{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T15:28:59Z","timestamp":1773156539794,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":64,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,4,12]],"date-time":"2024-04-12T00:00:00Z","timestamp":1712880000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62032025"],"award-info":[{"award-number":["62032025"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"COMP Department Start-up Fund of Hong Kong Baptist University"},{"name":"SD\/COMP Joint Research Scheme","award":["P0042739"],"award-info":[{"award-number":["P0042739"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,4,12]]},"DOI":"10.1145\/3597503.3639082","type":"proceedings-article","created":{"date-parts":[[2024,4,12]],"date-time":"2024-04-12T16:43:26Z","timestamp":1712940206000},"page":"1-13","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":15,"title":["An Empirical Study on Oculus Virtual Reality Applications: Security and Privacy Perspectives"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5687-2655","authenticated-orcid":false,"given":"Hanyang","family":"Guo","sequence":"first","affiliation":[{"name":"Department of Computer Science, Hong Kong Baptist University, Hong Kong, Hong Kong"},{"name":"School of Software Engineering, Sun Yat-Sen University, Zhuhai, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6165-4196","authenticated-orcid":false,"given":"Hong-Ning","family":"Dai","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Hong Kong Baptist University, Hong Kong, Hong Kong"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9082-3208","authenticated-orcid":false,"given":"Xiapu","family":"Luo","sequence":"additional","affiliation":[{"name":"Department of Computing, The Hong Kong Polytechnic University, Hong Kong, Hong Kong"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7878-4330","authenticated-orcid":false,"given":"Zibin","family":"Zheng","sequence":"additional","affiliation":[{"name":"School of Software Engineering, Sun Yat-Sen University, Zhuhai, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-7221-7845","authenticated-orcid":false,"given":"Gengyang","family":"Xu","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Hong Kong Baptist University, Hong Kong, Hong Kong"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-1248-1539","authenticated-orcid":false,"given":"Fengliang","family":"He","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Hong Kong Baptist University, Hong Kong, Hong Kong"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,4,12]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2020. dnSpy. https:\/\/github.com\/dnSpy\/dnSpy"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.3390\/jcp2040039"},{"key":"e_1_3_2_1_3_1","volume-title":"PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play. In 28th USENIX Security Symposium (USENIX Security 19)","author":"Andow Benjamin","year":"2019","unstructured":"Benjamin Andow, Samin Yaseer Mahmud, Wenyu Wang, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Tao Xie. 2019. PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 585--602. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/andow"},{"key":"e_1_3_2_1_4_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Andow Benjamin","year":"2020","unstructured":"Benjamin Andow, Samin Yaseer Mahmud, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Serge Egelman. 2020. Actions Speak Louder than Words: Entity-Sensitive Privacy Policy and Data Flow Analysis with PoliCheck. In 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, 985--1002. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/andow"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/MPRV.2021.3115478"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2701415"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2594291.2594299"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.2196\/17134"},{"key":"e_1_3_2_1_9_1","unstructured":"GDPRWise BV. 2023. GDPRWise Policy Checker. https:\/\/gdprwise.eu\/policy-checker\/"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2019.2907942"},{"key":"e_1_3_2_1_11_1","volume-title":"Automated and Personalized Privacy Policy Extraction Under GDPR Consideration","author":"Chang Cheng","unstructured":"Cheng Chang, Huaxin Li, Yichi Zhang, Suguo Du, Hui Cao, and Haojin Zhu. 2019. Automated and Personalized Privacy Policy Extraction Under GDPR Consideration. In Wireless Algorithms, Systems, and Applications, Edoardo S. Biagioni, Yao Zheng, and Siyao Cheng (Eds.). Springer International Publishing, Cham, 43--54."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/VRW55335.2022.00040"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.56795\/fortech.v3i2.321"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2016.2548426"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCE-Berlin47944.2019.8966170"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/BigData.2018.8622115"},{"key":"e_1_3_2_1_17_1","unstructured":"Anthony Desnos and G Gueguen. 2018. Androguard documentation. https:\/\/androguard.readthedocs.io\/en\/latest\/"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3296957.3177153"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCES.2009.5383254"},{"key":"e_1_3_2_1_20_1","volume-title":"d.]. Unreal Engine. https:\/\/www.unrealengine.com\/","author":"Inc. Epic Games. [n.","year":"2023","unstructured":"Inc. Epic Games. [n. d.]. Unreal Engine. https:\/\/www.unrealengine.com\/ (2023, July 24)."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCS45141.2019.9065765"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2915339"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.26599\/BDMA.2022.9020047"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3546933"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.3390\/su14031246"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.engappai.2022.105581"},{"key":"e_1_3_2_1_27_1","unstructured":"Fortune Business Insights. 2023. Virtual Reality Market Size Share and COVID-19 Impact Analysis By Component (Hardware Software and Content) By Device Type (Head Mounted Display (HMD) VR Simulator VR Glasses Treadmills and Haptic Gloves and Others) By Industry (Gaming Entertainment Automotive Retail Healthcare Education Aerospace and Defense Manufacturing and Others) and Regional Forecast 2023-2030. https:\/\/www.fortunebusinessinsights.com\/industry-reports\/virtual-reality-market-101378"},{"key":"e_1_3_2_1_28_1","volume-title":"Seventeenth Symposium on Usable Privacy and Security (SOUPS 2021","author":"Kollnig Konrad","year":"2021","unstructured":"Konrad Kollnig, Pierre Dewitte, Max Van Kleek, Ge Wang, Daniel Omeiza, Helena Webb, and Nigel Shadbolt. 2021. A Fait Accompli? An Empirical Study into the Absence of Consent to Third-Party Tracking in Android Apps. In Seventeenth Symposium on Usable Privacy and Security (SOUPS 2021). USENIX Association, 181--196. https:\/\/www.usenix.org\/conference\/soups2021\/presentation\/kollnig"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/URTC51696.2020.9668870"},{"key":"e_1_3_2_1_30_1","volume-title":"A study on the intention and experience of using the metaverse. Jahr: Europski \u010dasopis za bioetiku 13, 1","author":"Lee Jungmi","year":"2022","unstructured":"Jungmi Lee. 2022. A study on the intention and experience of using the metaverse. Jahr: Europski \u010dasopis za bioetiku 13, 1 (2022), 177--192."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2970276.2970368"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM42981.2021.9488728"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1080\/1097198X.2019.1569186"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427250"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2896003"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3180445.3180450"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.3390\/encyclopedia2010031"},{"key":"e_1_3_2_1_38_1","volume-title":"Technologies, Applications, and Challenges. arXiv preprint arXiv:2111.09673","author":"Ning Huansheng","year":"2021","unstructured":"Huansheng Ning, Hang Wang, Yujia Lin, Wenxi Wang, Sahraoui Dhelim, Fadi Farha, Jianguo Ding, and Mahmoud Daneshmand. 2021. A Survey on Metaverse: the State-of-the-art, Technologies, Applications, and Challenges. arXiv preprint arXiv:2111.09673 (2021)."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","unstructured":"Fariha Nusrat Foyzul Hassan Hao Zhong and Xiaoyin Wang. 2021. How Developers Optimize Virtual Reality Applications: A Study of Optimization Commits in Open Source Unity Projects. In 2021 IEEE\/ACM 43rd International Conference on Software Engineering (ICSE). 473--485. 10.1109\/ICSE43902.2021.00052","DOI":"10.1109\/ICSE43902.2021.00052"},{"key":"e_1_3_2_1_40_1","volume-title":"Why Eve and Mallory Still Love Android: Revisiting TLS (In)Security in Android Applications. In 30th USENIX Security Symposium (USENIX Security 21)","author":"Oltrogge Marten","year":"2021","unstructured":"Marten Oltrogge, Nicolas Huaman, Sabrina Amft, Yasemin Acar, Michael Backes, and Sascha Fahl. 2021. Why Eve and Mallory Still Love Android: Revisiting TLS (In)Security in Android Applications. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 4347--4364. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/oltrogge"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3140175"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-49409-8_75"},{"key":"e_1_3_2_1_43_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Reardon Joel","year":"2019","unstructured":"Joel Reardon, \u00c1lvaro Feal, Primal Wijesekera, Amit Elazari Bar On, Narseo Vallina-Rodriguez, and Serge Egelman. 2019. 50 Ways to Leak Your Data: An Exploration of Apps' Circumvention of the Android Permissions System. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 603--620. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/reardon"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.5555\/2831143.2831203"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/MOBISECSERV.2019.8686583"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/NSysS.2017.7885802"},{"key":"e_1_3_2_1_47_1","volume-title":"Static and dynamic analysis of Android malware and goodware written with unity framework. Security and Communication Networks 2018","author":"Shim Jaewoo","year":"2018","unstructured":"Jaewoo Shim, Kyeonghwan Lim, Seong-je Cho, Sangchul Han, and Minkyu Park. 2018. Static and dynamic analysis of Android malware and goodware written with unity framework. Security and Communication Networks 2018 (2018)."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/DASC.2014.22"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4842-1500-5_2"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00101"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2808117.2808126"},{"key":"e_1_3_2_1_52_1","volume-title":"d.]. Unity documentation - 2d or 3d projects. https:\/\/docs.unity3d.com\/","author":"Technologies Unity","year":"2023","unstructured":"Unity Technologies. [n. d.]. Unity documentation - 2d or 3d projects. https:\/\/docs.unity3d.com\/ (2023, March 24)."},{"key":"e_1_3_2_1_53_1","volume-title":"OVRseen: Auditing Network Traffic and Privacy Policies in Oculus VR. In 31st USENIX Security Symposium (USENIX Security 22)","author":"Trimananda Rahmadi","year":"2022","unstructured":"Rahmadi Trimananda, Hieu Le, Hao Cui, Janice Tran Ho, Anastasia Shuba, and Athina Markopoulou. 2022. OVRseen: Auditing Network Traffic and Privacy Policies in Oculus VR. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA, 3789--3806. https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/trimananda"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN48605.2020.9206660"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/3555858.3555898"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102923"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1007\/s12599-020-00658-9"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46215.2023.10179301"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/3551349.3560512"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2018.00034"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/3472873.3472881"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813714"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/3324884.3416637"},{"key":"e_1_3_2_1_64_1","volume-title":"Playing Without Paying: Detecting Vulnerable Payment Verification in Native Binaries of Unity Mobile Games. In 31st USENIX Security Symposium (USENIX Security 22)","author":"Zuo Chaoshun","year":"2022","unstructured":"Chaoshun Zuo and Zhiqiang Lin. 2022. Playing Without Paying: Detecting Vulnerable Payment Verification in Native Binaries of Unity Mobile Games. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA, 3093--3110. https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/zuo"}],"event":{"name":"ICSE '24: IEEE\/ACM 46th International Conference on Software Engineering","location":"Lisbon Portugal","acronym":"ICSE '24","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering","IEEE CS","Faculty of Engineering of University of Porto"]},"container-title":["Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3597503.3639082","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3597503.3639082","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T22:49:11Z","timestamp":1750286951000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3597503.3639082"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,12]]},"references-count":64,"alternative-id":["10.1145\/3597503.3639082","10.1145\/3597503"],"URL":"https:\/\/doi.org\/10.1145\/3597503.3639082","relation":{},"subject":[],"published":{"date-parts":[[2024,4,12]]},"assertion":[{"value":"2024-04-12","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}