This work identifies a novel class of human-computer interaction security vulnerabilities in virtual reality (VR) systems: adversaries can distort users’ spatial perception—inducing cybersickness, misjudging obstacle positions, or causing collisions—by physically interfering with sensors (e.g., IMU or camera data) without accessing or modifying software. We first establish a systematic physical-layer attack framework tailored to VR devices and empirically validate three representative attack vectors across five mainstream commercial VR headsets. Leveraging sensor interference modeling, perceptual–psychological effect analysis, and controlled user studies, we design and implement a lightweight, deployable defense prototype. Our findings break from the conventional software-centric security paradigm, providing both theoretical foundations and practical solutions for physical-layer security in VR systems.

Virtual Reality (VR) techniques, serving as the bridge between the real and virtual worlds, have boomed and are widely used in manufacturing, remote healthcare, gaming, etc. Specifically, VR systems offer users immersive experiences that include both perceptions and actions. Various studies have demonstrated that attackers can manipulate VR software to influence users' interactions, including perception and actions. However, such attacks typically require strong access and specialized expertise. In this paper, we are the first to present a systematic analysis of physical attacks against VR systems and introduce False Reality, a new attack threat to VR devices without requiring access to or modification of their software. False Reality disturbs VR system services by tampering with sensor measurements, and further spoofing users' perception even inducing harmful actions, e.g., inducing dizziness or causing users to crash into obstacles, by exploiting perceptual and psychological effects. We formalize these threats through an attack pathway framework and validate three representative pathways via physical experiments and user studies on five commercial VR devices. Finally, we further propose a defense prototype to mitigate such threats. Our findings shall provide valuable insights for enhancing the security and resilience of future VR systems.