Attacking item-based recommender systems with power items

Recommender Systems (RS) are vulnerable to attack by malicious users who intend to bias the recommendations for their own benefit. Research in this area has developed attack models, detection methods, and mitigation schemes to understand and protect against such attacks. For Collaborative Filtering RSs, model-based approaches such as item-based and matrix-factorization were found to be more robust to many types of attack. Advice in designing for system robustness has thus been to employ model-based approaches. Our recent work with the Power User Attack (PUA), however, determined that attackers disguised as influential users can successfully attack (from the attacker's viewpoint) SVD-based recommenders, as well as user-based. But item-based systems remained robust to the PUA. In this paper we investigate a new, complementary attack model, the Power Item Attack (PIA), that uses influential items to successfully attack RSs. We show that the PIA is able to impact not only user-based and SVD-based recommenders but also the heretofore highly robust item-based approach, using a novel multi-target attack vector.

[1]  John Riedl,et al.  Shilling recommender systems for fun and profit , 2004, WWW '04.

[2]  David C. Wilson,et al.  Assessing Impacts of a Power User Attack on a Matrix Factorization Collaborative Recommender System , 2014, FLAIRS.

[3]  Neil J. Hurley,et al.  Robust Collaborative Recommendation , 2011, Recommender Systems Handbook.

[4]  John Riedl,et al.  An algorithmic framework for performing collaborative filtering , 1999, SIGIR '99.

[5]  Josep Lluís de la Rosa i Esteva,et al.  Collaboration Analysis in Recommender Systems Using Social Networks , 2004, CIA.

[6]  Bhaskar Mehta,et al.  Attack resistant collaborative filtering , 2008, SIGIR '08.

[7]  David C. Wilson,et al.  When power users attack: assessing impacts in collaborative recommender systems , 2013, RecSys.

[8]  Bhaskar Mehta,et al.  Unsupervised strategies for shilling detection and robust collaborative filtering , 2009, User Modeling and User-Adapted Interaction.

[9]  Laks V. S. Lakshmanan,et al.  RecMax: exploiting recommender systems for fun and profit , 2012, KDD.

[10]  Bamshad Mobasher,et al.  Model-Based Collaborative Filtering as a Defense against Profile Injection Attacks , 2006, AAAI.

[11]  Neil J. Hurley,et al.  Promoting Recommendations: An Attack on Collaborative Filtering , 2002, DEXA.

[12]  John Riedl,et al.  Item-based collaborative filtering recommendation algorithms , 2001, WWW '01.

[13]  George Karypis,et al.  A Comprehensive Survey of Neighborhood-based Recommendation Methods , 2011, Recommender Systems Handbook.

[14]  David C. Wilson,et al.  Evil Twins: Modeling Power Users in Attacks on Recommender Systems , 2014, UMAP.

[15]  Bamshad Mobasher,et al.  Segment-based injection attacks against collaborative filtering recommender systems , 2005, Fifth IEEE International Conference on Data Mining (ICDM'05).

[16]  Stanley Wasserman,et al.  Social Network Analysis: Methods and Applications , 1994, Structural analysis in the social sciences.

[17]  Bamshad Mobasher,et al.  Towards Trustworthy Recommender Systems : An Analysis of Attack Models and Algorithm Robustness , 2007 .

[18]  Jonathan L. Herlocker,et al.  Evaluating collaborative filtering recommender systems , 2004, TOIS.

[19]  Bamshad Mobasher,et al.  Defending recommender systems: detection of profile injection attacks , 2007, Service Oriented Computing and Applications.

[20]  Zunping Cheng,et al.  Statistical attack detection , 2009, RecSys '09.