SaTC: CORE: Small: Securing Gaze Data from Side-Channel Attacks in Foveated Systems

About This Grant

Virtual and Augmented Reality (VR/AR) technology provides access to immersive 3D spaces with applications in education, workforce training, social interaction, and remote collaboration. This emerging technology often uses eye-tracking devices that measure where a user is looking to support interaction and reduce cybersickness. However, this tracked gaze data presents privacy risks because gaze data has the potential to identify users from their eye movements or make inferences about private information, such as age, gender, and ethnicity. This proposal's goal is to mitigate privacy and security risks that arise from the use of eye tracking even when the VR/AR headset prevents malicious applications from having direct access to the gaze data. In particular, the project explores new methods to manipulate VR/AR rendering in a way that exposes personal eye-tracking data to applications that might misuse the data. The project team will measure the vulnerabilities that exist in current rendering systems and develop corresponding defense mechanisms that protect eye-tracking data for VR/AR users in personal, enterprise, and high-risk applications. This project will investigate security vulnerabilities and novel threats in the form of side-channel attacks on foveated systems, which use gaze data to optimize VR/AR systems operating under compute and power constraints. The project team will create a testbed of standardized foveated rendering algorithms and VR attack surfaces and use it to evaluate the ability of malicious developers to integrate side-channel attacks that impact GPU usage and performance in a controlled manner. A set of attack algorithms will be applied to the performance metrics to reconstruct gaze positions and evaluate the ability to infer private information about a user. The dataset and methods will be made public to help inform VR platforms of existing security risks and advance the development of system-level defense mechanisms to detect and mitigate the risk of side-channel attacks on foveated VR systems. Finally, the scope of side-channel attacks will be broadened to include AR optimizations that are hardware-specific and not standardized like the foveated rendering pipelines of VR systems. The project will establish a standard benchmark for foveated side-channel attacks and provide defense mechanisms to protect eye-tracking data in VR/AR systems. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.