite graph clus-
[51] Nikolaos Karapanos and Srdjan Capkun. On the effec- tering in online social networks. Big Data Mining and
tive prevention of tls man-in-the-middle attacks in web Analytics, 4(4):242–251, 2021.
applications. In Proceedings of the 23rd USENIX Con- [65] Jiabin Liu, Chengliang Chai, Yuyu Luo, Yin Lou, Jian-
ference on Security Symposium, SEC’14, page 671–686, hua Feng, and Nan Tang. Feature augmentation with rein-
USA, 2014. USENIX Association. forcement learning. In 2022 IEEE 38th International Con-
[52] Samar Samir Khalil, Sherin M. Youssef, and Sherine Nagy ference on Data Engineering (ICDE), pages 3360–3372,
Saleh. icaps-dfake: An integrated capsule-based model 2022.
for deepfake image and video detection. Future Internet, [66] Ashwin Machanavajjhala, Daniel Kifer, Johannes Gehrke,
13(4), 2021. and Muthuramakrishnan Venkitasubramaniam. L-
[53] Michel Kilzi. The new virtual economy of the metaverse, diversity: Privacy beyond k-anonymity. ACM Trans.
2022. Knowl. Discov. Data, 1(1):3–es, mar 2007.
[54] Engin Kirda, Nenad Jovanovic, Christopher Kruegel, and [67] Neal Mangaokar and Atul Prakash. Dispelling misconcep-
Giovanni Vigna. Client-side cross-site scripting protec- tions and characterizing the failings of deepfake detection.
tion. Computers Security, 28(7):592–604, 2009. IEEE Security Privacy, 20(2):61–67, 2022.
[68] Sunu Mathew, Michalis Petropoulos, Hung Q Ngo, and
[55] Konrad Kollnig, Anastasia Shuba, Max Van Kleek,
Shambhu Upadhyaya. A data-centric approach to in-
Reuben Binns, and Nigel Shadbolt. Goodbye tracking?
sider attack detection in database systems. In Interna-
impact of iOS app tracking transparency and privacy la-
tional Workshop on Recent Advances in Intrusion Detec-
bels. In 2022 ACM Conference on Fairness, Accountabil-
tion, pages 382–401. Springer, 2010.
ity, and Transparency. ACM, jun 2022.
[69] Huansheng Ning, Sahraoui Dhelim, Mohammed Amine
[56] Aleksandra Korolova and Vinod Sharma. Cross-app track-
Bouras, Amar Khelloufi, and Ata Ullah. Cyber-Syndrome
ing via nearby bluetooth low energy devices. CODASPY
and its Formation, Classification, Recovery and Preven-
’18, page 43–52, New York, NY, USA, 2018. Association
tion. IEEE Access, 6:35501–35511, 2018.
for Computing Machinery.
[70] Chaoyue Niu, Zhenzhe Zheng, Fan Wu, Shaojie Tang, Xi-
[57] Nikolaos Koutroumpouchos, Georgios Lavdanis, Eleni
aofeng Gao, and Guihai Chen. Unlocking the value of pri-
Veroni, Christoforos Ntantogian, and Christos Xenakis.
vacy: Trading aggregate statistics over private correlated
Objectmap: Detecting insecure object deserialization. In
data. KDD ’18, page 2031–2040, New York, NY, USA,
Proceedings of the 23rd Pan-Hellenic Conference on In-
2018. Association for Computing Machinery.
formatics, pages 67–72, 2019.
[71] Open Web Application Security Project
[58] Logan Kugler. Non-fungible tokens and the future of (OWASP). XSS Prevention Cheat Sheet.
art. Communications of the ACM, 64(9):19–20, Septem- https://cheatsheetseries.owasp.org/
ber 2021. cheatsheets/DOM_based_XSS_Prevention_
[59] Bokyung Kye, Nara Han, Eunji Kim, Yeonjeong Park, and Cheat_Sheet.html, 2021.
Soyoung Jo. Educational applications of metaverse: possi- [72] Elena Pagnin, Christos Dimitrakakis, Aysajan Abidin, and
bilities and limitations. Journal of Educational Evaluation Aikaterini Mitrokotsa. On the leakage of information in
for Health Professions, 18, December 2021. biometric authentication. In International Conference on
[60] Ronald Leenes. Privacy Regulation in the Metaverse. Cryptology in India, pages 265–280. Springer, 2014.
pages 123–136, 2009. [73] Junjie Pang, Yan Huang, Zhenzhen Xie, Qilong Han,
[61] Guoliang Li, Chengliang Chai, Ju Fan, Xueping Weng, and Zhipeng Cai. Realizing the heterogeneity: A self-
Jian Li, Yudian Zheng, Yuanbing Li, Xiang Yu, Xiaohang organized federated learning framework for iot. IEEE In-
Zhang, and Haitao Yuan. Cdb: Optimizing queries with ternet of Things Journal, 8(5):3088–3098, 2021.
crowd-based selections and joins. In Proceedings of the [74] Junjie Pang, Yan Huang, Zhenzhen Xie, Jianbo Li, and
2017 ACM International Conference on Management of Zhipeng Cai. Collaborative city digital twin for the covid-
Data, New York, NY, USA, 2017. Association for Com- 19 pandemic: A federated learning solution. Tsinghua
puting Machinery. Science and Technology, 26(5):759–771, 2021.
[62] Xiang-Yang Li, Chunhong Zhang, Taeho Jung, Jianwei [75] Or Peles and Roee Hay. One class to rule them all: 0-day
Qian, and Linlin Chen. Graph-based privacy-preserving deserialization vulnerabilities in android. In 9th USENIX
data publication. In Proceedings ofhe 35th Annual IEEE workshop on offensive technologies (WOOT 15), 2015.
International Conference on Computer Communications, [76] Renana Peres, Martin Schreier, David A Schweidel, and
pages 1–9, 2016. Alina Sorescu. Blockchain meets marketing: Opportuni-
[63] Yi Joy Li, Cody Ducleroir, Tyler Ian Stollman, and Elena ties, threats, and avenues for future research, 2022.
Wood. Parkinson’s Disease Simulation in Virtual Reality [77] Vu Viet Hoang Pham, Shui Yu, Keshav Sood, and Lei Cui.
for Empathy Training in Medical Education. In 2021 IEEE Privacy issues in social networks and analysis: a compre-
Conference on Virtual Reality and 3D User Interfaces Ab- hensive survey. IET Networks, 7(2):74–84, 2018.
stracts and Workshops (VRW), pages 56–59, March 2021. [78] D.W. PINE. Into the metaverse. Time.
 14 Big Data Mining and Analytics, 9020047 2022, x(x): xxx-xxx

[79] Wen Qi, Yichen Xu, Wanfu Ding, Yonghang Jiang, Jian- learning and sdca logistic regression. Mathematics, 9(19),
ping Wang, and Kejie Lu. Privacy leaks when you play 2021.
games: A novel user-behavior-based covert channel on [93] Chenyu Wang, Zhipeng Cai, and Yingshu Li. Sustain-
smartphones. In 2015 IEEE 23rd International Confer- able blockchain-based digital twin management architec-
ence on Network Protocols (ICNP), pages 201–211, 2015. ture for iot devices. IEEE Internet of Things Journal,
[80] Li Qian, Zhenyuan Zhu, Jun Hu, and Shuying Liu. Re- pages 1–1, 2022.
search of sql injection attack and prevention technology. [94] Ding Wang and Ping Wang. Two birds with one stone:
In 2015 International Conference on Estimation, Detec- Two-factor authentication with security beyond conven-
tion and Information Fusion, pages 303–306, 2015. tional bound. IEEE transactions on dependable and se-
[81] Shuming Qiu, Ding Wang, Guoai Xu, and Saru Ku- cure computing, 15(4):708–722, 2016.
mari. Practical and provably secure three-factor authen- [95] Fei-Yue Wang, Rui Qin, Xiao Wang, and Bin Hu. MetaSo-
tication protocol based on extended chaotic-maps for mo- cieties in Metaverse: MetaEconomics and MetaManage-
bile lightweight devices. IEEE Transactions on Depend- ment for MetaEnterprises and MetaCities. IEEE Transac-
able and Secure Computing, 19(2):1338–1351, 2022. tions on Computational Social Systems, 9(1):2–7, Febru-
[82] Martin Roesch. Lightweight intrusion detection for net- ary 2022.
works. In Proceedings of the 13th USENIX conference on [96] Dave Wichers and Jeff Williams. Owasp top-10 2017.
System administration, Nov., pages 229–238, 1999. OWASP Foundation, 3:4, 2017.
[83] F. David Rose, Barbara. M. Brooks, and Albert A. Rizzo. [97] Zhenzhen Xie, Yan Huang, Dongxiao Yu, Reza M. Parizi,
Virtual Reality in Brain Damage Rehabilitation: Review. Yanwei Zheng, and Junjie Pang. Fedee: A federated
CyberPsychology & Behavior, 8(3):241–262, June 2005. graph learning solution for extended enterprise collabora-
[84] Fatima Salahdine and Naima Kaabouch. Social Engineer- tion. IEEE Transactions on Industrial Informatics, pages
ing Attacks: A Survey. Future Internet, 11(4):89, April 1–10, 2022.
2019. [98] Zuobin Xiong, Zhipeng Cai, Chunqiang Hu, Daniel Tak-
[85] Ted E Senator, Henry G Goldberg, Alex Memory, abi, and Wei Li. Towards neural network-based commu-
William T Young, Brad Rees, Robert Pierce, Daniel nication system: Attack and defense. IEEE Transactions
Huang, Matthew Reardon, David A Bader, Edmond on Dependable and Secure Computing, pages 1–14, 2022.
Chow, et al. Detecting insider threats in a real corporate [99] Dawei Yang, Jian Zhou, Rongchang Chen, Yuanlin
database of computer usage activity. In Proceedings of the Song, Zhenju Song, Xiaoju Zhang, Qi Wang, Kai Wang,
19th ACM SIGKDD international conference on Knowl- Chengzhi Zhou, Jiayuan Sun, Lichuan Zhang, Li Bai,
edge discovery and data mining, pages 1393–1401, 2013. Yuehong Wang, Xu Wang, Yeting Lu, Hongyi Xin,
[86] Yuri Shapira, Bracha Shapira, and Asaf Shabtai. Content- Charles A. Powell, Christoph Thüemmler, Niels H. Cha-
based data leakage detection using extended fingerprint- vannes, Wei Chen, Lian Wu, and Chunxue Bai. Expert
ing. arXiv preprint arXiv:1302.2028, 2013. consensus on the metaverse in medicine. Clinical eHealth,
[87] Jingxue Sun, Zhiqiu Huang, Ting Yang, Wengjie Wang, 5:1–9, December 2022.
and Yuqing Zhang. A system for detecting third-party [100] Shijie Zhang, Hongzhi Yin, Tong Chen, Zi Huang, Lizhen
tracking through the combination of dynamic analysis and Cui, and Xiangliang Zhang. Graph embedding for rec-
static analysis. In IEEE Conference on Computer Com- ommendation against attribute inference attacks. In Pro-
munications Workshops, pages 1–6, 2021. ceedings of the Web Conference 2021, WWW ’21, page
[88] Miao Sun, Gurjeet Singh, and Patrick Yin Chiang. Anti- 3002–3014, New York, NY, USA, 2021. Association for
gan: Discriminating 3d reconstructed and real faces for Computing Machinery.
robust facial identity in anti-spoofing generator adversar- [101] Xu Zheng and Zhipeng Cai. Privacy-preserved data shar-
ial network. In 2020 IEEE International Symposium on ing towards multiple parties in industrial iots. IEEE Jour-
Signal Processing and Information Technology (ISSPIT), nal on Selected Areas in Communications, 38(5):968–979,
pages 1–8, 2020. 2020.
[89] LATANYA SWEENEY. k-anonymity: A model for pro- [102] Wenmin Zhu, Xiumin Fan, and Yanxin Zhang. Appli-
tecting privacy. International Journal of Uncertainty, cations and research trends of digital human models in
Fuzziness and Knowledge-Based Systems, 10(05):557– the manufacturing industry. Virtual Reality & Intelligent
570, 2002. Hardware, 1(6):558–579, December 2019.
[90] Mark Taubert, Lucie Webber, Timothy Hamilton, [103] Maheen Zulfiqar, Fatima Syed, Muhammad Jaleed Khan,
Madeleine Carr, and Mark Harvey. Virtual reality videos and Khurram Khurshid. Deep face recognition for bio-
used in undergraduate palliative and oncology medical metric authentication. In 2019 international conference
teaching: results of a pilot study. BMJ supportive & pal- on electrical, communication, and computer engineering
liative care, 9(3):281–285, September 2019. (ICECCE), pages 1–6. IEEE, 2019.
[91] Jane Thomason. Metaverse, Token Economies, and
Chronic Diseases. Global Health Journal, July 2022.
[92] Bogdan Walek and Ondrej Pektor. Data mining of job
requirements in online job advertisements using machine
 Yan Huang et al.: Security and Privacy in Metaverse: A Comprehensive Survey 15

Yan Huang is currently an Assistant Pro- Zhipeng Cai received his Ph.D. and M.S.
fessor in the Department of Software En- degrees in the Department of Computing
gineering Game Development at Kenne- Science at the University of Alberta and a
saw State University (KSU). Dr. Huang re- B.S. degree from Beijing Institute of Tech-
ceived his Ph.D. degree in the Department nology. Dr. Cai is currently an Assistant
of Computing Science at Georgia State Professor in the Department of Computer
University. He is broadly interested in pri- Science at Georgia State University. His re-
vacy and security, with particular emphasis search agenda focuses on networking, pri-
on deep learning aided privacy protection solutions and cyberse- vacy, and big data. He has published more than 50 journal pa-
curity challenges in the IoT environment. pers, including more than 20 IEEE/ACM Transactions papers,
such as in IEEE Transactions on Knowledge and Data Engineer-
Yi (Joy) Li received her Ph.D. and M.S. ing, IEEE Transactions on Dependable and Secure Computing,
degree in Computer Science from the Uni- IEEE/ACM Transactions on Networking, and IEEE Transactions
versity of Louisville, KY in 2018. She on Mobile Computing. Dr. Cai is the recipient of an NSF CA-
is currently an assistant professor of Com- REER Award. He is an editor/guest editor for Algorithmica,
puter Game Design and Development in Theoretical Computer Science, Journal of Combinatorial Opti-
the Department of Software Engineering mization, and IEEE/ACM Transactions on Computational Biol-
and Game Development at Kennesaw State ogy and Bioinformatics. He is a senior member of the IEEE.
University. Her research interests focus on
affective gaming, eXtended reality (XR), and human-computer
interaction. She has extensive experience in gamification for ed-
ucation, and makes an effort in applying gaming tools in health-
care, such as training for empathy or intervention on mental dis-
orders.

View publication stats