Shilling attack based on item popularity and rated item correlation against collaborative filtering
- PDF / 3,163,600 Bytes
- 13 Pages / 595.276 x 790.866 pts Page_size
- 95 Downloads / 235 Views
ORIGINAL ARTICLE
Shilling attack based on item popularity and rated item correlation against collaborative filtering Keke Chen1 · Patrick P. K. Chan1 · Fei Zhang2 · Qiaoqiao Li1 Received: 7 May 2018 / Accepted: 28 July 2018 © Springer-Verlag GmbH Germany, part of Springer Nature 2018
Abstract Although collaborative filtering achieves satisfying performance in recommender systems, many studies suggest that it is vulnerable by shilling attack aimed to manipulate the recommending frequency of a target item by injecting malicious user profiles. The existing attack methods usually generate malicious profiles by rating the item selected randomly. However, as these rating patterns are different from the real users, who have their own preferences on items, these attack methods can be easily detected by shilling attack detection, which significantly reduces the attack ability. Although some attack methods consider disguise ability, these methods require too much information from real users. This study proposes a shilling attack which generates malicious samples with strong attack ability and similarity to real users. To imitate the rating behavior of genuine users, our attack model considers both rated item correlation and item popularity when choosing items to rate. The profiles generated by our attack model is expected to be more similar to real user profiles, which increases the disguise ability. We also investigate whether and how rated item correlation of real user profiles is different from the ones generated by our method and the existing shilling attack. The experimental results confirm that our method achieves the highest attack ability after removing the suspected profiles identified by PCA-based and SVM-based shilling attack detection. The study confirms the correlation of rated item is a critical factor of the robustness of recommender systems. Keywords Recommender systems · Collaborative filtering · Shilling attack · Rated item correlation
1 Introduction Making suitable recommendations to users is a challenging problem, especially in the era of big data. Collaborative filtering (CF) is a popular recommender system which makes recommendation to a user, by analyzing the preferences of other users similar to the target user in a database [1, 2]. Although CF achieves satisfying results in many * Patrick P. K. Chan [email protected] Keke Chen [email protected] Fei Zhang [email protected] Qiaoqiao Li [email protected] 1
School of Computer Science and Engineering, South China University of Technology, Guangzhou, China
College of Computer and Information Engineering, Henan Normal University, Xinxiang, China
2
applications [3–5], some studies [6, 7] indicate that CF is vulnerable in an adversarial environment, in which an adversary misleads recommendation suggested by a system on purpose by manipulating user profiles. Shilling attack [8] is a common attack strategy against the recommender systems. The attack aims to increase (push attack) or decrease (nuke attack) the frequency of recommending a target ite
Data Loading...
