2 research outputs found
Detecting Abnormal Profiles in Collaborative Filtering Recommender Systems
Personalization collaborative filtering recommender systems (CFRSs) are the
crucial components of popular e-commerce services. In practice, CFRSs are also
particularly vulnerable to "shilling" attacks or "profile injection" attacks
due to their openness. The attackers can carefully inject chosen attack
profiles into CFRSs in order to bias the recommendation results to their
benefits. To reduce this risk, various detection techniques have been proposed
to detect such attacks, which use diverse features extracted from user
profiles. However, relying on limited features to improve the detection
performance is difficult seemingly, since the existing features can not fully
characterize the attack profiles and genuine profiles. In this paper, we
propose a novel detection method to make recommender systems resistant to the
"shilling" attacks or "profile injection" attacks. The existing features can be
briefly summarized as two aspects including rating behavior based and item
distribution based. We firstly formulate the problem as finding a mapping model
between rating behavior and item distribution by exploiting the least-squares
approximate solution. Based on the trained model, we design a detector by
employing a regressor to detect such attacks. Extensive experiments on both the
MovieLens-100K and MovieLens-ml-latest-small datasets examine the effectiveness
of our proposed detection method. Experimental results were included to
validate the outperformance of our approach in comparison with benchmarked
method including KNN.Comment: 13 pages, 7 figures. arXiv admin note: text overlap with
arXiv:1506.04584, arXiv:1506.0524
Defending Grey Attacks by Exploiting Wavelet Analysis in Collaborative Filtering Recommender Systems
"Shilling" attacks or "profile injection" attacks have always major
challenges in collaborative filtering recommender systems (CFRSs). Many efforts
have been devoted to improve collaborative filtering techniques which can
eliminate the "shilling" attacks. However, most of them focused on detecting
push attack or nuke attack which is rated with the highest score or lowest
score on the target items. Few pay attention to grey attack when a target item
is rated with a lower or higher score than the average score, which shows a
more hidden rating behavior than push or nuke attack. In this paper, we present
a novel detection method to make recommender systems resistant to such attacks.
To characterize grey ratings, we exploit rating deviation of item to
discriminate between grey attack profiles and genuine profiles. In addition, we
also employ novelty and popularity of item to construct rating series. Since it
is difficult to discriminate between the rating series of attacker and genuine
users, we incorporate into discrete wavelet transform (DWT) to amplify these
differences based on the rating series of rating deviation, novelty and
popularity, respectively. Finally, we respectively extract features from rating
series of rating deviation-based, novelty-based and popularity-based by using
amplitude domain analysis method and combine all clustered results as our
detection results. We conduct a list of experiments on both the Book-Crossing
and HetRec-2011 datasets in diverse attack models. Experimental results were
included to validate the effectiveness of our approach in comparison with the
benchmarked methods.Comment: 16 pages, 16 figure