Graduation Semester and Year
Spring 2026
Language
English
Document Type
Thesis
Degree Name
Master of Science in Computer Science
Department
Computer Science and Engineering
First Advisor
Jiayi Meng
Second Advisor
Faysal Shezan
Third Advisor
Ming LI
Abstract
Standalone virtual reality headsets integrate multiple sensors and cameras whose runtime behavior is not transparently documented, creating potential privacy and security risks that are difficult to audit using existing tools. The relationship between software feature activation and the underlying hardware engaged at runtime remains opaque, limiting the ability of users and researchers to assess what data is being collected and when.
This thesis presents XRMonitor, a unified framework for monitoring and analyzing sensor activation behavior and network traffic on Meta Quest devices. The framework is motivated by the lack of transparency in how standalone XR devices engage their hardware sensors and communicate with external infrastructure. To address this, XRMonitor provides simultaneous observation of internal device activity and external communication patterns through two parallel data collection pipelines: system-level event capture via the Android Debug Bridge, and packet-level network traffic interception via a controlled gateway. A Preprocessing pipeline then normalizes the heterogeneous data streams into structured, temporally aligned representations. Finally, an analysis engine characterizes communication behavior through rate estimation, directional traffic decomposition, and distributional analysis.
Experimental evaluation reveals that sensor activation does not always align with user-granted permissions, and that certain sensors activate during device startup regardless of user interaction or application state. These findings demonstrate that XRMonitor successfully surfaces non-obvious sensor engagement patterns that would otherwise remain hidden at the system level, providing a reproducible methodology for assessing the privacy and security implications of sensor and network activity on standalone XR devices.
Keywords
privacy, security, sensor, network activity, Virtual reality, VR, XR, XRmonitor, device
Disciplines
Computer and Systems Architecture
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Recommended Citation
Siripurapu, Gayatri Sravya, "BEYOND PERMISSIONS: A PRIVACY AND SECURITY ANALYSIS OF SENSOR AND NETWORK ACTIVITY ON XR DEVICES USING XRMONITOR" (2026). Computer Science and Engineering Theses - Archive. 544.
https://mavmatrix.uta.edu/cse_theses/544