Virtual reality (VR) telepresence applications and the so-called "metaverse" promise to be the next major medium of human-computer interaction. However, with recent studies demonstrating the ease at which VR users can be profiled and deanonymized, metaverse platforms carry many of the privacy risks of the conventional internet (and more) while at present offering few of the defensive utilities that users are accustomed to having access to. To remedy this, we present the first known method of implementing an "incognito mode" for VR. Our technique leverages local differential privacy to quantifiably obscure sensitive user data attributes, with a focus on intelligently adding noise when and where it is needed most to maximize privacy while minimizing usability impact. Our system is capable of flexibly adapting to the unique needs of each VR application to further optimize this trade-off. We implement our solution as a universal Unity (C#) plugin that we then evaluate using several popular VR applications. Upon faithfully replicating the most well-known VR privacy attack studies, we show a significant degradation of attacker capabilities when using our solution.

翻译：虚拟现实（VR）远程呈现应用及所谓的"元宇宙"有望成为人机交互的下一个主要媒介。然而，近期研究表明VR用户极易被画像和去匿名化，元宇宙平台承载着传统互联网的诸多隐私风险（甚至更多），而目前所提供用户习惯使用的防御性工具却寥寥无几。为应对这一问题，我们首次提出在VR中实现"隐身模式"的已知方法。该技术利用本地差分隐私对敏感用户数据属性进行可量化的隐蔽处理，重点在于智能地在最需要的时间和位置添加噪声，以在最小化可用性影响的同时最大化隐私保护。我们的系统能够灵活适应每个VR应用的独特需求，进一步优化这一权衡。我们将该解决方案实现为通用Unity（C#）插件，并使用多个主流VR应用进行验证。通过忠实复现最著名的VR隐私攻击研究，我们证明使用该方案后攻击者的能力显著下降。