Advanced Persistent Social Engineering Using M-to-N Cybernetic Avatar Operation and Consideration of Countermeasures
摘要
In the future, the advancement of tangible avatars is expected to enable bodily transformation and enhance physical abilities in the real world. In such an avatar-symbiotic society, not only the traditional “1-to-1 avatar operation,” in which one person controls a single avatar, but also novel forms of control—such as “M-to-1 avatar operation” (multiple users controlling one avatar) and “1-to-N avatar operation” (a single user controlling multiple avatars)—will also become feasible. However, the bodily augmentation enabled by “M-to-1 avatar operation” and “1-to-N avatar operation” (hereafter collectively referred to as “M-to-N avatar operation”) is a double-edged sword; while it empowers legitimate users, it also enhances the capabilities of attackers. If malicious actors exploit M-to-N avatar operation, various forms of attacks may become significantly more advanced. In this study, we focused on social engineering enabled by M-to-N avatar operation. Typically, M-to-1 avatar operation could allow multiple attackers to impersonate a single avatar with highly advanced attack capabilities, and 1-to-N avatar operation could enable a single attacker to impersonate multiple individuals and conduct “deepfake video call scams.” These types of attacks are referred to in prior studies as Advanced Persistent Social Engineering (APSE). Given these risks, it is essential for an avatar-symbiotic society to implement mechanisms capable of determining whether an avatar is being controlled through M-to-N avatar operation, particularly as a defense against APSE. This technological shift calls for an extension of the traditional Turing Test into an M-to-N Turing Test. In light of this context, this paper explores a method for the automatic detection of M-to-N avatar operation.