With the breakthrough of AI technologies, the global metaverse industry is evolving at an accelerated pace, and holds broad application prospects and development potential in the future. However, as a shared space constructed by a vast number of diversified users, the metaverse deeply integrates and virtually presents the real world, facing entirely new challenges in system security, data security, spatial security, and social security. We systematically review the metaverse security from the perspectives of security threats and protection technologies, and propose a security-oriented four-layer security architecture composed of perception layer, connection layer, supporting technologies layer, and virtual applications layer. These four layers respectively face typical threats such as identity theft, communication protocol vulnerabilities, algorithm model attacks, and virtual application exploits. In response to these threats, the corresponding protection technologies include identity authentication, secure communication protocols, model security, and virtual application security solutions. Meanwhile, new technologies such as artificial intelligence, blockchain, and edge computing are widely applied in the metaverse, giving rise to new problems such as AI algorithm bias and legal-ethical risks. This paper explores corresponding solutions, aiming to provide theoretical support for the improvement of the security architecture. Finally, future research directions in metaverse security are summarised and prospected.
Xie et al. (Thu,) studied this question.