Conference PaperPDF Available

Metaverse: Security and Privacy Issues

Authors:
Roberto Di Pietro at King Abdullah University of Science and Technology
Roberto Di Pietro
Stefano Cresci at Italian National Research Council
Stefano Cresci
Download full-text PDF
Read full-text
Download citation

Abstract

The metaverse promises a host of bright opportunities for business, economics, and society. Though, a number of critical aspects are still to be considered and the analysis of their impact is almost non-existent. In this paper, we provide several contributions. We start by analysing the foundations of the metaverse, later we focus on the novel privacy and security issues introduced by this new paradigm, and finally we broaden the scope of the contribution highlighting some of the far-reaching yet logical implications of the metaverse on a number of domains, not all of them in tech. Throughout the paper, we also discuss possible research directions. We believe that the provided holistic view on the foundations, technology, and issues related to the metaverse---with a focus on security and privacy---, other than being an interesting contribution on its own, could also pave the way for a few multidisciplinary research avenues.
Content uploaded by Roberto Di Pietro
Author content
All content in this area was uploaded by Roberto Di Pietro on Dec 17, 2021
Content may be subject to copyright.
Metaverse: Security and Privacy Issues
Roberto Di Pietro
College of Science and Engineering (CSE)
Hamad Bin Khalifa University (HBKU)
Doha, Qatar
rdipietro@hbku.edu.qa
Stefano Cresci
Institute of Informatics and Telematics (IIT)
National Research Council (CNR)
Pisa, Italy
stefano.cresci@iit.cnr.it
Abstract—The metaverse promises a host of bright opportu-
nities for business, economics, and society. Though, a number
of critical aspects are still to be considered and the analysis of
their impact is almost non-existent. In this paper, we provide
several contributions. We start by analysing the foundations of
the metaverse, later we focus on the novel privacy and security
issues introduced by this new paradigm, and finally we broaden
the scope of the contribution highlighting some of the far-reaching
yet logical implications of the metaverse on a number of domains,
not all of them in tech. Throughout the paper, we also discuss
possible research directions.
We believe that the provided holistic view on the foundations,
technology, and issues related to the metaverse—with a focus
on security and privacy—, other than being an interesting
contribution on its own, could also pave the way for a few
multidisciplinary research avenues.
Index Terms—Metaverse, metamedia, multiverse, singularity,
security, privacy, Facebook, Meta
I. INTRODUCTION
A metaverse is a combination of persistent, multi-user,
shared, 3D virtual spaces that are intertwined with the physical
world and merged together to create a unified and perpetual
virtual universe. Users enter the metaverse with avatars, who
can interact with each other and with the items, applications,
services, and businesses that the metaverse contains. Originally
tributed to the vision of the American writer and tech advisor
Neal Stephenson in his 1992 science fiction book Snow
Crash—but practically being an idea that can be found in many
cultures and epochs, tracing back at least to The Cave of Plato
[1], as brilliantly described by Ethan Zuckerman in a recent
issue of The Athlantic1—metaverses have periodically sparked
heated debates among both tech experts and the general public,
following more-or-less successful attempts at implementing
them (e.g., Second Life). Recently, they have made the news
again, when some of the biggest tech firms announced heavy
investments and ambitious plans for the development of new
and futuristic metaverses. Among them are Microsoft2, Epic
Games,3and Meta4—the tech holding in which Facebook
was (uncoincidentally) rebranded. Mark Zuckerberg (Meta and
1https://www.theatlantic.com/technology/archive/2021/10/facebook-
metaverse-was-always- terrible/620546/
2https://twitter.com/satyanadella/status/1455624165201887234
3https://www.epicgames.com/site/en-US/news/announcing-a-1- billion-
funding-round- to-support- epics-long- term-vision- for-the-metaverse
4https://www.facebook.com/watch/live/?ref=watch permalink&v=
561535698440683
Facebook CEO), in particular, envisioned the metaverse as
the next evolution of the Internet. That is, a technology-
empowered, cyber-physical Internet 3.0 capable of surpassing
the mobile Internet paradigm. His vision of the metaverse as
the next evolutionary leap of both our physical and digital
networking capabilities—and thus, also of our social life—
perfectly explains the massive hype and the spasmodic atten-
tion that rapidly built around the metaverse.
To support this ambitious vision, the first instances of
the metaverse will build upon several recent technological
advancements. For instance, virtual reality (VR) will be used
to create immersive 3D spaces while augmented reality (AR)
will allow for a tight integration between the virtual and
the physical worlds. Along the same line, digital twins will
allow physical objects to be brought, visualized, and shared
into the metaverse. Wearable sensors will allow avatars in the
virtual spaces to mimic real-world movements, while other
sensors, such as those embedded into the next-generation of
smart devices, will feed additional real-world data into the
metaverse. The metaverse will also feature a rich marketplace
of both physical goods and virtual items. The latter will be
bound to, and owned by, the avatars themselves and will be
implemented as non-fungible tokens (NFTs). Finally, the next
generation of networking technologies and algorithms will
make the metaverse even more pervasive than current social
media and social networking platforms.
While incorporating the latest technologies, social media,
advanced algorithms, a constant and boundless supply of data
from the developing sensory systems, and much more, the
metaverse will be still more comprehensive than what could
be described at the time of writing, because of its capacity
of adapting and adopting any innovation. In this context, it
appears evident that security and privacy concerns will not
only be magnified, but also completely transformed. And with
them, a few other critical issues, as discussed in the following.
A. Contributions
In this paper we provide several contributions. We first
revise the genesis of the concept of metaverse. Later, we de-
scribe its current background, which helps us explain why the
metaverse is a hot topic just now, despite having being around
for ages. We highlight current security and privacy issues,
which in this new context are magnified as they have never
been before. We further highlight why, this time, the context
This is the author’s version of the work. It is posted here for your
personal use. Not for redistribution. The definitive Version of Record
was published in IEEE TPS, December 12–15, 2021.
is radically different from what we experienced in the past:
that is, why the upcoming metaverse instances could represent
something semantically different from what we have seen in
the technology domain until now (an approximated answer:
exponential technology growth; unprecedented capabilities in
data generation, collection, and analysis; and, convergence of
the cyber-physical worlds). Later, we seed the concept that we
use to forecast the development of the metaverse in the years
to come. Based on the introduced foundational material we
develop our vision of the metaverse, highlighting the related
risks for security and privacy. Finally, in our discussion we
argument the thesis that the exposed threats and the envisaged
impacts generated by the development of the metaverse call
for an interdisciplinary approach where computer science and
engineering are critical, but at least to the same extent as other
apparently far disciplines, like philosophy, law, and social
sciences.
B. Roadmap
The remainder of the paper is organized as follows. In
Section II we revise some background information and related
work in the field. In Section III, we discuss the current
issues of metaverse, with a specific reference to security and
privacy. In Section IV, based on the state of play and the
introduced guiding principles, we provide our analysis of
what are the most stringent criticalities of the metaverse, also
highlighting broad—in scope, depth, and breadth—research
directions. Finally, in Section V we provide our conclusions.
II. BACKGROU ND A ND R EL ATED W OR K
Many of the technologies that represent the building blocks
of the metaverse already exist at an advanced state of devel-
opment. However, many others are still several years away
from being usable in practice. In the remainder of this section
we provide an introduction to the metaverse by describing
its core elements, characteristics, and functionalities, as well
as the long term directions in which it could further expand.
Without loss of generality, we take as a starting point—
and later develop—the vision of the metaverse proposed by
Zuckerberg, since it represents the most comprehensive one
among all those that have been proposed so far.
A. Core Elements, Characteristics, and Functionalities
1) Activities: The metaverse is a virtual universe, or a sub-
strate, capable of supporting and interconnecting a multitude
of different applications. As such, the activities that users can
carry out in the metaverse are as diverse as the applications
embedded in it.
The unprecedented networking opportunities enabled by
the metaverse make it particularly convenient for engaging
in social activities. Traditional activities such as befriending
other users, or engaging in chats and audio/video calls will
be supported in the metaverse too. One way in which these
functionalities will be made available is by integrating existing
messaging and videoconferencing apps into the metaverse. In
addition to these activities, which barely represent a porting
of already-existing interaction schemes, the shared virtual
spaces of the metaverse will also enable additional forms of
social interaction—for instance, the interactions between 3D
avatars that are typical of massively multiplayer online games
(MMOs). Regarding the latter, gaming and other forms of
entertainment, including the possibility to participate to art
shows and concerts, will represent another major group of
metaverse activities. Firstly, as previously anticipated, meta-
verses inherit several characteristics from MMOs. In addition,
the gaming sector is in constant growth, both in terms of
revenue and users. The combination of these two factors
ensures that gaming, and entertainment in general, will be
among the most frequent activities in the metaverse. Notably,
metaverse shows can be both natively virtual, as in the case
of the many concerts held within the virtual worlds of online
games such as Fortnite, Minecraft, and Roblox5, or natively
physical but nonetheless accessible via the metaverse, such
as in the case of a real-world concert that allows metaverse
users to participate via VR. Sports and fitness are another
group of activities that will benefit from the cyber-physical
integration enabled by the metaverse. In particular, wearable
sensors and AR/VR will allow for realistic and immersive
virtual sport simulations, with unprecedented opportunities of
personalization and customization. The same considerations
can be made for learning and other educational activities,
which will greatly benefit from the immersiveness and 3D
capabilities of the metaverse. Finally, the metaverse will also
be used for work and business, as well as for commerce.
Regarding the former, digital twins, VR, and the availability of
embedded messaging and videoconferencing apps will allow
rich, immersive meetings to take place in the metaverse. In
addition, traditional and new forms of commerce will be
supported by one or more online marketplaces, which will
feature both physical and digital goods for sale. About the
latter, in particular, the marketplace will connect independent
content creators with their potential customers (i.e., metaverse
users), allowing business opportunities to scale to unprece-
dented levels.
2) Immersiveness: In the past decade, we witnessed to the
revolution of the mobile Internet, enabling access to our online
applications and social ecosystems from virtually everywhere.
Currently however, our capacity of entering and enjoying
virtual environments is constrained by the use of screens and
mobile devices. With the advent of the metaverse, instead,
access to online virtual spaces will be possible also via AR and
VR technologies. Indeed, two of the key and distinguishing
features of the metaverse are its pervasiveness and immer-
siveness, reached via an unprecedented merge between the
virtual and the physical worlds. The metaverse is pervasive and
immersive in multiple ways, involving both the ways in which
we access and interact with it, as well as the ways in which
we receive feedback from it. For instance, mobile immersive
access to the metaverse will be possible thanks to the next
5https://www.nme.com/features/gaming-features/fortnite-roblox- best-in-
game-concerts- 2021-3021418
generation of AR-enabled smart devices (e.g., compact smart
glasses6). Instead, work or home access will be possible with
lightweight and comfortable VR goggles. The switch from
2D interfaces to 3D virtual spaces will be accompanied by
a number of additional possibilities that will increasingly
boost immersiveness. Firstly, many of the 2D applications and
services that we use on a daily basis (e.g., Dropbox, Slack,
Zoom, Facebook, Instagram, and many more), will become
applications embedded into the metaverse. Then, users will
inhabit the metaverse in the form of avatars, thus switching
from static 2D profile images to interactive and personalized
3D avatars. Depending on the activity, application, or the
virtual space in use, users will be able to represent themselves
with either photorealistic, cartoonish, or fully fictional avatars.
Users will also have the possibility to create virtual copies of
physical items (i.e., digital twins) and to share them in the
metaverse, thus further reducing the gap between the virtual
and physical dimension. Finally, the use of wearable sensors
and devices will tighten the bond between our physical and
virtual worlds by feeding orders of magnitude more real-world
data into the metaverse and by giving users unprecedented
sensory feedback [2].
3) Interoperability: From an architectural standpoint, the
metaverse can be regarded as a unifying framework or sub-
strate that connects the multitude of applications and services
that are embedded into it. As such, interoperability is another
key feature of the metaverse and its users will experience it
in multiple ways. For instance, they will be able to interact
simultaneously with multiple applications, similarly to what
we usually do in our desktop computers or mobile devices.
Today, this level of interoperability between different apps is
ordinary and expected for general purpose physical devices.
However, it is unprecedented for online virtual environments.
Think for instance to MMOs–massive virtual worlds where
players can typically perform only a limited subset of similar
and related activities. Extending this concept, in the metaverse
also spaces and activities will be interconnected. In fact, it
will be possible to seamlessly move across different virtual
thematic spaces, or to interrupt an activity in order to start a
new one (e.g., stopping a game set in a dedicated space in
order to join a friend in another space). Virtual items, such
as avatar outfits, will also be part of this interconnectedness.
Indeed, in one of the possible evolutions of the metaverse,
items will be owned by the users, instead of the platforms,
and the interoperability of the metaverse will allow users to
buy certain virtual items as NFTs from an applcation’s store
and to use them with their avatars in other applications and
spaces, and throughout all of the metaverse.
B. Beyond Current Technology
The description of the metaverse that we provided so far, its
uses and activities, as well as its key elements and characteris-
tics, is based on existing and relatively established technology.
6https://www.theguardian.com/technology/2021/sep/15/techscape-smart-
glasses-facebook
Hence, the development of a metaverse that supports this
vision is expected to occur in the short-medium term. At
the same time, however, metaverses promise to deliver other
additional and pioneering functionalities—extending by far the
possibilities that are enabled by the current state of technology.
These latter functionalities inevitably depend on the scientific
and engineering progress that is expected to be achieved in cer-
tain technological areas in the coming years, and will possibly
be available in the metaverse only in the medium-long term.
Nevertheless, the analysis of these advanced functionalities is
instrumental for understanding the full extent of opportunities
and challenges resulting from the metaverse.
An area where rapid technological progress is expected is
the one related to the interfaces that will allow interacting
with the metaverse. These include the technologies and the
devices used for inputting commands to, as well as for
receiving feedback from, the metaverse. Among them are
brain–computer interfaces (BCIs)—that is, neural interfaces
designed to collect and process the electrical signals generated
in the human brain as a result of some cognitive activity,
and to convert them into meaningful inputs for an external
computer or apparatus [3]. Notably, such interfaces can also
be used to influence the brain, as in the case of those designed
to treat depression and other mental disorders. In addition
to the existing noninvasive BCIs, the US military and some
tech firms—including Meta and Elon Musk’s Neuralink—are
also researching more powerful interfaces based on electrodes
implanted directly into the brain [4]. On the one hand, BCIs
hold the potential to revolutionize the way in which we input
commands to machines, freeing us from the constraints derived
from the use of mouse & keyboard—a particularly desirable
feature to have during a hectic VR session. On the other
hand, they also open new possibilities for delivering powerful
(neural) feedback—another area where much scientific and
technological progress is expected. In fact, the metaverse will
eventually involve multi-sensory experiences and feedback, be
it by means of brain implants, or via other technologies (e.g.,
haptic devices) [2]. For instance, sensory systems will provide
metaverse users force-return effects that mimic the physical
interactions in the real world, depending on the outcome of
their actions in the 3D virtual world. To this regard, the
metaverse will represent the next evolutionary step in our
capacity to deliver and consume not only multimedia, but
also multi-sensory content—a logical evolution with respect
to what we have already experienced. Indeed, the Internet
was originally conceived as a technology for exchanging text
messages (e.g., emails). Subsequently, with the advent of the
social Web, we witnessed to the spread of multimedia content
in the form of images (e.g., memes) and videos. Eventually, the
Internet 3.0 will be a multi-sensory experience. It is precisely
this outlook on the metaverse as the application that will lead
us into the era of Internet 3.0, that motivates some scholars to
refer to it also as a mediaverse or multiverse [5].
III. CURRENT ISS UE S
In the previous sections we briefly sketched the main
functionalities of the metaverse—both in its likely initial
implementations, as well as in the more advanced ones—and
we highlighted the plethora of new possibilities opened up by
this novel socio-technical paradigm. However, this unprece-
dented degree of immersiveness and interoperability also has
a flip side: an increase in quantity and quality of the threats
associated to the current technologies that will be adopted
to realize the metaverse, accompanied by the generation of a
few equally-unprecedented threats. Such threats are especially
related to the privacy and security of metaverse users, which
we discuss in the remainder of this section.
A. Privacy
In nowadays Internet, it is said that if you do not pay for
a product or service, then you (or rather your data) are the
product. Social media and social networking platforms are the
paramount example of this kind. These platforms offer free
services that involve millions or even billions of users, whose
preferences are so well-known to the platforms themselves [6]
that they are able to show users extremely accurate, micro-
targeted advertisements. This successful business model is
possible only because of the platform’s capability to accurately
profile its users, by analyzing their actions and interactions
with the platform’s content and with the other users, other
than relying on further worrisome tracking capabilities, thanks
to the evolution of cookies and, generally, fingerprinting tech-
niques [7]. Even with today’s technology, the digital crumbles
that we leave behind us already tell a lot about our personality,
tastes, and orientations (e.g., political and sexual). This was ev-
ident since the very first studies carried out almost one decade
ago [6], [8], while these days such predictive capabilities
have developed exponentially. Given these assumptions, what
could happen in the metaverse? In the following subsection we
strive to imagine the data collection capabilities, and related
applications, enabled by the metaverse.
1) User profiling in the metaverse: If social network users
are the product of today’s Internet, in the metaverse literally
everything and everyone will be the product. Social network-
ing platforms currently act as powerful magnets for Web
users. Similarly, the metaverse will be an exponentially more
powerful magnet for (even more) users, as well as for content
creators, entrepreneurs, and businesses alike. In other words,
it will be a unified meta-platform for users—independently
from their passions and preferred applications (e.g., readers,
gamers, students, etc.)—as well as for the developers of such
applications and the businesses that run them. The exposed
consideration raises major concerns over the amount and type
of data that such a massive platform could collect. The internet
2.0 allowed marketers to study where users move their mouse,
where they look on a screen, how much time they spend on
a given pictured item, and which products or users they like.
At times, and especially for technology illiterate users, one is
not even aware that such recordings and analyses take place
and, hence, their privacy may be in jeopardy in unanticipated
ways [9]. In the metaverse, current data collection techniques
and related analyses will be considered amateurish, at best.
Indeed, the platform will be able to track our body movements,
physiological responses, likely even brainwaves, and real and
virtual interactions with the surrounding environment, to cite
a few. Moreover, these capabilities will be in addition to all
other data that are already being collected.
How will such data be used and what are the risks for user
privacy? In the following, we try to address the latter question.
2) User privacy: Regarding user privacy in the metaverse,
three areas are particularly relevant [9]: (i) personal informa-
tion; (ii) behavior; and, (iii) communications. As a result of
our previous considerations, each of these areas will give to the
platforms much more data than what they currently have, with
new and increased risks. As an example, personal information
collected from social networking platforms are already used
for doxing—that is, the practice, or the menace, of revealing
private information of a victim with the aim of extortion or
for online shaming [10]. Given that the metaverse will provide
much more personal information about its users, not only to
the platforms, but also to other users, how will we keep doxing
at bay? Notably, personal and sensitive information that will
leak through the metaverse will include a plethora of real-
world information about user habits and their physiological
characteristics. While these are difficult to obtain in the current
Internet, if not outright impossible, they will be much more
easily acquired in the metaverse, as a result of the tighter bond
between the virtual and physical worlds.
This leads us to the risks related to the privacy of user be-
havior. To this regard, the metaverse will offer unprecedented
opportunities for exploiting online immersive experiences and
interactions to perpetrate offline (i.e., real-world) harms and
frauds. Indeed, social engineering attacks already account
for the largest share of cyber-attacks suffered online [11],
as also measured during the COVID-19 pandemic. With the
metaverse, social engineering attacks will likely become even
more convenient and powerful, and thus, more frequent. In
addition to social engineering, the metaverse raises additional
concerns related to the privacy of user behaviors. Spying
and stalking are practical examples of this kind. In the real-
world, eyesdropping, following, or harassing someone can be
partially hindered by physical constraints, such as the need
to be physically close to another person and to move to
certain locations, which might also involve some cost (e.g.
time, money). Notably, the cited penalties generally act as
excellent deterrents. However, the same considerations do
not hold in the metaverse, which makes such attacks more
convenient. Unfortunately, this already applies to a large array
of attacks that currently proliferate online, some of which are
often perpetrated by multiple coordinated users, and that will
likely skyrocket in the metaverse [12], [13]. Among them are
coordinated harassment and raiding, shaming, cyberbullying,
video call bombing, and shitstorming [14], [15], to cite a few.
Some of these behaviors have already been used as forms
of “denial of service”. For instance, in online games—which
will be one of the primary uses of the metaverse—a few
toxic gamers are enough to repeatedly ruin the game for
all other participants [16]. Moreover, many cyber-aggressions
that initially start on a specific platform or in relation to a
specific topic (e.g., a game) can also subsequently expand to
other platforms or topics, thus involving additional users and
communities, as it happened in the case of the #Gamergate
campaign [17], or even in Second Life [9], [16]. In a metaverse
characterized by a multitude of interconnections between com-
munities, spaces, and applications, these risks are inevitably
amplified.
Finally, more connections imply more interpersonal com-
munications, which leads to an increase in the number and
manners in which information could be collected and mis-
used, and cyber-crimes could be perpetrated. Privacy concerns
about metaverse communications are not restricted to the
obvious risks of corporate data breaches, but also involve
other forms of communications between users. Think for
example to sexting—the practice of exchanging sexually ex-
plicit messages—, which is currently carried out via mobile
phones [18]. Sexting, or other forms of sexually-oriented
communications and interactions, could become common in
the metaverse, also thanks to its rich and multi-sensory 3D
world [19]. What if the privacy of such personal communica-
tions is endangered? In the Internet 2.0, revenge porn—that
is, the distribution of sexually explicit texts, images, or videos
of individuals without their consent—is largely confined to
certain not-safe-for-work (NSFW) platforms. Similarly, toxic
users are clustered in fringe Web platforms or in largely
isolated communities of like-minded peers [20]. Disgruntled
employees have relatively few ways for publicly harming
their company’s reputation in a scalable way. However, each
of these crucial—yet, so far, fringe—issues could become
mainstream in the massively interconnected metaverse.
What can be done to address the above exposed threats? A
preliminary discussion is provided in the following subsection.
3) Countermeasures: Given the multitude of privacy risks
to which metaverse users are exposed to, some scholars
already started envisioning ways in which to enforce user
privacy in 3D social metaverses [21]. Among them, a few
solutions have been proposed [9], that are based on the
combination of three fundamental strategies: (i) creating a
mannequin or multiple clones of one’s avatar to shadow
one’s own activities; (ii) creating a private copy (e.g., an
instance) of a public space for the exclusive use of the user,
or temporarily locking out other users from a public space;
and, (iii) allowing user teleportation, invisibility or other forms
of disguise. Meaningful combinations of the above strategies
can also be used, such as applying a disguise to one’s avatar
after exiting from an instanced space, so as to avoid being
recognized and chased. Independently of the privacy solutions
that a metaverse implements, these ones should be made
available to the users (e.g., via a privacy menu) so that they
could choose their desired level of privacy, also depending on
their activities, and the way in which to apply the selected
privacy features. However, all the (few) solutions envisioned
so far are designed for simplistic metaverses, those that have
existed until now. As such, they are much likely not sufficient
to withstand the risks and attacks of complex, immersive
and massively interconnected multiverses, such as the one
envisioned by Zuckerberg’s Meta. To this regard, new and
better solutions should be devised—an exciting and daunting
research challenge.
B. Security
The innovative combination of the multiple powerful tech-
nologies that will come into play in the metaverse will spark
a torrent of security threats, in addition to the privacy issues
already discussed. A few of them are highlighted in the
following.
1) Humans in and out of the loop: Some of these security
concerns derive from the inherent complexity of the metaverse.
In fact, it is easy to envision that a meta-platform connecting
orders of magnitude more users, services, applications and
goods—and ultimately, handling much more data—than those
managed by the current Web platforms will inevitably require
metaverse administrators to push automation, that is to tackle
more tasks with algorithms, rather than with human operators.
The need to delegate tasks and operations to algorithms, espe-
cially to those implemented with cutting-edge AI techniques,
emerges both from the need to achieve great scalability as well
as efficiency and performance. However, in the current version
of the Internet we are starting to understand the dire implica-
tions of delegating societally relevant tasks to algorithms that,
in spite of achieving unmatched performance, are affected by
several issues. Among them are biases that can prevent fair
outcomes [22], the lack of transparency [23], the vulnerability
to attacks and manipulations [24], [25], and the huge compu-
tational and energy requirements of complex AI models (e.g.,
deep learning), which limit both their affordability7and sus-
tainability8. Each of these issues represents an open scientific
challenge that will require many conjoint efforts from different
scientific communities (e.g., AI and machine learning, security,
ethics, and more) to be tamed and solved. In the meantime
however, our reliance on “problematic” algorithms is leading
to worrisome problems. Moreover, always more frequently,
problems that originate online have offline consequences, as
in the notable cases of the January 2021 Capitol Hill riots
that resulted from the dramatic polarization of our online
social environments, or the rampaging COVID-19 and vaccine
misinformation that costed many human lives [26], [27]. In the
metaverse—a much bigger and massively more interconnected
platform—which new problems will arise? More importantly,
are we ready to delegate so much of our lives to the algorithms
in the metaverse? In addition to the exposed open questions,
it is worth noting that overcoming the security challenges
posed by the algorithms exploited in the metaverse will
require the design and development of new methodologies and
technical solutions, as well as legal ones (e.g., who would be
7https://towardsdatascience.com/the-future-of- computation-for- machine-
learning-and- data-science- fad7062bc27d
8https://www.forbes.com/sites/glenngow/2020/08/21/environmental-
sustainability-and- ai
responsible for the mistakes made by an algorithm? Would
cost externalization be possible?).
2) Integrity and authentication in the metaverse: As a
practical and relevant example of the problems caused by
algorithms and automation, we can cite the security issues of
content integrity and user authentication. Even in nowadays’
social networking platforms, a large share of our interactions
occur with inorganic or fabricated content (e.g., machine-
generated text) and with inauthentic users (e.g., human-
operated fake personas that troll other users, or even fully
automated accounts such as bots). For instance, regarding
software-driven accounts, it has already been shown that
humans can be “fingerprinted” and digitally reproduced in
social media, without other humans nor detection algorithms
noticing it [28]. Moreover, it has also already been envisioned
that future advances in AI will make such automated accounts
totally indistinguishable from humans [29]. In the metaverse,
these human-machine interactions will become more frequent
and, at least for certain activities, even mandatory. Think for
instance to the need of resorting to chatbots and in-game
bots, in order to deliver a rich, immersive, and credible user
experience [9]. These capabilities raise new and additional
security concerns. For example, how easy will it be to fake
one’s own age, gender, job, or any other attribute? Will
we be able to tell humans and machines apart? How will
human or platform vulnerabilities be exploited by automated
accounts and machine-generated content, in such a complex,
immersive and persuasive world? Earlier attempts at exploiting
the vulnerabilities of contemporary platforms already managed
to shake the foundations of our democratic societies. The next
wave of attempts might prove fatal.
3) Polarization and radicalization in a singleton world:
While the previous security issues emerged from the necessity
to rely on algorithms and automation for managing a huge
virtual world, other problems will surface as a consequence
of the uniqueness of the metaverse—that is, its characteristic
of being a singleton. Indeed, a metaverse is essentially a
massive aggregator of applications, services, goods and thus,
also of users. As all platforms that collect, aggregate, and
deliver content, its success will depend on its capacity to act
as a centralized access point for such contents. Notably, this
characteristic is in sharp contrast with the current structure of
the Web, which features a multitude of different platforms,
some of which are mainstream and humongous while others
are fringe and minuscule. Put differently, the plurality of the
existing Web platforms will be replaced by, at most, a handful
of massive metaverses. The plurality of the Web also means
that each user, independently on her tastes and preferences,
will likely find an online platform or a community of users
with the same tastes and preferences. This is the reason
why fringe and minuscule Web platforms exist in the first
place: in spite of their overall marginality, they serve a useful
purpose (at least for those who browse them). In contrast,
a singleton metaverse will force the simultaneous presence,
coexistence, and interaction of all users, including those with
peculiar interests and opposed viewpoints, as well as those
that would have never got in touch on the Web. While, to
a certain extent, this already happens in the current version
of the Internet, the relatively limited interconnectedness and
the filter bubbles of today’s virtual spaces (e.g., platforms and
applications) ensure that different types of users mainly belong
to different online communities, possibly even residing on
completely autonomous and independent platforms. However,
when radically different—possibly even opposing—groups of
users merge, the consequences can be severe. For instance,
we know from massively multiplayer online role playing
games (MMORPGs) that certain types of players tend to
systematically harass other types, as in the case of male, low-
skilled players with regards to female players [30]. Hence,
what would happen when all sorts of different communities
merge in a centralized, shared metaverse? To a certain extent,
each user that populates an online space, such as today’s social
networks and the upcoming metaverse, has her own interests
and ways of enjoying it. In other words, each user behaves
in a different way. Some users may thus exploit their way of
“behaving” in the metaverse to troll, harass, or anyway to take
advantage of other users, in new and unanticipated ways.
IV. DISCUSSION
In order to be able to understand the implications of the
metaverse, we believe that it is useful to refresh the concept
of “singularity” and to analyze its roots. From there, we will
move forward in providing support to thesis that the metaverse
is where the singularity will take place and, finally, we will
sketch some of the possible implications.
The singularity can be described as a point in time at which
technological growth becomes uncontrollable and irreversible,
resulting in unforeseeable changes to human civilization. This
concept is particularly compelling in its reformulation applied
to AI: “The AI singularity refers to an event where the AIs
in our lives either become self-aware, or reach an ability
for continuous improvement so powerful that it will evolve
beyond our control”9. Not surprisingly, the original concept
of singularity is attributed to John von Neumann. However,
one might notice that the concept of singularity could be (al-
most equivalently) rephrased and generalized as: “the gradual
accumulation of quantitative changes that would, at some point
(at break measures), turns things into another or a new quality,
entailing new and quantitative characteristics”. If the latter
formulation sounds familiar, it is because that formulation of
singularity is actually the second law of dialectics by the 18th
century’s German philosopher G.W.F. Hegel10 [31].
What we just described provides the foundations for the
reasoning on the evolution and implications of metaverse.
Indeed, it seems quite reasonable that the convergence of
technology, platforms, and sensory systems (to cite a few) into
9https://www.singularitysymposium.com/definition-of-singularity.html
10It is likely that Van Neuman knew the laws of dialectics, but at that time,
a direct reference to Hegel would have probably been not well accepted (Mc-
Carthyism was ravaging the US), and hence the—brilliant!—re-formulation
and adaptation of the cited second law of dialectics into “singularity”, that
we will use as well in the remainder.
a single domain—the metaverse—, combined with the sheer
amount of data that will be generated therein, do qualify the
metaverse as the best candidate for a qualitative transformation
of the very same domain. If this hypothesis is true, we need a
paradigm shift in our analysis tools to deal with the metaverse.
Indeed, if we keep analyzing the metaverse following the usual
approach adopted in hard sciences—that is, by considering
the single components and by studying the corresponding
interactions of those components—the results of our analysis
would be probably wrong, or at least incomplete. Indeed, the
metaverse would not equal the sum of the single, different
components used to structure it. The metaverse—the devel-
oped version of it, not the approximation that we will see
in the next few years—will be something unique, never seen
before. Though, the very seeds of it are being planted now,
and the next few years will likely represent the most precious
(and maybe the only) time window of opportunity where, as
a community, we could still intervene to shape its strategic
development directions.
In particular, if we want to influence the development of the
metaverse and, especially, try to anticipate its evolution so as to
be able to figure out what are the novel risks introduced by it,
we will need a more comprehensive approach. Simply put, we
would need the best minds, supported by the whole arsenal of
methodologies, approaches, and tools developed in a range of
disciplines, ranging from Computer Science and Engineering,
to philosophy, law, and, psychology, to cite a few. This would
be probably the only way to confront with the singularity that
the metaverse will likely generate. Otherwise—that is, if we
do not anticipate the complexity of the metaverse, or if we fail
to forecast its full implications and their possible impact—the
incurred risks would be staggering. In particular, we present in
the following the most likely one. That is, we will embrace the
metaverse with a false sense of control—-being able to keep
under control just some specific aspects of it, while completely
ignoring the novel elements generated by the singularity. In
such a scenario, there would be no major transformations for
a short while, and the metaverse will even provide possible
short-term benefits for users, owners, and the society. However,
there is an impending criticality to this short-sighted approach:
without a clear comprehension of the long-term implications
of the metaverse on the several dimensions it will impact
(social, economical, political, anthropological, etc.), there is
a high chance that the metaverse will be eventually misused
in manners and to an extent that are difficult to predict.
To make an example, and not even a dreadful one, the
Cambridge Analytica scandal [32] (and its dire effects) would
be considered nothing more than a childish game.
Having provided (re-discovered) a generalization for the
concept of singularity—a key concept to capture the essence
of the metaverse—, having clarified why we expect a con-
vergence of different technologies and platforms, and having
sketched the possible implications of the directions the meta-
verse could take, we can now leverage the privilege conceded
to a vision paper to draft, in the next section, some concluding
remarks that, we are afraid, will raise more questions rather
than highlighting solutions.
V. CONCLUSIONS
The metaverse is approaching fast. Not because a of a
communication campaign organized by a tech and social
media behemoth to escape public scrutiny11, or because it
is just a big business opportunity. It is coming true because
we are at the beginning of the singularity. Or, in simpler
terms, because the time is ripe. The exponential progress of
technology has brought us miniaturized sensing devices with
the computing and communication capabilities of laptops and
has spread the adoption of technology to all the aspects of our
lives (e.g., economics, politics, industry, social relationships,
etc.). In addition, the social acceptance of an ever increasing
rate of data recording and sharing of our personal experiences
has provided the bulk of data to make the metaverse attractive,
while 5G and the coming 6G will resolve the remaining gap
in connectivity and sensing. On top of that, machine learning
and AI algorithms are already efficient enough to predict with
surprisingly good approximation our needs and actions, and
keep improving.
The (partial) list of cited technologies and paradigms, taken
one by one, could represent a leap forward—possibly even a
giant one—but just a leap forward on a path that is already
known. Instead, our thesis is that the combination of the
cited forces would produce an effect that is magnified not
only quantitatively, but also qualitatively, thus dramatically and
permanently changing the tech and the cognitive landscapes.
In this new world that we are starting to call metaverse, the
traditional systemic threats imported by the technology, like
security and, especially, privacy are critical ones. However,
in the metaverse these threats could present themselves in a
manner that would (at least partially) escape the logical and
technological schemes we have developed so far to cope with
them. But, what is most, it may well be the case that security
and privacy threats will not even represent the most critical
ones. As we have substantiated in this paper, the metaverse
arises complex issues, that just partially pertain to the technical
domain. That is why the only way to navigate this incognito
universe we are starting exploring, is to study it via a truly
multidisciplinary and broad approach that conjugates technical
fields with humanities and social sciences. To let the metaverse
become a dream, or either discover that it has turned into a
nightmare.
REFERENCES
[1] S. Eyer, “Translation from Plato’s Republic 514b–518d (“Allegory of the
Cave”),Ahiman: A Review of Masonic Culture and Tradition, vol. 1,
pp. 73–78, 2009.
[2] C. Bermejo and P. Hui, “A survey on haptic technologies for mobile
augmented reality,ACM Computing Surveys, vol. 54, no. 9, 2021.
[3] M. Zhang, Z. Tang, X. Liu, and J. Van der Spiegel, “Electronic neural
interfaces,” Nature Electronics, vol. 3, no. 4, pp. 191–200, 2020.
[4] J. Horgan, “Should big tech’s plan for a metaverse scare us?” Scientific
American, 2021.
11https://www.nytimes.com/2021/10/29/technology/meta-facebook-
zuckerberg.html
[5] A. Woodgate, “The metaverse,” DUBIT Exclusive Report, Tech. Rep.,
2021.
[6] M. Kosinski, D. Stillwell, and T. Graepel, “Private traits and attributes
are predictable from digital records of human behavior,Proceedings
of the National Academy of Sciences, vol. 110, no. 15, pp. 5802–5805,
2013.
[7] P. Laperdrix, N. Bielova, B. Baudry, and G. Avoine, “Browser finger-
printing: A survey,ACM Transactions on the Web, vol. 14, no. 2, 2020.
[8] M. D. Conover, B. Goncalves, J. Ratkiewicz, A. Flammini, and
F. Menczer, “Predicting the political alignment of Twitter users,” in
The 3rd IEEE International Conference on Privacy, Security, Risk and
Trust (PASSAT’11) and the 3rd IEEE International Conference on Social
Computing (SocialCom’11), 2011, pp. 192–199.
[9] B. Falchuk, S. Loeb, and R. Neff, “The social metaverse: Battle for
privacy,IEEE Technology and Society Magazine, vol. 37, no. 2, pp.
52–61, 2018.
[10] P. Snyder, P. Doerfler, C. Kanich, and D. McCoy, “Fifteen minutes
of unwanted fame: Detecting and characterizing doxing,” in The 2017
Internet Measurement Conference (IMC’17), 2017, pp. 432–444.
[11] F. Salahdine and N. Kaabouch, “Social engineering attacks: A survey,
Future Internet, vol. 11, no. 4, p. 89, 2019.
[12] S. Cresci, R. Di Pietro, M. Petrocchi, A. Spognardi, and M. Tesconi,
“Social fingerprinting: detection of spambot groups through DNA-
inspired behavioral modeling,” IEEE Transactions on Dependable and
Secure Computing, vol. 15, no. 4, pp. 561–576, 2017.
[13] D. Weber and F. Neumann, “Amplifying influence through coordinated
behaviour in social networks,Social Network Analysis and Mining,
vol. 11, no. 1, pp. 1–42, 2021.
[14] C. Ling, U. Balcı, J. Blackburn, and G. Stringhini, “A first look at
zoombombing,” in The 43rd IEEE Symposium on Security and Privacy
(S&P’21). IEEE, 2021, pp. 1452–1467.
[15] C. Flores-Saviaga, B. Keegan, and S. Savage, “Mobilizing the Trump
train: Understanding collective action in a political trolling community,”
in The 12th International AAAI Conference on Web and Social Media
(ICWSM’18), 2018.
[16] B. S. Bakioglu, “Spectacular interventions of Second Life: Goon culture,
griefing, and disruption in virtual spaces,” Journal for Virtual Worlds
Research, vol. 1, no. 3, 2009.
[17] D. Chatzakou, N. Kourtellis, J. Blackburn, E. De Cristofaro, G. Stringh-
ini, and A. Vakali, “Measuring #gamergate: A tale of hate, sexism, and
bullying,” in The 26th International Conference on World Wide Web
(WWW’17 Companion), 2017, pp. 1285–1290.
[18] C. Geeng, J. Hutson, and F. Roesner, “Usable sexurity: Studying people’s
concerns and strategies when sexting,” in The 16th USENIX Symposium
on Usable Privacy and Security (SOUPS’20), 2020, pp. 127–144.
[19] S. Bardzell and J. Bardzell, “Docile avatars: Aesthetics, experience, and
sexual interaction in Second Life,” in The 21st British HCI Group Annual
Conference on People and Computers (BCS-HCI’07), 2007, pp. 1–11.
[20] S. Zannettou, T. Caulfield, J. Blackburn, E. De Cristofaro, M. Sirivianos,
G. Stringhini, and G. Suarez-Tangil, “On the origins of memes by
means of fringe Web communities,” in The 2018 Internet Measurement
Conference (IMC’18), 2018, pp. 188–202.
[21] L.-H. Lee, T. Braud, P. Zhou, L. Wang, D. Xu, Z. Lin, A. Kumar,
C. Bermejo, and P. Hui, “All one needs to know about metaverse: A
complete survey on technological singularity, virtual ecosystem, and
research agenda,” arXiv:2110.05352, 2021.
[22] S. Corbett-Davies, E. Pierson, A. Feller, S. Goel, and A. Huq, “Algo-
rithmic decision making and the cost of fairness,” in The 23rd ACM
SIGKDD International Conference on Knowledge Discovery and Data
Mining (KDD’17), 2017, pp. 797–806.
[23] A. Datta, S. Sen, and Y. Zick, “Algorithmic transparency via quantitative
input influence: Theory and experiments with learning systems,” in The
38th IEEE Symposium on Security and Privacy (S&P’16). IEEE, 2016,
pp. 598–617.
[24] P. McDaniel, N. Papernot, and Z. B. Celik, “Machine learning in
adversarial settings,” IEEE Security & Privacy, vol. 14, no. 3, pp. 68–72,
2016.
[25] S. Cresci, M. Petrocchi, A. Spognardi, and S. Tognazzi, “Adversarial
machine learning for protecting against online manipulation,” IEEE
Internet Computing, 2021.
[26] R. Di Pietro, M. Caprolu, S. Raponi, and S. Cresci, New Dimensions of
Information Warfare, ser. Advances in Information Security. Springer,
2021, vol. 84.
[27] E. Ferrara, S. Cresci, and L. Luceri, “Misinformation, manipulation
and abuse on social media in the era of COVID-19,Journal of
Computational Social Science, vol. 3, pp. 271–277, 2020.
[28] S. Cresci, “A decade of social bot detection,Communications of the
ACM, vol. 63, no. 10, pp. 72–83, 2020.
[29] D. Boneh, A. J. Grotto, P. McDaniel, and N. Papernot, “How relevant
is the Turing test in the age of sophisbots?” IEEE Security & Privacy,
vol. 17, no. 6, pp. 64–71, 2019.
[30] M. M. Kasumovic and J. H. Kuznekoff, “Insights into sexism: Male
status and performance moderates female-directed hostile and amicable
behaviour,PLoS One, vol. 10, no. 7, p. e0131613, 2015.
[31] G. W. F. Hegel, Hegel’s Science of Logic. Humanity Books, 1929.
[32] A. Chen, “Cambridge Analytica and our lives inside the surveillance
machine,” The New Yorker, vol. 21, no. 2018, pp. 1–5, 2018.
... For example, immersion offers a chance for a migrant living away from his family to feel the same emotional connection with his family in a virtual environment (Smaili & Rancourt-Raymond, 2022). In addition, it offers the opportunity to participate in concerts, touristic trips, and sports and art events via immersive technologies (Di Pietro & Cresci, 2021). Moreover, unique options are offered to users in finance, education, health, smart cities, and many other fields. ...
... These attacks are mainly carried out by manipulating the users' emotions, such as fear, curiosity, and panic. These manipulations cause victims' private information to be exploited for dangerous purposes (e.g., disclosure, exploitation of virtual assets and economies) (Di Pietro & Cresci, 2021;Huang et al., 2023). ...
... Thus, users' privacy expectations must be provided by laws, policies, particular details, and punishment-reward systems (Vladimirov et al., 2022;Gupta et al., 2023). Users may encounter unintended risks and dangers related to the privacy of individuals and businesses that desire to operate in it (Di Pietro & Cresci, 2021). ...
CONSUMER SECURITY AND PRIVACY IN THE METAVERSE: A BIBLIOMETRIC ANALYSIS
Article
Full-text available
  • Apr 2024
The metaverse, one of today's most groundbreaking innovations, offers important opportunities for our future in many areas. However, these opportunities bring with them some critical threats. Security and privacy in the metaverse are among the most current threats that researchers focus on. This study aims to provide a more concrete view of the studies on security and privacy research in the metaverse in the WOS and SCOPUS databases by using bibliometric techniques. In addition, this study assesses the effects of the existing literature and offers a series of suggestions regarding measures that can be taken to protect privacy and security. In the study, 86 studies published in 64 different sources between 2018 and 2024 are analyzed in terms of scientific performance with different bibliometric techniques. According to the prominent findings of the study, it is understood that the highest number of scientific publications were published in 2023; each publication received an average of 17 citations; single-author studies constitute 25% of all studies; and the most publications were published in the Journal of Metaverse. It is thought that the results revealed in this study and the suggested coping strategies regarding privacy and security will contribute to future studies.
View
... Indeed, with annual spending over $54 billion, expenditure on metaverses nearly doubled that of music purchases in 2021 (Moy & Gadgil, 2022). Researchers attribute this growth to metaverses revolutionizing virtual societal and economic interactions (Di Pietro & Cresci, 2021). Specifically, the metaverse benefit from network effects, becoming more appealing as user and organizational participation increases (Gawer & Cusumano, 2014;Tingelhoff et al., 2024). ...
... The metaverse is a multi-user virtual platform built on Web3 technology to revolutionize how people interact in any context (Di Pietro & Cresci, 2021). The malleable features of this emerging platform generate an immersive user experience, mimicking the real world sans physical constraints (Jaynes et al., 2003), thus enabling new and richer kinds of social and business interactions (e.g., through immersive 3D communication) (Bourlakis et al., 2009). ...
... This shows that Decentraland, unlike Roblox, is not interested in being the proprietor of its users' data. A crypto wallet is essential for owning and trading virtual goods and currencies, a fundamental aspect of metaverse platforms (Di Pietro & Cresci, 2021;Oliver et al., 2010;Tayal et al., 2022;Vidal-Tomás, 2022). Using a crypto wallets as accounts, Decentraland's users can execute peer-to-peer economic transactions without intermediaries. ...
Qualitative Insights into Organizational Value Creation: Decoding Characteristics of Metaverse Platforms
Article
Full-text available
  • May 2024
  • INFORM SYST FRONT
The significance of metaverse platforms is growing in both research and practical applications. To utilize the chances and opportunities metaverse platforms offer, research and practice must understand how these platforms create value, which has not been adequately explored. Our research explores the characteristics of metaverse platforms that facilitate value creation for organizations in both B2B and B2C sectors. Employing a qualitative inductive approach, we conducted 15 interviews with decision-makers from international corporations active in the metaverse. We identified 26 metaverse platform characteristics, which we categorized into six dimensions based on the DeLone and McLean Information Systems success model. Subsequently, we provide examples to illustrate the application of these identified characteristics within metaverse platforms. This study contributes to the academic discourse by uncovering the characteristics that shape the competitive landscape of emerging metaverse platforms. Leveraging these characteristics may offer metaverse providers a competitive edge in attracting complementary organizations to their platforms.
View
... Advanced analytics and machine learning within the metaverse can predict traffic patterns and suggest proactive measures to alleviate congestion, such as adjusting traffic signal timings, implementing dynamic lane usage, or providing real-time rerouting recommendations to drivers. This interactive and immersive approach not only enhances the efficiency of traffic management but also improves response times to incidents, reducing overall travel time and emissions [56][57][58]. By leveraging the capabilities of the metaverse, cities can achieve a smarter, more adaptive, and responsive traffic management system, significantly enhancing urban mobility and quality of life for residents. ...
Metaverse of Things (MoT) Applications for Revolutionizing Urban Living in Smart Cities
Preprint
Full-text available
  • Jun 2024
The Metaverse of Things (MoT) is an advanced technology that has the potential to revolutionise urban living in the present era. This article explores the advantages, uses, and transformative outcomes of MoT in smart cities. The covered subjects encompass sustainability, urban planning, citizen participation, infrastructure management, and various more. MoT integrates the Internet of Things (IoT) with metaverse technologies. The ultimate objective is to develop virtual environments that are highly interactive, interconnected, and immersive while maintaining a high level of fidelity to reality. The IoT utilises virtual reality (VR), augmented reality (AR), and other digital technologies to gather data, facilitate communication, and automate certain processes, thereby enhancing several elements of urban living. It is all a component of the metaverse. The IoT will bring about a profound transformation in the way cities gather and utilise data to enhance services and optimise efficiency. Cities that can efficiently distribute this data can enhance public safety, optimise energy usage, regulate traffic, and manage waste properly. MoT apps that utilise immersive technologies and the IoT can be used to generate more intelligent and captivating cityscapes. The implementation of MoT can greatly enhance the quality of life for residents of smart cities through improvements in transportation, healthcare, education, and community engagement. The study's author examined how smart cities utilise the IoT to enhance the daily experiences of their inhabitants. This study examines the technical structure, possible advantages, and difficulties of implementing MoT in urban settings, aiming to enhance the resilience, responsiveness, and adaptability of cities. The findings emphasise the importance of robust legislative frameworks, stringent security requirements, and well-developed infrastructure to facilitate the extensive use of MoT technology. These factors are crucial for establishing a highly interconnected and efficient urban environment.
View
View
Insights into financial reporting practices in the metaverse: evidence from Islamic financial institutions in Bahrain
Article
  • Jun 2024
Purpose This study aims to assess how prepared and flexible accounting professionals are to produce financial accounts that adhere to Shariah regulations in the metaverse. The study also highlights the potential positive and negative effects of metaverse utilization on the financial reporting quality of Islamic financial institutions (IFIs). Design/methodology/approach A questionnaire was distributed to a random sample of 102 accounting professionals employed in IFIs in Bahrain. Findings The capacity to provide real-time reporting within the metaverse would enhance the quality and reliability of Islamic financial reporting. Furthermore, the fluctuating values of digital assets in the metaverse pose a significant challenge to ensuring accurate financial reporting. IFIs fail to create an environment suitable for transitioning to the metaverse. Moreover, the participants expressed concerns about how the rapid expansion of the metaverse may challenge the adherence to Shariah governance principles in virtual financial transactions. They further recommended that the Accounting and Auditing Organization for Islamic Financial Institutions (AAOIFI) establish explicit directives on Shariah governance in the metaverse. Practical implications Various IFIs’ stakeholders, including practitioners, shareholders and employees interested in adopting the metaverse technology, can benefit from the findings of the studies. In addition, the study could help Islamic banks in Bahrain better grasp the readiness and adaptability of accounting professionals. This understanding would aid in establishing robust financial reporting standards that align with Shariah principles in the metaverse. Originality/value This research examines the metaverse through the lens of Islamic financial reporting, offering recent evidence on technological developments and financial reporting practices within an Islamic context. The research findings would contribute to advancing the knowledge among academics, professionals and all interested parties concerning the effects of metaverse implementation on Shariah governance principles and the quality of financial reporting. The study findings would offer policymakers and regulators in the Islamic finance sector essential insights.
View
View
Recent Trends of Authentication Methods in Extended Reality: A Survey
Article
Full-text available
  • May 2024
Extended Reality (XR) is increasingly gaining momentum in industries such as retail, health, and education. To protect users’ personal data, establishing a secure authentication system for XR devices becomes essential. Recently, the focus on authentication methods for XR devices has been limited. To further our understanding of this topic, we surveyed authentication schemes, particularly systems and methods deployed in XR settings. In this survey, we focused on reviewing and evaluating papers published during the last decade (between 2014 and 2023). We compared knowledge-based authentication, physical biometrics, behavioral biometrics, and multi-model methods in terms of accuracy, security, and usability. We also highlighted the benefits and drawbacks of those methods. These highlights will direct future Human–computer Interaction (HCI) and security research to develop secure, reliable, and practical authentication systems.
View
View
The First Principles: Setting the Context for a Safe and Secure Metaverse
Article
  • May 2024
The metaverse delivered through converged and amalgamated technologies holds promise. No wonder technology heavyweights, large corporates, research organizations and businesses cutting across industry verticals are racing to put in place a metaverse-first strategy. The bets on consumers rapidly migrating from traditional social networks and collaborative applications to more immersive digital experiences have been placed. However, the transition is not expected to be seamless. Privacy, safety and security concerns abound in the early versions of the metaverse. Increased regulatory oversight and diverse national laws threaten to derail the hype around the metaverse. It is increasingly clear that the final iteration of the metaverse will need to assuage the concerns of individual users while addressing complex legal and regulatory requirements. Thus, a multi-perspective approach needs to be adopted to help set the agenda for the evolution of the metaverse. This research paper examines the different aspects and challenges which the future metaverse will need to address. A set of ”first principles” are formulated, which if implemented will lead to the development of an equitable, inclusive, safe and secure metaverse.
View
View
Coordinated Behavior on Social Media in 2019 UK General Election
Article
Full-text available
  • May 2021
Coordinated online behaviors are an essential part of information and influence operations, as they allow a more effective disinformation's spread. Most studies on coordinated behaviors involved manual investigations, and the few existing computational approaches make bold assumptions or oversimplify the problem to make it tractable. Here, we propose a new network-based framework for uncovering and studying coordinated behaviors on social media. Our research extends existing systems and goes beyond limiting binary classifications of coordinated and uncoordinated behaviors. It allows to expose different coordination patterns and to estimate the degree of coordination that characterizes diverse communities. We apply our framework to a dataset collected during the 2019 UK General Election, detecting and characterizing coordinated communities that participated in the electoral debate. Our work conveys both theoretical and practical implications and provides more nuanced and fine-grained results for studying online information manipulation.
View
Amplifying influence through coordinated behaviour in social networks
Article
Full-text available
  • Dec 2021
Political misinformation, astroturfing and organised trolling are online malicious behaviours with significant real-world effects that rely on making the voices of the few sounds like the roar of the many. These are especially dangerous when they influence democratic systems and government policy. Many previous approaches examining these phenomena have focused on identifying campaigns rather than the small groups responsible for instigating or sustaining them. To reveal latent (i.e. hidden) networks of cooperating accounts, we propose a novel temporal window approach that can rely on account interactions and metadata alone. It detects groups of accounts engaging in various behaviours that, in concert, come to execute different goal-based amplification strategies, a number of which we describe, alongside other inauthentic strategies from the literature. The approach relies upon a pipeline that extracts relevant elements from social media posts common to the major platforms, infers connections between accounts based on criteria matching the coordination strategies to build an undirected weighted network of accounts, which is then mined for communities exhibiting high levels of evidence of coordination using a novel community extraction method. We address the temporal aspect of the data by using a windowing mechanism, which may be suitable for near real-time application. We further highlight consistent coordination with a sliding frame across multiple windows and application of a decay factor. Our approach is compared with other recent similar processing approaches and community detection methods and is validated against two politically relevant Twitter datasets with ground truth data, using content, temporal, and network analyses, as well as with the design, training and application of three one-class classifiers built using the ground truth; its utility is furthermore demonstrated in two case studies of contentious online discussions.
View
All One Needs to Know about Metaverse: A Complete Survey on Technological Singularity, Virtual Ecosystem, and Research Agenda
Technical Report
Full-text available
  • Oct 2021
Since the popularisation of the Internet in the 1990s, the cyberspace has kept evolving. We have created various computer-mediated virtual environments including social networks, video conferencing, virtual 3D worlds (e.g., VR Chat), augmented reality applications (e.g., Pokemon Go), and Non-Fungible Token Games (e.g., Upland). Such virtual environments, albeit non-perpetual and unconnected, have bought us various degrees of digital transformation. The term `metaverse' has been coined to further facilitate the digital transformation in every aspect of our physical lives. At the core of the metaverse stands the vision of an immersive Internet as a gigantic, unified, persistent, and shared realm. While the metaverse may seem futuristic, catalysed by emerging technologies such as Extended Reality, 5G, and Artificial Intelligence, the digital `big bang' of our cyberspace is not far away. This survey paper presents the first effort to offer a comprehensive framework that examines the latest metaverse development under the dimensions of state-of-the-art technologies and metaverse ecosystems, and illustrates the possibility of the digital `big bang'. First, technologies are the enablers that drive the transition from the current Internet to the metaverse. We thus examine eight enabling technologies rigorously - Extended Reality, User Interactivity (Human-Computer Interaction), Artificial Intelligence, Blockchain, Computer Vision, IoT and Robotics, Edge and Cloud computing, and Future Mobile Networks. In terms of applications, the metaverse ecosystem allows human users to live and play within a self-sustaining, persistent, and shared realm. Therefore, we discuss six user-centric factors -- Avatar, Content Creation, Virtual Economy, Social Acceptability, Security and Privacy, and Trust and Accountability. Finally, we propose a concrete research agenda for the development of the metaverse.
View
New Dimensions of Information Warfare
Book
Full-text available
  • Jan 2021
This book revises the strategic objectives of Information Warfare, interpreting them according to the modern canons of information age, focusing on the fabric of society, the economy, and critical Infrastructures. The authors build plausible detailed real-world scenarios for each entity, showing the related possible threats from the Information Warfare point of view. In addition, the authors dive into the description of the still open problems, especially when it comes to critical infrastructures, and the countermeasures that can be implemented, possibly inspiring further research in the domain. This book intends to provide a conceptual framework and a methodological guide, enriched with vivid and compelling use cases for the readers (e.g. technologists, academicians, military, government) interested in what Information Warfare really means, when its lenses are applied to current technology. Without sacrificing accuracy, rigor and, most importantly, the big picture of Information Warfare, this book dives into several relevant and up-to-date critical domains. The authors illustrate how finance (an always green target of Information Warfare) is intertwined with Social Media, and how an opponent could exploit these latter ones to reach its objectives. Also, how cryptocurrencies are going to reshape the economy, and the risks involved by this paradigm shift. Even more compelling is how the very fabric of society is going to be reshaped by technology, for instance how our democratic elections are exposed to risks that are even greater than what appears in the current public discussions. Not to mention how our Critical Infrastructure is becoming exposed to a series of novel threats, ranging from state-supported malware to drones. A detailed discussion of possible countermeasures and what the open issues are for each of the highlighted threats complete this book. This book targets a widespread audience that includes researchers and advanced level students studying and working in computer science with a focus on security. Military officers, government officials and professionals working in this field will also find this book useful as a reference.
View
Misinformation, manipulation, and abuse on social media in the era of COVID-19
Article
Full-text available
  • Nov 2020
The COVID-19 pandemic represented an unprecedented setting for the spread of online misinformation, manipulation, and abuse, with the potential to cause dramatic real-world consequences. The aim of this special issue was to collect contributions investigating issues such as the emergence of infodemics, misinformation, conspiracy theories, automation, and online harassment on the onset of the coronavirus outbreak. Articles in this collection adopt a diverse range of methods and techniques, and focus on the study of the narratives that fueled conspiracy theories, on the diffusion patterns of COVID-19 misinformation, on the global news sentiment, on hate speech and social bot interference, and on multimodal Chinese propaganda. The diversity of the methodological and scientific approaches undertaken in the aforementioned articles demonstrates the interdisciplinarity of these issues. In turn, these crucial endeavors might anticipate a growing trend of studies where diverse theories, models, and techniques will be combined to tackle the different aspects of online misinformation, manipulation, and abuse.
View
A Decade of Social Bot Detection
Article
Full-text available
  • Oct 2020
On the morning of November 9th 2016, the world woke up to the shocking outcome of the US Presidential elections: Donald Trump was the 45th President of the United States of America. An unexpected event that still has tremendous consequences all over the world. Today, we know that a minority of social bots – automated social media accounts mimicking humans – played a central role in spreading divisive messages and disinformation, possibly contributing to Trump's victory [16, 19]. In the aftermath of the 2016 US elections, the world started to realize the gravity of widespread deception in social media. Following Trump's exploit, we witnessed to the emergence of a strident dissonance between the multitude of efforts for detecting and removing bots, and the increasing effects that these malicious actors seem to have on our societies [27, 29]. This paradox opens a burning question: What strategies should we enforce in order to stop this social bot pandemic? In these times – during the run-up to the 2020 US elections – the question appears as more crucial than ever. Particularly so, also in light of the recent reported tampering of the electoral debate by thousands of AI-powered accounts. What stroke social, political and economic analysts after 2016 – deception and automation – has been however a matter of study for computer scientists since at least 2010. In this work, we briefly survey the first decade of research in social bot detection. Via a longitudinal analysis, we discuss the main trends of research in the fight against bots, the major results that were achieved, and the factors that make this never-ending battle so challenging. Capitalizing on lessons learned from our extensive analysis, we suggest possible innovations that could give us the upper hand against deception and manipulation. Studying a decade of endeavors at social bot detection can also inform strategies for detecting and mitigating the effects of other – more recent – forms of online deception, such as strategic information operations and political trolls.
View
Electronic neural interfaces
Article
Full-text available
  • Apr 2020
Devices such as keyboards and touchscreens allow humans to communicate with machines. Neural interfaces, which can provide a direct, electrical bridge between analogue nervous systems and digital man-made systems, could provide a more efficient route to future information exchange. Here we review the development of electronic neural interfaces. The interfaces typically consist of three modules — a tissue interface, a sensing interface, and a neural signal processing unit — and based on technical milestones in the development of the electronic sensing interface, we group and analyse the interfaces in four generations: the patch clamp technique, multi-channel neural interfaces, implantable/wearable neural interfaces and integrated neural interfaces. We also consider key circuit and system challenges in the design of neural interfaces and explore the opportunities that arise with the latest technology
View
Mobilizing the Trump Train: Understanding Collective Action in a Political Trolling Community
Article
  • Jun 2018
Political trolls initiate online discord not only for the lulz (laughs), but also for ideological reasons, such as promoting their desired political candidates. Political troll groups recently gained spotlight because they were considered central in helping Donald Trump win the 2016 US presidential election, which involved difficult mass mobilizations. Political trolls face unique challenges as they must build their own communities while simultaneously disrupting others. However, little is known about how political trolls mobilize sufficient participation to suddenly become problems for others. We performed a quantitative longitudinal analysis of more than 16 million comments from one of the most popular and disruptive political trolling communities, the subreddit /r/The Donald (T_D). We use T_D as a lens to understand participation and collective action within these deviant spaces. In specific, we first study the characteristics of the most active participants to uncover what might drive their sustained participation. Next, we investigate how these active individuals mobilize their community to action. Through our analysis we uncover that the most active employed distinct discursive strategies to mobilize participation, and deployed technical tools like bots to create a shared identity and sustain engagement. We conclude by providing data-backed design implications for designers of civic media.
View
Adversarial Machine Learning for Protecting Against Online Manipulation
Article
  • Nov 2021
Adversarial examples are inputs to a machine learning system that result in an incorrect output from that system. Attacks launched through this type of input can cause severe consequences: for example, in the field of image recognition, a stop signal can be misclassified as a speed limit indication. However, adversarial examples also represent the fuel for a flurry of research directions in different domains and applications. Here, we give an overview of how they can be profitably exploited as powerful tools to build stronger learning models, capable of better-withstanding attacks, for two crucial tasks: fake news and social bot detection.
View
View