A survey and risk assessment on virtual, augmented and mixed reality cyberattacks

Detalhes bibliográficos
Autor(a) principal: Silva, T?nia Cristina Ferreira da
Data de Publicação: 2024
Tipo de documento: Dissertação
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/20.500.11960/3946
Resumo: Nowadays, Virtual Reality (VR), Augmented Reality (AR) and Mixed Reality (MR.) systems are not exclusively associated with the gaming industry. Their potential is also useful for other business areas such as healthcare, automotive, and educational domains, based on gathered statistics. Companies need to accompany technological advances and enhance their business processes and thus, the adoption of VR, AR, or MR technologies could be advantageous in reducing resource usage or improving the overall efficiency of operations. However, before implementing these technologies, companies must be aware of potential cyberattacks and security risks to which these systems are subject. This study presents a survey of attacks related to VR, AR. and MR. scenarios and a risk assessment based on the ISO 27005 methodology when considering healthcare, automotive, educa- tion, and gaming industries. The main goal is to make companies aware of the possible. cyberattacks that can affect the devices and their impact on their business processes. This classification intends to guide the companies that want to implement VR, AR, and MR. systems in their operations. They will be aware of the possible cyberattacks that can affect the devices and their risk level in their business domain. Proofs of concept for De nial of Service and Jamming attacks targeting HoloLens and other VR and AR, devices, along with a vulnerability found in the authorization method used in the HoloLens' Device Portal tool, are presented in this study. The motivation behind this project is to raise awareness among companies about potential vulnerabilities in these devices and how they can impact their business processes enabling them to apply effective mitigation methods.
id RCAP_26a4de7954ec59a8a9d50592ac357e5a
oai_identifier_str oai:repositorio.ipvc.pt:20.500.11960/3946
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling A survey and risk assessment on virtual, augmented and mixed reality cyberattacksVirtual realityAugmented realityMixed realityCyberattacksVulnerabilitiesRisk assessmentRealidade aumentadaRealidade virtualRealidade mistaCiberataquesVulnerabilidadesClassifica??o de riscoNowadays, Virtual Reality (VR), Augmented Reality (AR) and Mixed Reality (MR.) systems are not exclusively associated with the gaming industry. Their potential is also useful for other business areas such as healthcare, automotive, and educational domains, based on gathered statistics. Companies need to accompany technological advances and enhance their business processes and thus, the adoption of VR, AR, or MR technologies could be advantageous in reducing resource usage or improving the overall efficiency of operations. However, before implementing these technologies, companies must be aware of potential cyberattacks and security risks to which these systems are subject. This study presents a survey of attacks related to VR, AR. and MR. scenarios and a risk assessment based on the ISO 27005 methodology when considering healthcare, automotive, educa- tion, and gaming industries. The main goal is to make companies aware of the possible. cyberattacks that can affect the devices and their impact on their business processes. This classification intends to guide the companies that want to implement VR, AR, and MR. systems in their operations. They will be aware of the possible cyberattacks that can affect the devices and their risk level in their business domain. Proofs of concept for De nial of Service and Jamming attacks targeting HoloLens and other VR and AR, devices, along with a vulnerability found in the authorization method used in the HoloLens' Device Portal tool, are presented in this study. The motivation behind this project is to raise awareness among companies about potential vulnerabilities in these devices and how they can impact their business processes enabling them to apply effective mitigation methods.Nos dias de hoje, os sistemas de Realidade Virtual (VR), Realidade Aumentada (AR) e Realidade Mista (MR) j? n?o est?o exclusivamente associados ? ind?stria dos jogos. De acordo com as estat?sticas apresentadas pela Finances Online, o potencial destas tecnolo gias tamb?m pode ser aplicado noutras ?reas de neg?cio, como sa?de, incl?stria autom?vel e educa??o. As empresas t?m a necessidade de acompanhar os avan?os tecnol?gicas, sendo a ado??o das tecnologias VR, AR ou MR, vantajosa para reduzir o consumo de recursos ou melhorar a efici?ncia geral das suas opera??es. No entanto, antes de implementar estas tecnologias, as empresas devem estar cientes dos potenciais ataques e riscos aos quais esses sistemas est?o sujeitos. Este estudo apresenta um levantamento de ataques que afetam sistemas de VR, AR, e MR, bem como uma avalia??o de riscos com base na metodologia ISO 27005, considerando as ind?strias de sa?de, autom?vel, educa??o e jogos. O principal objetivo ? sensibilizar as empresas para os poss?veis ciberataques que podem afetar os dispositivos e o impacto que os mesmos podem trazer para os seus processos de neg?cio. Desta maneira ter?o o conhecimento sobre o n?vel de risco associado ao seu dom?nio de neg?cios. Neste estudo, s?o tamb?m apresentadas provas de conceito para os ataques de Denial of Service e Jamming direcionados aos HoloLens e outros dispositivos de VR e AR. ? ainda descrita uma vulnerabilidade encontrada no m?todo de autoriza??o na ferra- menta Device Portal dos HoloLens. A motiva??o deste estudo ? alertar as empresas para as potenciais vulnerabilidades nestes dispositivos e como estas podem impactar os seus processos de neg?cio. Desta maneira, conseguem aplicar m?todos de mitiga??o para os mesmos.2024-03-12T18:25:39Z2025-01-15T00:00:00Z2024-01-15T00:00:00Z2024-01-15info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://hdl.handle.net/20.500.11960/3946TID:203550870engSilva, T?nia Cristina Ferreira dainfo:eu-repo/semantics/embargoedAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2024-03-14T07:12:35Zoai:repositorio.ipvc.pt:20.500.11960/3946Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-20T04:00:36.312861Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv A survey and risk assessment on virtual, augmented and mixed reality cyberattacks
title A survey and risk assessment on virtual, augmented and mixed reality cyberattacks
spellingShingle A survey and risk assessment on virtual, augmented and mixed reality cyberattacks
Silva, T?nia Cristina Ferreira da
Virtual reality
Augmented reality
Mixed reality
Cyberattacks
Vulnerabilities
Risk assessment
Realidade aumentada
Realidade virtual
Realidade mista
Ciberataques
Vulnerabilidades
Classifica??o de risco
title_short A survey and risk assessment on virtual, augmented and mixed reality cyberattacks
title_full A survey and risk assessment on virtual, augmented and mixed reality cyberattacks
title_fullStr A survey and risk assessment on virtual, augmented and mixed reality cyberattacks
title_full_unstemmed A survey and risk assessment on virtual, augmented and mixed reality cyberattacks
title_sort A survey and risk assessment on virtual, augmented and mixed reality cyberattacks
author Silva, T?nia Cristina Ferreira da
author_facet Silva, T?nia Cristina Ferreira da
author_role author
dc.contributor.author.fl_str_mv Silva, T?nia Cristina Ferreira da
dc.subject.por.fl_str_mv Virtual reality
Augmented reality
Mixed reality
Cyberattacks
Vulnerabilities
Risk assessment
Realidade aumentada
Realidade virtual
Realidade mista
Ciberataques
Vulnerabilidades
Classifica??o de risco
topic Virtual reality
Augmented reality
Mixed reality
Cyberattacks
Vulnerabilities
Risk assessment
Realidade aumentada
Realidade virtual
Realidade mista
Ciberataques
Vulnerabilidades
Classifica??o de risco
description Nowadays, Virtual Reality (VR), Augmented Reality (AR) and Mixed Reality (MR.) systems are not exclusively associated with the gaming industry. Their potential is also useful for other business areas such as healthcare, automotive, and educational domains, based on gathered statistics. Companies need to accompany technological advances and enhance their business processes and thus, the adoption of VR, AR, or MR technologies could be advantageous in reducing resource usage or improving the overall efficiency of operations. However, before implementing these technologies, companies must be aware of potential cyberattacks and security risks to which these systems are subject. This study presents a survey of attacks related to VR, AR. and MR. scenarios and a risk assessment based on the ISO 27005 methodology when considering healthcare, automotive, educa- tion, and gaming industries. The main goal is to make companies aware of the possible. cyberattacks that can affect the devices and their impact on their business processes. This classification intends to guide the companies that want to implement VR, AR, and MR. systems in their operations. They will be aware of the possible cyberattacks that can affect the devices and their risk level in their business domain. Proofs of concept for De nial of Service and Jamming attacks targeting HoloLens and other VR and AR, devices, along with a vulnerability found in the authorization method used in the HoloLens' Device Portal tool, are presented in this study. The motivation behind this project is to raise awareness among companies about potential vulnerabilities in these devices and how they can impact their business processes enabling them to apply effective mitigation methods.
publishDate 2024
dc.date.none.fl_str_mv 2024-03-12T18:25:39Z
2024-01-15T00:00:00Z
2024-01-15
2025-01-15T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/masterThesis
format masterThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/20.500.11960/3946
TID:203550870
url http://hdl.handle.net/20.500.11960/3946
identifier_str_mv TID:203550870
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv info:eu-repo/semantics/embargoedAccess
eu_rights_str_mv embargoedAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799138181490147328

Registros relacionados