Salvato in:
Dettagli Bibliografici
Autori principali: Xu, Yifan, Chen, Jinfu, Qi, Zhenyu, Chen, Huashan, Wang, Junyi, Hu, Pengfei, Liu, Feng, He, Sen
Natura: Preprint
Pubblicazione: 2025
Soggetti:
Accesso online:https://arxiv.org/abs/2507.17324
Tags: Aggiungi Tag
Nessun Tag, puoi essere il primo ad aggiungerne!!
_version_ 1866912498946408448
author Xu, Yifan
Chen, Jinfu
Qi, Zhenyu
Chen, Huashan
Wang, Junyi
Hu, Pengfei
Liu, Feng
He, Sen
author_facet Xu, Yifan
Chen, Jinfu
Qi, Zhenyu
Chen, Huashan
Wang, Junyi
Hu, Pengfei
Liu, Feng
He, Sen
contents Virtual Reality (VR) has emerged as a transformative technology across industries, yet its security weaknesses, including vulnerabilities, are underinvestigated. This study investigates 334 VR projects hosted on GitHub, examining 1,681 software security weaknesses to understand: what types of weaknesses are prevalent in VR software; when and how weaknesses are introduced; how long they have survived; and how they have been removed. Due to the limited availability of VR software security weaknesses in public databases (e.g., the National Vulnerability Database or NVD), we prepare the first systematic dataset of VR software security weaknesses by introducing a novel framework to collect such weaknesses from GitHub commit data. Our empirical study on the dataset leads to useful insights, including: (i) VR weaknesses are heavily skewed toward user interface weaknesses, followed by resource-related weaknesses; (ii) VR development tools pose higher security risks than VR applications; (iii) VR security weaknesses are often introduced at the VR software birth time.
format Preprint
id arxiv_https___arxiv_org_abs_2507_17324
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle An Empirical Study on Virtual Reality Software Security Weaknesses
Xu, Yifan
Chen, Jinfu
Qi, Zhenyu
Chen, Huashan
Wang, Junyi
Hu, Pengfei
Liu, Feng
He, Sen
Cryptography and Security
Virtual Reality (VR) has emerged as a transformative technology across industries, yet its security weaknesses, including vulnerabilities, are underinvestigated. This study investigates 334 VR projects hosted on GitHub, examining 1,681 software security weaknesses to understand: what types of weaknesses are prevalent in VR software; when and how weaknesses are introduced; how long they have survived; and how they have been removed. Due to the limited availability of VR software security weaknesses in public databases (e.g., the National Vulnerability Database or NVD), we prepare the first systematic dataset of VR software security weaknesses by introducing a novel framework to collect such weaknesses from GitHub commit data. Our empirical study on the dataset leads to useful insights, including: (i) VR weaknesses are heavily skewed toward user interface weaknesses, followed by resource-related weaknesses; (ii) VR development tools pose higher security risks than VR applications; (iii) VR security weaknesses are often introduced at the VR software birth time.
title An Empirical Study on Virtual Reality Software Security Weaknesses
topic Cryptography and Security
url https://arxiv.org/abs/2507.17324