BEGIN:VCALENDAR
VERSION:2.0
PRODID:IEEE vTools.Events//EN
CALSCALE:GREGORIAN
BEGIN:VTIMEZONE
TZID:US/Pacific
BEGIN:DAYLIGHT
DTSTART:20250309T030000
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:PDT
END:DAYLIGHT
BEGIN:STANDARD
DTSTART:20251102T010000
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:PST
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTAMP:20250611T162646Z
UID:B3E2A1CC-D708-4C72-9D75-6E86EBF66DDC
DTSTART;TZID=US/Pacific:20250610T180000
DTEND;TZID=US/Pacific:20250610T193000
DESCRIPTION:Free Registration (with a Zoom account\; you can get one for fr
 ee if you don&#39;t already have it. This requirement is to avoid Zoom bombing
 . Please sign in using the email address tied to your Zoom account — not
  necessarily the one you used to register for the event.):\n\nhttps://sjsu
 .zoom.us/meeting/register/vo5r9OqaSFuqKsuFcww7Cg\n\nSynopsis:\n\nAR/VR dev
 ices promise a new era of immersive computing\, where our everyday experie
 nce is augmented with helpful information (Augmented Reality)\, or where w
 e are immersed in fully virtual worlds (Virtual Reality). These systems fu
 se the physical world and the virtual world through computing resources to
  provide these immersive experiences rendered on the user&#39;s headset. As a 
 result\, it allows new opportunities for attackers to compromise the secur
 ity and privacy of users that are not well understood. Towards understandi
 ng the security and privacy challenges in these systems\, this talk presen
 ts a number of recent attacks we developed on AR/VR systems. One threat mo
 del exploits the shared computing resources used by multiple applications 
 on a headset to extract information through side channels\; we show attack
 s that spy on user activity or compromise privacy. Another threat model ex
 ploits the shared state among multiple users in a multi-user application\,
  allowing malicious users to inject compromised information or to recover 
 information they are not allowed to access. Other threat models include th
 ose that interfere with applications and cause the virtual model to become
  out of sync with the physical world\, causing user motion sickness or byp
 assing safety guardrails. I will conclude with a discussion of potential d
 efenses and ways to build more secure AR/VR experiences.\n----------------
 -----------------------------------------------\n\nBy registering for this
  event\, you agree that IEEE and the organizers are not liable to you for 
 any loss\, damage\, injury\, or any incidental\, indirect\, special\, cons
 equential\, or economic loss or damage (including loss of opportunity\, ex
 emplary or punitive damages). The event will be recorded and will be made 
 available for public viewing.\n\nCo-sponsored by: Vishnu S. Pendyala\, SJS
 U\n\nSpeaker(s): Dr. Vishnu S. Pendyala\, Prof. Nael Abu-Ghazaleh \n\nVirt
 ual: https://events.vtools.ieee.org/m/485364
LOCATION:Virtual: https://events.vtools.ieee.org/m/485364
ORGANIZER:pendyala@ieee.org
SEQUENCE:65
SUMMARY:Security and Privacy for Extended Reality Systems: Attacks and thre
 at models
URL;VALUE=URI:https://events.vtools.ieee.org/m/485364
X-ALT-DESC:Description: &lt;br /&gt;&lt;p&gt;Free Registration (with a Zoom account\; y
 ou can get one for free if you don&#39;t already have it. This requirement is 
 to avoid Zoom bombing. Please sign in using the email address tied to your
  Zoom account &amp;mdash\; not necessarily the one you used to register for th
 e event.):&amp;nbsp\;&lt;/p&gt;\n&lt;p&gt;&lt;a href=&quot;https://sjsu.zoom.us/meeting/register/v
 o5r9OqaSFuqKsuFcww7Cg&quot;&gt;https://sjsu.zoom.us/meeting/register/vo5r9OqaSFuqK
 suFcww7Cg&lt;/a&gt;&amp;nbsp\;&lt;/p&gt;\n&lt;p&gt;&lt;em&gt;&lt;strong&gt;Synopsis:&lt;br&gt;&lt;/strong&gt;&lt;/em&gt;&lt;/p&gt;\n
 &lt;p&gt;AR/VR devices promise a new era of immersive computing\, where our ever
 yday experience is augmented with helpful information (Augmented Reality)\
 , or where we are immersed in fully virtual worlds (Virtual Reality).&amp;nbsp
 \; These systems fuse the physical world and the virtual world through com
 puting resources to provide these immersive experiences rendered on the us
 er&#39;s headset.&amp;nbsp\; As a result\, it allows new opportunities for attacke
 rs to compromise the security and privacy of users that are not well under
 stood.&amp;nbsp\; Towards understanding the security and privacy challenges in
  these systems\, this talk presents a number of recent attacks we develope
 d on AR/VR systems.&amp;nbsp\; One threat model exploits the shared computing 
 resources used by multiple applications on a headset to extract informatio
 n through side channels\; we show attacks that spy on user activity or com
 promise privacy.&amp;nbsp\; Another threat model exploits the shared state amo
 ng multiple users in a multi-user application\, allowing malicious users t
 o inject compromised information or to recover information they are not al
 lowed to access.&amp;nbsp\; Other threat models include those that interfere w
 ith applications and cause the virtual model to become out of sync with th
 e physical world\, causing user motion sickness or bypassing safety guardr
 ails.&amp;nbsp\; &amp;nbsp\;I will conclude with a discussion of potential defense
 s and ways to build more secure AR/VR experiences.&lt;/p&gt;\n&lt;hr&gt;\n&lt;p class=&quot;Ms
 oNormal&quot;&gt;&lt;span style=&quot;font-size: 10pt\;&quot;&gt;&lt;em&gt;By registering for this event
 \, you agree that IEEE and the organizers are not liable to you for any lo
 ss\, damage\, injury\, or any incidental\, indirect\, special\, consequent
 ial\, or economic loss or damage (including loss of opportunity\, exemplar
 y or punitive damages). The event will be recorded and will be made availa
 ble for public viewing.&lt;/em&gt;&lt;/span&gt;&lt;/p&gt;
END:VEVENT
END:VCALENDAR