Abstract
Metaverse, as an evolving paradigm of the next-generation Internet, aims
to build a fully immersive, hyper spatiotemporal, and self-sustaining
virtual shared space for humans to play, work, and socialize. Driven by
recent advances in emerging technologies such as extended reality,
artificial intelligence, and blockchain, metaverse is stepping from
science fiction to an upcoming reality. However, severe privacy
invasions and security breaches (inherited from underlying technologies
or emerged in the new digital ecology) of metaverse can impede its wide
deployment. At the same time, a series of fundamental challenges (e.g.,
scalability and interoperability) can arise in metaverse security
provisioning owing to the intrinsic characteristics of metaverse, such
as immersive realism, hyper spatiotemporality, sustainability, and
heterogeneity. In this paper, we present a comprehensive survey of the
fundamentals, security, and privacy of metaverse. Specifically, we first
investigate a novel distributed metaverse architecture and its key
characteristics with ternary-world interactions. Then, we discuss the
security and privacy threats, present the critical challenges of
metaverse systems, and review the state-of-the-art countermeasures.
Finally, we draw open research directions for building future metaverse
systems.