Metaverse Cybersecurity Threats and Risks Analysis: The case of Virtual Reality Towards Security Testing and Guidance Framework.

Virtual reality (VR) innovations reached a high level of technological development making it a critical component of the metaverse of tomorrow. With the goal of VR to resemble the real world as closely as possible, data has to be collected and processed by multiple components from different manufacturers with diverse form factors. Often, these components possess vulnerabilities, which if exploited could result in poor user experiences or lead to physical, or psychological harm and financial loss. In this paper, we highlight common components of the VR world and discuss cybersecurity risks which may arise from the combination of possible threats to, and vulnerabilities within the various components. To aid security engineers in their task of securing the VR world, these components are classified into access and service layers from the perspective of the VR world user and their experiences. Our architectural analysis of VR security is the first step towards creating a security testing framework or guidance.