Conference Paper

Threat Model-based Security Analysis and Mitigation Strategies for a Trustworthy Metaverse

To read the full-text of this research, you can request a copy directly from the authors.


The Metaverse is the future of the Internet-connected world of social networks. It uses emerging technologies such as extended reality (XR), virtual reality (VR), augmented reality (AR), and meta-quest headsets. As the popularity of the Metaverse grows, cyber-criminals are increasingly targeting it and its users. Unfortunately, security and privacy are some of the most challenging areas of the Metaverse, and yet, very little focus has been given to making it trustworthy. To achieve this goal, it is important to perform a thorough and systematic security analysis that would allow the adoption of proper mitigation strategies. A threat model-based analysis can help in such an analysis. This paper presents a threat model-based systematic security analysis of the Metaverse. We use the widely accepted STRIDE model to identify the threats of the Metaverse along with corresponding mitigation strategies. Our threat model can help the users, researchers, and developers build a trustworthy Metaverse.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

ResearchGate has not been able to resolve any citations for this publication.
Full-text available
The term “metaverse”, a three-dimensional virtual universe similar to the real realm, has always been full of imagination since it was put forward in the 1990s. Recently, it is possible to realize the metaverse with the continuous emergence and progress of various technologies, and thus it has attracted extensive attention again. It may bring a lot of benefits to human society such as reducing discrimination, eliminating individual differences, and socializing. However, everything has security and privacy concerns, which is no exception for the metaverse. In this article, we firstly analyze the concept of the metaverse and propose that it is a super virtual-reality (VR) ecosystem compared with other VR technologies. Then, we carefully analyze and elaborate on possible security and privacy concerns from four perspectives: user information, communication, scenario, and goods, and immediately, the potential solutions are correspondingly put forward. Meanwhile, we propose the need to take advantage of the new buckets effect to comprehensively address security and privacy concerns from a philosophical perspective, which hopefully will bring some progress to the metaverse community.
Full-text available
Science and technology transform the frontiers of knowledge and have deep and powerful impacts on society, demonstrating how social reality varies with each era of the world. As a set of fictional representations of technologically driven future worlds, the Metaverse is increasingly shaping the socio-technical imaginaries of data-driven smart cities, i.e., the outcome of radical transformations of dominant structures, processes, practices, and cultures. At the core of the systematic exploration of science and technology is the relationships between scientific knowledge, technological systems, and values and ethics from a wide range of perspectives. Positioned within science of science, this study investigates the complex interplay between the Metaverse as a form of science and technology and the wider social context in which it is embedded. Therefore, it adopts an analytical and philosophical framework of STS, and in doing so, it employs an integrated approach to discourse analysis, supported by a comparative analysis of the Metaverse and Ambient Intelligence. This study shows that the Metaverse as a scientific and technological activity is socially constructed, politically driven, economically conditioned, and historically situated. That is, it is inherently human and hence value-laden, as well as can only be understood as contextualized within the socio-political-economic-historical framework that gives rise to it, sustains it, and makes it durable by material effects and networks. This view in turn corroborates that the Metaverse raises serious concerns as to determinism, social exclusion, marginalization, privacy erosion, surveillance, control, democratic backsliding, hive mentality, cyber-utopianism, and dystopianism. This study argues that, due to the problematic nature of the Metaverse in terms of its inherent ethical and social implications, there need to be more explicit processes and practices for enhancing public participation and allowing a more democratic public role in its shaping and control, especially early in the decision-making process of its development—when the opportunity for effective inputs and informed choices is greatest. The novelty of this study lies in that it is the first of its kind with respect to probing the link between the Metaverse and data-driven smart cities from an STS perspective. The main contribution of this study lies in deepening and extending social scientific critiques and understandings of the imaginaries of data-driven smart cities based on the analysis and evaluation of the Metaverse and the warning signals and troubling visions it conveys and animates in order to help construct desirable alternative futures for the greater good of all citizens. The ultimate goal is to structure the Metaverse in ways that are morally acceptable and collectively the most democratically beneficial for society.
Conference Paper
Full-text available
In this scientific research, a survey of different security and privacy protection issues and flaws in the context of reconstruction of 3D models of real people is made. The intent of this analysis the threats that a realistic digital clone AKA avatar of a person can have in the wrong hands. This paper will also offer different approaches that can be used in overcoming this privacy problem.
Full-text available
The metaverse has the potential to extend the physical world using augmented and virtual reality technologies allowing users to seamlessly interact within real and simulated environments using avatars and holograms. Virtual environments and immersive games (such as, Second Life, Fortnite, Roblox and VRChat) have been described as antecedents of the metaverse and offer some insight to the potential socio-economic impact of a fully functional persistent cross platform metaverse. Separating the hype and “meta…” rebranding from current reality is difficult, as “big tech” paints a picture of the transformative nature of the metaverse and how it will positively impact people in their work, leisure, and social interaction. The potential impact on the way we conduct business, interact with brands and others, and develop shared experiences is likely to be transformational as the distinct lines between physical and digital are likely to be somewhat blurred from current perceptions. However, although the technology and infrastructure does not yet exist to allow the development of new immersive virtual worlds at scale - one that our avatars could transcend across platforms, researchers are increasingly examining the transformative impact of the metaverse. Impacted sectors include marketing, education, healthcare as well as societal effects relating to social interaction factors from widespread adoption, and issues relating to trust, privacy, bias, disinformation, application of law as well as psychological aspects linked to addiction and impact on vulnerable people. This study examines these topics in detail by combining the informed narrative and multi-perspective approach from experts with varied disciplinary backgrounds on many aspects of the metaverse and its transformational impact. The paper concludes by proposing a future research agenda that is valuable for researchers, professionals and policy makers alike.
Full-text available
An interesting paradigm is a metaverse which represents the next generation of using the internet to improve human lives and provide a new way to communicate by building a system that let the user represented by their avatar to work, socialize and play virtually by integrating multiple technologies such as blockchain, artificial intelligence as well as virtual and augmented reality. However, this may preserve many problems related to the security and privacy of the system user starting from data breaches to identity theft, in this paper an overview of the metaverse world and the architecture that connects the virtual to the real world and discuss the main security and privacy risks within the Metaverse world
Full-text available
Data infrastructures, economic processes, and governance models of digital platforms are increasingly pervading urban sectors and spheres of urban life. This phenomenon is known as plat-formization, which has in turn given rise to the phenomena of platform society, where platforms have permeated the core of urban societies. A recent manifestation of platformization is the Metaverse, a global platform project launched by Meta (formerly Facebook) as a globally operating platform company. The Metaverse represents an idea of a hypothetical "parallel virtual world" that incarnate ways of living and working in virtual cities as an alternative to smart cities of the future. Indeed, with emerging innovative technologies-such as Artificial Intelligence, Big Data, the IoT, and Digital Twins-providing rich datasets and advanced computational understandings of human behavior, the Metaverse has the potential to redefine city designing activities and service provision-ing towards increasing urban efficiencies, accountabilities, and quality performance. However, there still remain ethical, human, social, and cultural concerns as to the Metaverse's influence upon the quality of human social interactions and its prospective scope in reconstructing the quality of urban life. This paper undertakes an upper-level literature review of the area of the Metaverse from a broader perspective. Further, it maps the emerging products and services of the Metaverse, and explores their potential contributions to smart cities with respect to their virtual incarnation, with a particular focus on the environmental, economic, and social goals of sustainability. This study may help urban policy makers to better understand the opportunities and implications of the Metaverse upon tech-mediated practices and applied urban agendas, as well as assess the positives and negatives of this techno-urban vision. This paper also offers thoughts regarding the argument that the Metaverse has disruptive and substantive effects on forms of reconstructing reality in an increasingly platformized urban society. This will hopefully stimulate prospective research and further critical perspectives on the topic.
Full-text available
Each year, researchers and technologists are bringing the vision of the Metaverse, which is predicted to be the future of the internet, closer to becoming a reality. People will spend most of their time in this space interacting face-to-face, so to speak, with highly customizable digital avatars that seamlessly convey precise non-verbal cues from the physical movements of the users themselves. This is an exciting prospect; however, there are many privacy and security concerns that arise from this new form of interaction. Precision motion tracking is required to drive high-fidelity animation, and this affords a mass of data that has never been available before. This data provides a wealth of physical and psychological information that can reveal medical conditions, mental disorders, personality, emotion, personal identity, and more. In this paper, we discuss some implications of the availability of this data, with a focus on the psychological manipulation and coercion capabilities made available by it.
Full-text available
Purpose In a move characterized by ambiguity, Facebook changed its name to Meta in October 2021, announcing a new era of social interaction, enabled by the metaverse technology that appears poised to become the future center of gravity for online social interactions. At first glance, the communicated change signals a radically new business model (BM) based on an unprecedented configuration of the three following components: value creation, value proposition and value capture. The purpose of this paper is to analyze Facebook’s announced changes in its BM to clarify whether the change is as radical as communicated or rather represents an incremental transformation of the current BM. Design/methodology/approach This investigation adopted an in-depth case study research method. The process included using a structured approach to collect 153 data points, including academic studies and publicly available information, followed by qualitative content analysis. Findings The results of our analysis of Facebook’s entrepreneurial journey indicate that the communicated strategic refocusing does not correspond to a radical BM innovation pattern. Even though Facebook’s BM might evolve into the innovation phase, as the current changes appear very futuristic, the authors estimate that the core elements of the BM will change incrementally. The investigation indicates that the underlying logic of the straightforward communicative efforts primarily serves two purposes: to improve the external perception of the company and to disseminate an internal change signal within the organization. Originality/value This paper is the first study that takes an entrepreneurship and BM perspective in analyzing Facebook’s approach in rebranding to Meta and refocusing its strategy on building the metaverse. The academic and practical relevance, as well as the potential future impact on business and society, makes the investigation of this case an intriguing prospect. Additionally, the study illuminates the difference between the communicated vision and the real impact on the business, suggesting critical questions about future large-scale rebranding efforts and their effects.
Full-text available
Unlike previous studies on the Metaverse based on Second Life, the current Metaverse is based on the social value of Generation Z that online and offline selves are not different. With the technological development of deep learning-based high-precision recognition models and natural generation models, Metaverse is being strengthened with various factors, from mobile-based always-on access to connectivity with reality using virtual currency. The integration of enhanced social activities and neural-net methods requires a new definition of Metaverse suitable for the present, different from the previous Metaverse. This paper divides the concepts and essential techniques necessary for realizing the Metaverse into three components (i.e., hardware, software, and contents) and three approaches (i.e., user interaction, implementation, and application) rather than marketing or hardware approach to conduct a comprehensive analysis. Furthermore, we describe essential methods based on three components and techniques to Metaverse’s representative Ready Player One, Roblox, and Facebook research in the domain of films, games, and studies. Finally, we summarize the limitations and directions for implementing the immersive Metaverse as social influences, constraints, and open challenges.
Conference Paper
Full-text available
The metaverse promises a host of bright opportunities for business, economics, and society. Though, a number of critical aspects are still to be considered and the analysis of their impact is almost non-existent. In this paper, we provide several contributions. We start by analysing the foundations of the metaverse, later we focus on the novel privacy and security issues introduced by this new paradigm, and finally we broaden the scope of the contribution highlighting some of the far-reaching yet logical implications of the metaverse on a number of domains, not all of them in tech. Throughout the paper, we also discuss possible research directions. We believe that the provided holistic view on the foundations, technology, and issues related to the metaverse---with a focus on security and privacy---, other than being an interesting contribution on its own, could also pave the way for a few multidisciplinary research avenues.
Conference Paper
Full-text available
Security is a huge challenge in vehicular networks due to the large size of the network, high mobility of nodes, and continuous change of network topology. These challenges are also applicable to the vehicular fog, which is a new computing paradigm in the context of vehicular networks. In vehicular fog computing, the vehicles serve as fog nodes. This is a promising model for latency-sensitive and location-aware services, which also incurs some unique security and privacy issues. However, there is a lack of a systematic approach to design security solutions of the vehicular fog using a comprehensive threat model. Threat modeling is a step-by-step process to analyze, identify, and prioritize all the potential threats and vulnerabilities of a system and solve them with known security solutions. A well-designed threat model can help to understand the security and privacy threats, vulnerabilities, requirements, and challenges along with the attacker model, the attack motives, and attacker capabilities. Threat model analysis in vehicular fog computing is critical because only brainstorming and threat models of other vehicular network paradigms will not provide a complete scenario of potential threats and vulnerabilities. In this paper, we have explored the threat model of vehicular fog computing and identified the threats and vulnerabilities using STRIDE and CIAA threat modeling processes. We posit that this initiative will help to improve the security and privacy system design of vehicular fog computing.
Full-text available
Today's social virtual worlds (SVW) are beginning to realize Stephenson's vision of the metaverse: a future massive network of interconnected digital worlds. Tens of millions of people already use these kinds of environments to communicate, collaborate, and do business. Big companies are also moving into these digital realms. Thus, in a context in which the Web is becoming increasingly social, we believe that SVWs are beginning to shape the knowledge-based and glo balized societies and economies of tomorrow. Obviously, an urgent need exists to further understand SVWs and their implications for theory and practice. This article constitutes a first attempt to bring researchers into some of the business, social, technical, legal, and ethical issues related to SVWs. We anticipate that researchers will need to build new theories and concepts for SVWs, to explore the frontiers between reality and virtuality.
Metaverse is a vast virtual environment parallel to the physical world in which users enjoy a variety of services acting as an avatar. To build a secure living habitat, it’s vital to ensure the virtual-physical traceability that tracking a malicious player in the physical world via his avatars in virtual space. In this paper, we propose a two-factor authentication framework based on biometric-based authentication and chameleon signature. First, aiming at disguise in virtual space, we design an avatar’s two-factor identity model to ensure the verifiability of avatar’s virtual identity and physical identity. Second, facing at authentication efficiency and keys holding cost, we propose a chameleon collision signature algorithm to efficiently ensure that the avatar’s virtual identity is associated with its physical identity. Finally, aiming at impersonation in the physical world, we design two decentralized authentication protocols based on the avatar’s identity model and the chameleon collision signature to achieve real-time authentication on the avatar’s identity. Security analysis indicates that the proposed authentication framework guarantees the consistency and traceability of the avatar’s identity. Simulation experiments show that the framework not only completes the decentralized authentication between avatars but also achieves virtual-physical tracking.
Metaverse is an immersive virtual universe where users interact with each other using an avatar. The Metaverse is promised to offer numerous opportunities for many sectors. While the Metaverse promotes the social interaction between users, there is a scarcity of knowledge on what affects its social sustainability. Hence, this research develops a model by integrating the UTAUT2 constructs and big five personality traits to understand the social sustainability of the Metaverse. The model is tested by employing a hybrid covariance-based structural equation modeling (CB-SEM) and artificial neural network (ANN) approach based on collecting data from 446 Metaverse users. The CB-SEM results showed that performance expectancy, social influence, hedonic motivation, price value, habit, agreeableness, neuroticism, and openness significantly impact the social sustainability of the Metaverse, while no significant effect is reported regarding effort expectancy, facilitating conditions, conscientiousness, and extraversion. All these factors explained 80% of the variance in social sustainability. The ANN results showed that habit is the most important factor in predicting social sustainability. Drawing on these findings, the study offers several theoretical contributions and sheds light on several practical implications for developers, designers, and decision-makers promoting the use of the Metaverse.
Metaverse, as an evolving paradigm of the next-generation Internet, aims to build a fully immersive, hyper spatiotemporal, and self-sustaining virtual shared space for humans to play, work, and socialize. Driven by recent advances in emerging technologies such as extended reality, artificial intelligence, and blockchain, metaverse is stepping from science fiction to an upcoming reality. However, severe privacy invasions and security breaches (inherited from underlying technologies or emerged in the new digital ecology) of metaverse can impede its wide deployment. At the same time, a series of fundamental challenges (e.g., scalability and interoperability) can arise in metaverse security provisioning owing to the intrinsic characteristics of metaverse, such as immersive realism, hyper spatiotemporality, sustainability, and heterogeneity. In this paper, we present a comprehensive survey of the fundamentals, security, and privacy of metaverse. Specifically, we first investigate a novel distributed metaverse architecture and its key characteristics with ternary-world interactions. Then, we discuss the security and privacy threats, present the critical challenges of metaverse systems, and review the state-of-the-art countermeasures. Finally, we draw open research directions for building future metaverse systems.
Centralization has dominated classic scientific, social, and economic developments. Decentralization has also received increasing attention in management, decision, governance, and economics, despite its incomparability in AI. Going beyond centralized and distributed AI, this article reviews and delineates the conceptual map, research issues, and technical opportunities of decentralized AI and edge intelligence. The complementarity and metasynthesis between centralized and decentralized AI are also elaborated. We further assess where decentralized AI and edge intelligence can enable and promote smart blockchain, Web3, metaverse and decentralized science disciplinarily, technically, practically, and more broadly.
Metaverse comes from the meta-universe, and it is the integration of physical and digital space into a virtual universe. Metaverse technologies will change the transportation system as we know it. Preparations for the transition of the transportation systems into the world of metaverse are underway. This study considers four alternative metaverses: auto-driving algorithm testing for training autonomous driving artificial intelligence, public transportation operation and safety, traffic operation, and sharing economy applications to obtain sustainable transportation. These alternatives are evaluated on thirteen sub-criteria, grouped under four main aspects: efficiency , operation, social and health, and legislation and regulation. A novel Rough Aczel-Alsa (RAA) function and the Ordinal Priority Approach (OPA) method are used in the assessment model. We also present a case study to demonstrate the applicability and exhibit the efficacy of the assessment framework in prioritizing the meta-verse implementation alternatives.
Conference Paper
The digital twin is based on integrated technologies such as the Internet of Things (IoT), Cloud Computing, Machine Learning, and Artificial Intelligence. The digital twin has become an important method of the digital manufacturing processes for the fourth industrial revolution. The digital twin is driven by increased intelligence, digitization, and reliability of smart manufacturing assets. It has potential usage areas such as construction, smart cities, and healthcare. It could be used to increase the overall performance of the potential systems and to support the physical world. Although extensive benefits are recognized, the security risks for using the digital twin have yet to be explored. The physical world of various nodes communicates with the digital twin. The digital twins also communicate with each other in the near future. This study investigates the risks and threats which target the components of digital twin and data communication. Potential countermeasures and also future work is given.
Cyber security is attracting worldwide attention. With attacks being more and more common and often successful, no one is spared today. Threat modeling is proposed as a solution for secure application development and system security evaluations. Its aim is to be more proactive and make it more difficult for attackers to accomplish their malicious intents. However, threat modeling is a domain that lacks common ground. What is threat modeling, and what is the state-of-the-art work in this field? To answer these questions, this article presents a review of threat modeling based on systematic queries in four leading scientific databases. This is the first systematic literature review on threat modeling to the best of our knowledge. 176 articles were assessed, and 54 of them were selected for further analysis. We identified three separate clusters: (1) articles making a contribution to threat modeling, e.g., introducing a new method, (2) articles using an existing threat modeling approach, and (3) introductory articles presenting work related to the threat modeling process. The three clusters were analyzed in terms of a set of criteria, for instance: Is the threat modeling approach graphical or formal? Is it focused on a specific attack type and application? Is the contribution validated empirically or theoretically? We observe from the results that, most threat modeling work remains to be done manually, and there is limited assurance of their validations. The results can be used for researchers and practitioners who want to know the state-of-the-art threat modeling methods, and future research directions are discussed.
This book introduces the Process for Attack Simulation & Threat Analysis (PASTA) threat modeling methodology. It provides an introduction to various types of application threat modeling and introduces a risk-centric methodology aimed at applying security countermeasures that are commensurate to the possible impact that could be sustained from defined threat models, vulnerabilities, weaknesses, and attack patterns. This book describes how to apply application threat modeling as an advanced preventive form of security. The authors discuss the methodologies, tools, and case studies of successful application threat modeling techniques. Chapter 1 provides an overview of threat modeling, while Chapter 2 describes the objectives and benefits of threat modeling. Chapter 3 focuses on existing threat modeling approaches, and Chapter 4 discusses integrating threat modeling within the different types of Software Development Lifecycles (SDLCs). Threat modeling and risk management is the focus of Chapter 5. Chapter 6 and Chapter 7 examine Process for Attack Simulation and Threat Analysis (PASTA). Finally, Chapter 8 shows how to use the PASTA risk-centric threat modeling process to analyze the risks of specific threat agents targeting web applications. This chapter focuses specifically on the web application assets that include customer's confidential data and business critical functionality that the web application provides. Provides a detailed walkthrough of the PASTA methodology alongside software development activities, normally conducted via a standard SDLC process Offers precise steps to take when combating threats to businesses Examines real-life data breach incidents and lessons for risk management Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis is a resource for software developers, architects, technical risk managers, and seasoned security professionals.
Today, methods of museum exhibition are rapidly changing. While focusing on visitors’ museum experience, new display methods employ a variety of digital technologies to provide exhibition content in ways that allow visitors to better understand artifacts on display. However, the majority of such methods rely on one-way means of delivering information. The lack of interaction with visitors and the use of lighting that clearly separates real and virtual spaces have made museums inadequate as experiential spaces. To resolve those problems, this article suggests a plan to deploy content services for visitors’ museum experiences by combining beacons and HMDs. This study establishes the concept of a service, which provides a virtual world experience by connecting a beacon installed in real space, that is, an exhibition room, to an HMD (head-mounted display). Furthermore, the service also incorporates a storytelling feature to diversify user experience by presenting the characteristics of and stories about artifacts. The service design will make both online and on-site museum experiences meaningful. Ultimately, this article presents the exhibition content thus created as Metaverse exhibition content made through an effective combination of augmented reality and a virtual world.
Conference Paper
One step involved in the security engineering process is threat modeling. Threat modeling involves understanding the complexity of the system and identifying all of the possible threats, regardless of whether or not they can be exploited. Proper identification of threats and appropriate selection of countermeasures reduces the ability of attackers to misuse the system. This paper presents a quantitative, integrated threat modeling approach that merges software and attack centric threat modeling techniques. The threat model is composed of a system model representing the physical and network infrastructure layout, as well as a component model illustrating component specific threats. Component attack trees allow for modeling specific component contained attack vectors, while system attack graphs illustrate multi-component, multi-step attack vectors across the system. The Common Vulnerability Scoring System (CVSS) is leveraged to provide a standardized method of quantifying the low level vulnerabilities in the attack trees. As a case study, a railway communication network is used, and the respective results using a threat modeling software tool are presented.
Microsoft’s STRIDE is a popular threat modeling technique commonly used to discover the security weaknesses of a software system. In turn, discovered weaknesses are a major driver for incepting security requirements. Despite its successful adoption, to date no empirical study has been carried out to quantify the cost and effectiveness of STRIDE. The contribution of this paper is the evaluation of STRIDE via a descriptive study that involved 57 students in their last master year in computer science. The study addresses three research questions. First, it assesses how many valid threats per hour are produced on average. Second, it evaluates the correctness of the analysis results by looking at the average number of false positives, i.e., the incorrect threats. Finally, it determines the completeness of the analysis results by looking at the average number of false negatives, i.e., the overlooked threats.
Describes a decade of experience threat modeling products and services at Microsoft. Describes the current threat modeling method-ology used in the Security Development Lifecycle. The methodology is a practical approach, usable by non-experts, centered on data flow di-agrams and a threat enumeration technique of 'STRIDE per element.' The paper covers some lessons learned which are likely applicable to other security analysis techniques. The paper closes with some possible questions for academic research.
One of the most important aspects in the achievement of secure software systems in the software development process is what is known as Security Requirements Engineering. However, very few reviews focus on this theme in a systematic, thorough and unbiased manner, that is, none of them perform a systematic review of security requirements engineering, and there is not, therefore, a sufficiently good context in which to operate. In this paper we carry out a systematic review of the existing literature concerning security requirements engineering in order to summarize the evidence regarding this issue and to provide a framework/background in which to appropriately position new research activities.
Explainer: What is the metaverse and how will it work?
  • M O'brien
  • K Chan
M. O'Brien and K. Chan, "Explainer: What is the metaverse and how will it work?" pp. 10-29, 2021.
Snow crash: A novel. Spectra
  • N Stephenson
N. Stephenson, Snow crash: A novel. Spectra, 2003.
The metaverse: Web3. 0 virtual cloud economies
  • D Grider
  • M Maximo
D. Grider and M. Maximo, "The metaverse: Web3. 0 virtual cloud economies. accessed: Nov. 1, 2021."
Second life: An interactive qualitative analysis
  • J Sanchez
J. Sanchez, "Second life: An interactive qualitative analysis," in Society for Information Technology & Teacher Education International Conference. Association for the Advancement of Computing in Education (AACE), 2007, pp. 1240-1243.
So what is the "metaverse" exactly?
  • K Orland
K. Orland, "So what is the "metaverse" exactly?" 2021.
Zuckerberg's metaverse: Lessons from second life
  • J Tidy
J. Tidy, "Zuckerberg's metaverse: Lessons from second life," BBC News, vol. 5, 2021.
All one needs to know about metaverse: A complete survey on technological singularity, virtual ecosystem, and research agenda
  • L.-H Lee
  • T Braud
  • P Zhou
  • L Wang
  • D Xu
  • Z Lin
  • A Kumar
  • C Bermejo
  • P Hui
L.-H. Lee, T. Braud, P. Zhou, L. Wang, D. Xu, Z. Lin, A. Kumar, C. Bermejo, and P. Hui, "All one needs to know about metaverse: A complete survey on technological singularity, virtual ecosystem, and research agenda," Preprint arXiv:2110.05352, 2021.
Linddun privacy threat modeling: a tutorial
  • K Wuyts
  • W Joosen
K. Wuyts and W. Joosen, "Linddun privacy threat modeling: a tutorial," CW Reports, 2015.
Thyssenkrupp secrets stolen in 'massive'cyber attack
  • E Auchard
  • T Käckenhoff
E. Auchard and T. Käckenhoff, "Thyssenkrupp secrets stolen in 'massive'cyber attack," 2020.
Threat modeling: Designing for security
  • A Shostack
A. Shostack, Threat modeling: Designing for security. John Wiley & Sons, 2014.
Exploring the unprecedented privacy risks of the metaverse
  • V Nair
  • G M Garrido
  • D Song
V. Nair, G. M. Garrido, and D. Song, "Exploring the unprecedented privacy risks of the metaverse," Preprint arXiv:2207.13176, 2022.
Security of virtual reality authentication methods in metaverse: An overview
  • P Kürtünlüoglu
  • B Akdik
  • E Karaarslan
P. Kürtünlüoglu, B. Akdik, and E. Karaarslan, "Security of virtual reality authentication methods in metaverse: An overview," Preprint arXiv:2209.06447, 2022.
Metaverse: Survey, applications, security, and opportunities
  • J Sun
  • W Gan
  • H.-C Chao
  • P Yu
J. Sun, W. Gan, H.-C. Chao, and P. Yu, "Metaverse: Survey, applications, security, and opportunities," Preprint arXiv:2210.07990, 2022.