Tracking WebVR User Activities through Hand Motions: An Attack Perspective

Research output: Contribution to journalArticlepeer-review

Abstract

With the rapid advancement of graphics processing units (GPUs), Virtual Reality (VR) experiences have significantly improved, enhancing immersion and realism. However, these advancements also raise security concerns in VR. In this paper, I introduce a new attack leveraging known WebVR vulnerabilities to track the activities of VR users. The proposed attack leverages the user’s hand motion information exposed to web attackers, demonstrating the capability to identify consumed content, such as 3D images and videos, and pilfer private drawings created in a 3D drawing app. To achieve this, I employed a machine learning approach to process controller sensor data and devised techniques to extract sensitive activities during the use of target apps. The experimental results demonstrate that the viewed content in the targeted content viewer can be identified with 90% accuracy. Furthermore, I successfully obtained drawing outlines that precisely match the user’s original drawings without performance degradation, validating the effectiveness of the attack.

Original languageEnglish
Pages (from-to)1089-1092
Number of pages4
JournalIEICE Transactions on Information and Systems
VolumeE107.D
Issue number8
DOIs
StatePublished - Aug 2024

Keywords

  • hand motion tracking
  • privacy violation
  • side-channel attacks
  • virtual reality
  • WebVR

Fingerprint

Dive into the research topics of 'Tracking WebVR User Activities through Hand Motions: An Attack Perspective'. Together they form a unique fingerprint.

Cite this