Attacks on Shared State in Multi-User Augmented Reality Applications

Watch a 13-minute conference presentation from USENIX Security '24 exploring novel security vulnerabilities in multi-user augmented reality (AR) applications. Discover how shared virtual experiences between multiple AR users require consensus on the "shared state" of the virtual world, and learn about potential attacks that can compromise this state. Examine how malicious actors can "poison" shared data or exploit false inputs to view unauthorized hologram augmentations across multiple AR frameworks. Follow researchers from the University of California, Riverside and University of Michigan as they demonstrate successful attacks on three publicly accessible frameworks, revealing common vulnerabilities despite different implementations. Explore proposed mitigation strategies and a prototype solution for enhancing security in multi-user AR applications.