<?xml version="1.0" encoding="UTF-8"?><ns2:project xmlns:ns1="http://gtr.rcuk.ac.uk/gtr/api" xmlns:ns2="http://gtr.rcuk.ac.uk/gtr/api/project" xmlns:ns3="http://gtr.rcuk.ac.uk/gtr/api/fund" xmlns:ns4="http://gtr.rcuk.ac.uk/gtr/api/person" xmlns:ns5="http://gtr.rcuk.ac.uk/gtr/api/project/outcome" xmlns:ns6="http://gtr.rcuk.ac.uk/gtr/api/organisation" ns1:created="2026-06-22T07:57:45Z" ns1:href="http://gtr.ukri.org/gtr/api/projects/B8F9A573-129E-4544-8DF1-688A20F487F5" ns1:id="B8F9A573-129E-4544-8DF1-688A20F487F5"><ns1:links><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/persons/DEAC0135-AD0C-497C-A7F0-8B181992681C" ns1:rel="PM_PER"/><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/organisations/0C4E93CB-0227-4AFF-8823-F080425EB0F4" ns1:rel="LEAD_ORG"/><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/organisations/0C4E93CB-0227-4AFF-8823-F080425EB0F4" ns1:rel="PARTICIPANT_ORG"/><ns1:link ns1:end="2025-07-30T23:00:00Z" ns1:href="http://gtr.ukri.org/gtr/api/funds/F3BE02F6-4D66-4F32-8267-22890C660395" ns1:rel="FUND" ns1:start="2025-03-31T23:00:00Z"/></ns1:links><ns2:identifiers><ns2:identifier ns2:type="RCUK">10156776</ns2:identifier></ns2:identifiers><ns2:title>Threat Detection in XR Using Semantic and Behavioral Data</ns2:title><ns2:status>Closed</ns2:status><ns2:grantCategory>Collaborative R&amp;D</ns2:grantCategory><ns2:leadFunder>Innovate UK</ns2:leadFunder><ns2:abstractText>For companies developing sensitive XR applications that require safety and security, our product addresses the inadequate mobile-style authentication in XR headsets and the lack of XR-specific cybersecurity. We propose a monitoring solution that continuously analyses XR-specific-data to deliver **Endpoint detection and response**. Unlike competitors who repurpose cybersecurity solutions designed for Android smartphones (such as Guardsquare o Zimperium) our solution is purpose-built for XR devices.

The increasing adoption of XR technologies is underscored by the fact that Android, the world's most popular operating system, is preparing to release its XR version. This will enable a plethora of mobile manufacturers to develop XR devices, accelerating the XR/metaverse industry. The penetration of XR technologies into healthcare, manufacturing, and education is rapidly increasing, with the global XR market expected to reach $77.76 billion by 2025\. This growth underscores the critical need for robust cybersecurity systems to safeguard these applications and protect the workforce. Companies developing XR applications require convincing security solutions tailored to XR devices. However, the cybersecurity tools used in these cases are often repurposed from mobile, but the hardware and interaction paradigms of XR devices are fundamentally different from those of mobile and smartphone devices. Cybersecurity mechanisms, such as authentication are repurposed from mobile to XR environments and are more vulnerable to exploitation, such as shoulder surfing in augmented reality (AR). Additionally, user behaviour in XR differs significantly from traditional digital environments, as XR overlays information onto the real world and captures real-world actions---such as gestures, gazes, and movements---as inputs. These differences in behaviour highlight the need for endpoint detection to move beyond traditional methods, incorporating high level actions and spatial semantic.

Our project harnesses the unique capabilities of XR devices---tracking movements, gaze, and real-time environmental data---to introduce advanced security mechanisms beyond the scope of traditional mobile devices. By continuously analysing this rich multi-modal data, we enhance security via:

**Continuous Authentication:** Seamless and secure login through spatial sensors replacing passwords with robust, anthropometric-based authentication to improve user experience and prevent unauthorized access. 
**Dynamic Analysis Prevention:** Protecting XR applications from reverse engineering and tampering, safeguarding sensitive information and intellectual property. 
**Cyberattack Detection:** Monitoring virtual environments for manipulation or deceptive elements to detect and mitigate perceptual cyberattacks, ensuring a secure and trustworthy XR experience, as well as integrity and availability attacks that affect usability or user safety in immersive environments.</ns2:abstractText></ns2:project>