Abstract

Cloud gaming offloads game execution to remote servers and streams interactive content to thin clients, shifting trust boundaries to remote execution, latency-sensitive traffic, and multi-tenant infrastructure — yet its cybersecurity and privacy implications remain insufficiently understood. We conduct a systematic literature review (SLR) of cybersecurity and privacy challenges in cloud gaming, searching Web of Science, IEEE Xplore, and Scopus and retaining 28 primary studies published between 2015 and 2025. Challenges cluster into four areas: architectural risks, network/transmission threats, platform and user-level issues, and privacy/data protection. Building on these findings, we apply the STRIDE threat modeling framework to synthesize the extracted challenges into a consistent threat vocabulary. Elevation of Privilege emerges as the most prevalent threat category (n=10), concentrated in architectural findings, followed by Information Disclosure (n=6) and Denial of Service (n=4) in operational layers. This distribution provides organizations with a basis for prioritizing security investments, operationalized through a practical threat mapping that links each STRIDE category to representative attack scenarios and security controls.

Download

Share

COinS