Metaverse Security and Privacy Research: A Systematic Review

TL;DR

This systematic review analyzes a decade of research on metaverse security and privacy, highlighting recent trends, common approaches, and critical gaps in ensuring safe and trustworthy immersive environments.

Contribution

It provides a comprehensive overview of research methods, focuses, and gaps in metaverse security and privacy studies from 2013 to 2024.

Findings

Sharp increase in research activity in the last five years

Focus on practical, user-centered approaches

Predominant use of benchmarking and human experiments

Abstract

The rapid growth of metaverse technologies, including virtual worlds, augmented reality, and lifelogging, has accelerated their adoption across diverse domains. This rise exposes users to significant new security and privacy challenges due to sociotechnical complexity, pervasive connectivity, and extensive user data collection in immersive environments. We present a systematic review of the literature published between 2013 and 2024, offering a comprehensive analysis of how the research community has addressed metaverse-related security and privacy issues over the past decade. We organize the studies by method, examined the security and privacy properties, immersive components, and evaluation strategies. Our investigation reveals a sharp increase in research activity in the last five years, a strong focus on practical and user-centered approaches, and a predominant use of benchmarking, human experimentation, and qualitative methods. Authentication and unobservability are the most frequently studied properties. However, critical gaps remain in areas such as policy compliance, accessibility, interoperability, and back-end infrastructure security. We emphasize the intertwined technical complexity and human factors of the metaverse and call for integrated, interdisciplinary approaches to securing inclusive and trustworthy immersive environments.