VMGuard: Reputation-Based Incentive Mechanism for Poisoning Attack Detection in Vehicular Metaverse

TL;DR

VMGuard tackles data poisoning in the vehicular Metaverse by embedding a four-layer defense around sensing data: reputation (via subjective logic and a public profile ledger), semantic data collection (reverse auction), digital twin rendering (real-time detection), and reputation backpropagation (VMU feedback). The framework centralizes reputation to deter misbehavior across VSPs, employs a vanishing-memory strategy to limit false positives, and uses a real-time feedback loop to adjust SIoT trust. Numerical results on the CARRADA-based scenario show reduced malicious data acceptance and improved resilience when reputation information is shared among VSPs, with mixed memory strategies offering the best defense under varying attack probabilities. Overall, VMGuard improves data integrity and QoS/QoE in the vehicular Metaverse by aligning economic incentives with truthful data provision, while preserving legitimate participants’ participation over time.

Abstract

The vehicular Metaverse represents an emerging paradigm that merges vehicular communications with virtual environments, integrating real-world data to enhance in-vehicle services. However, this integration faces critical security challenges, particularly in the data collection layer where malicious sensing IoT (SIoT) devices can compromise service quality through data poisoning attacks. The security aspects of the Metaverse services should be well addressed both when creating the digital twins of the physical systems and when delivering the virtual service to the vehicular Metaverse users (VMUs). This paper introduces vehicular Metaverse guard (VMGuard), a novel four-layer security framework that protects vehicular Metaverse systems from data poisoning attacks. Specifically, when the virtual service providers (VSPs) collect data about physical environment through SIoT devices in the field, the delivered content might be tampered. Malicious SIoT devices with moral hazard might have private incentives to provide poisoned data to the VSP to degrade the service quality (QoS) and user experience (QoE) of the VMUs. The proposed framework implements a reputation-based incentive mechanism that leverages user feedback and subjective logic modeling to assess the trustworthiness of participating SIoT devices. More precisely, the framework entails the use of reputation scores assigned to participating SIoT devices based on their historical engagements with the VSPs. Ultimately, we validate our proposed model using comprehensive simulations. Our key findings indicate that our mechanism effectively prevents the initiation of poisoning attacks by malicious SIoT devices. Additionally, our system ensures that reliable SIoT devices, previously missclassified, are not barred from participating in future rounds of the market.

Figures (6)

• Figure 1: Studied system for poisoning attacks in vehicular Metaverse ecosystem.
• Figure 3: General workflow of VMGuard.
• Figure 4: Detailed description of VMGuard framework.
• Figure 5: Acceptance rate of SIoT devices from different types with and without reputation mechanism.
• Figure 6: Average social welfare and successful attack rates in different scenarios. (a) probability of attack $P_{atk}=0.3$ (b) probability of attack $P_{atk}=0.6$ (c) probability of attack $P_{atk}=0.9$.