2023  |  Vivek Nair · Louis Rosenberg · James F. O’Brien · Dawn Song  |  doi.org/10.48550/arXiv.2306.06459

Motion tracking "telemetry" data lies at the core of nearly all modern extended reality and metaverse experiences. While generally presumed innocuous, recent studies have demonstrated that motion data actually has the potential to profile and deanonymize XR users, posing a significant threat to security and privacy in the metaverse.

Motion as a Fingerprint

To date, the most comprehensive analysis of biometric identification is a 2003 study from the National Institutes of Standards and Technology (NIST), which analyzed dozens of commercially-available biometric sensors using real data from over 100,000 users. The results indicate that high-end fingerprint sensors could, at the time, identify users within a population of 10,000 with 90% accuracy. By contrast, our research shows that XR motion data can be used to identify at least 55,000 users, and likely more, with over 90% accuracy.

  Learn More

Motion as DNA

In a second study, we surveyed 1,006 Beat Saber players to ask them a variety of questions about their background, biometrics, demographics, health information, behavioral patterns, and technical device specifications. Later, we trained a series of machine learning models to see which, if any, of these responses could be accurately inferred just by examining the motion patterns of these users. We found that everything from the country that a user is from to the clothes that they are wearing can be determined using features derived from their motions alone.

  Learn More

Safeguarding Motion

We developed "MetaGuard," an open-source plugin for the Unity game engine that we think of as a proof of concept for an "incognito mode of the metaverse." MetaGuard works by identifying a number of privacy-sensitive dimensions present in an XR telemetry data stream, such as those corresponding to a user's height or wingspan. These axes are then passed through a "Laplacian noise distribution," a type of differentially-private transformation function, before being transmitted to the server and on to other users. The plugin can easily be installed by end users into a variety of existing VR applications just by placing the extension files in a particular directory on their device, and can be customized to suit the specific needs and risks of each application, as shown in Figure 4.

  Learn More

Vivek Nair

Louis Rosenberg

James F. O'Brien

Dawn Song

Copyright ©2022–2023 UC Regents  |  Email us at rdi@berkeley.edu.