Eye tracking is routinely being incorporated into virtual reality (VR) systems. Prior research has shown that eye tracking data, if exposed, can be used for re-identification attacks. The state of our knowledge about currently existing privacy mechanisms is limited to privacy-utility trade-off curves based on data-centric metrics of utility, such as prediction error, and black-box threat models. We propose that for interactive VR applications, it is essential to consider user-centric notions of utility and a variety of threat models. We develop a methodology to evaluate real-time privacy mechanisms for interactive VR applications that incorporate subjective user experience and task performance metrics. We evaluate selected privacy mechanisms using this methodology and find that re-identification accuracy can be decreased to as low as 14% while maintaining a high usability score and reasonable task performance. Finally, we elucidate three threat scenarios (black-box, black-box with exemplars, and white-box) and assess how well the different privacy mechanisms hold up to these adversarial scenarios. This work advances the state of the art in VR privacy by providing a methodology for end-to-end assessment of the risk of re-identification attacks and potential mitigating solutions.

翻译：眼动追踪正被常规性地集成到虚拟现实系统中。先前研究表明，若眼动数据被泄露，可能被用于重识别攻击。目前关于现有隐私机制的知识局限于基于数据效用指标（如预测误差）的隐私-效用权衡曲线及黑盒威胁模型。我们提出，对于交互式虚拟现实应用，必须考虑以用户为中心的效用概念及多样化的威胁模型。我们开发了一套评估交互式VR应用实时隐私机制的方法论，该框架整合了主观用户体验与任务绩效指标。运用此方法论评估选定的隐私机制后，发现可将重识别准确率降至14%，同时保持高可用性评分与合理任务绩效。最后，我们阐明了三种威胁场景（黑盒、含示例黑盒、白盒），并评估不同隐私机制对这些对抗性场景的抵御能力。本研究通过提供重识别攻击风险端到端评估方法及潜在缓解方案，推动了VR隐私领域的技术发展。