Saved in:
Bibliographic Details
Main Authors: Sajid, Maha, Bukhari, Syed Ibrahim Mustafa Shah, Ji, Bo, David-John, Brendan
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2501.16505
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866915125719465984
author Sajid, Maha
Bukhari, Syed Ibrahim Mustafa Shah
Ji, Bo
David-John, Brendan
author_facet Sajid, Maha
Bukhari, Syed Ibrahim Mustafa Shah
Ji, Bo
David-John, Brendan
contents Mixed Reality (MR) devices are being increasingly adopted across a wide range of real-world applications, ranging from education and healthcare to remote work and entertainment. However, the unique immersive features of MR devices, such as 3D spatial interactions and the encapsulation of virtual objects by invisible elements, introduce new vulnerabilities leading to interaction obstruction and misdirection. We implemented latency, click redirection, object occlusion, and spatial occlusion attacks within a remote collaborative MR platform using the Microsoft HoloLens 2 and evaluated user behavior and mitigations through a user study. We compared responses to MR-specific attacks, which exploit the unique characteristics of remote collaborative immersive environments, and traditional security attacks implemented in MR. Our findings indicate that users generally exhibit lower recognition rates for immersive attacks (e.g., spatial occlusion) compared to attacks inspired by traditional ones (e.g., click redirection). Our results demonstrate a clear gap in user awareness and responses when collaborating remotely in MR environments. Our findings emphasize the importance of training users to recognize potential threats and enhanced security measures to maintain trust in remote collaborative MR systems.
format Preprint
id arxiv_https___arxiv_org_abs_2501_16505
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Just stop doing everything for now!: Understanding security attacks in remote collaborative mixed reality
Sajid, Maha
Bukhari, Syed Ibrahim Mustafa Shah
Ji, Bo
David-John, Brendan
Human-Computer Interaction
Mixed Reality (MR) devices are being increasingly adopted across a wide range of real-world applications, ranging from education and healthcare to remote work and entertainment. However, the unique immersive features of MR devices, such as 3D spatial interactions and the encapsulation of virtual objects by invisible elements, introduce new vulnerabilities leading to interaction obstruction and misdirection. We implemented latency, click redirection, object occlusion, and spatial occlusion attacks within a remote collaborative MR platform using the Microsoft HoloLens 2 and evaluated user behavior and mitigations through a user study. We compared responses to MR-specific attacks, which exploit the unique characteristics of remote collaborative immersive environments, and traditional security attacks implemented in MR. Our findings indicate that users generally exhibit lower recognition rates for immersive attacks (e.g., spatial occlusion) compared to attacks inspired by traditional ones (e.g., click redirection). Our results demonstrate a clear gap in user awareness and responses when collaborating remotely in MR environments. Our findings emphasize the importance of training users to recognize potential threats and enhanced security measures to maintain trust in remote collaborative MR systems.
title Just stop doing everything for now!: Understanding security attacks in remote collaborative mixed reality
topic Human-Computer Interaction
url https://arxiv.org/abs/2501.16505