Privacy-Preserving Gaze Data Streaming in Immersive Interactive Virtual Reality: Robustness and User Experience

Eye tracking is routinely being incorporated into virtual reality (VR) systems. Prior research has shown that eye tracking data can be used for re-identification attacks. The state of our knowledge about currently existing privacy mechanisms is limited to privacy-utility trade-off curves based on da...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on visualization and computer graphics 2024-05, Vol.PP (5), p.1-12
Main Authors: Wilson, Ethan, Ibragimov, Azim, Proulx, Michael J., Tetali, Sai Deep, Butler, Kevin, Jain, Eakta
Format: Article
Language:English
Subjects:
Black boxes
Data transmission
Eye movements
eye tracking
Methodology
Performance evaluation
Performance measurement
Privacy
Threat models
Tracking
User experience
Virtual reality
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Eye tracking is routinely being incorporated into virtual reality (VR) systems. Prior research has shown that eye tracking data can be used for re-identification attacks. The state of our knowledge about currently existing privacy mechanisms is limited to privacy-utility trade-off curves based on data-centric metrics of utility, such as prediction error, and black-box threat models. We propose that for interactive VR applications, it is essential to consider user-centric notions of utility and a variety of threat models. We develop a methodology to evaluate real-time privacy mechanisms for interactive VR applications that incorporate subjective user experience and task performance metrics. We evaluate selected privacy mechanisms using this methodology and find that re-identification accuracy can be decreased to as low as 14% while maintaining a high usability score and reasonable task performance. Finally, we elucidate three threat scenarios (black-box, black-box with exemplars, and white-box) and assess how well the different privacy mechanisms hold up to these adversarial scenarios. This work advances the state of the art in VR privacy by providing a methodology for end-to-end assessment of the risk of re-identification attacks and potential mitigating solutions.
ISSN:1077-2626
1941-0506
DOI:10.1109/TVCG.2024.3372032