Detecting Abnormal Profiles in Collaborative Filtering Recommender Systems

Personalization collaborative filtering recommender systems (CFRSs) are the crucial components of popular e-commerce services. In practice, CFRSs are also particularly vulnerable to "shilling" attacks or "profile injection" attacks due to their openness. The attackers can carefully inject chosen attack profiles into CFRSs in order to bias the recommendation results to their benefits. To reduce this risk, various detection techniques have been proposed to detect such attacks, which use diverse features extracted from user profiles. However, relying on limited features to improve the detection performance is difficult seemingly, since the existing features can not fully characterize the attack profiles and genuine profiles. In this paper, we propose a novel detection method to make recommender systems resistant to the "shilling" attacks or "profile injection" attacks. The existing features can be briefly summarized as two aspects including rating behavior based and item distribution based. We firstly formulate the problem as finding a mapping model between rating behavior and item distribution by exploiting the least-squares approximate solution. Based on the trained model, we design a detector by employing a regressor to detect such attacks. Extensive experiments on both the MovieLens-100K and MovieLens-ml-latest-small datasets examine the effectiveness of our proposed detection method. Experimental results were included to validate the outperformance of our approach in comparison with benchmarked method including KNN.Comment: 13 pages, 7 figures. arXiv admin note: text overlap with arXiv:1506.04584, arXiv:1506.0524

Defending Grey Attacks by Exploiting Wavelet Analysis in Collaborative Filtering Recommender Systems

"Shilling" attacks or "profile injection" attacks have always major challenges in collaborative filtering recommender systems (CFRSs). Many efforts have been devoted to improve collaborative filtering techniques which can eliminate the "shilling" attacks. However, most of them focused on detecting push attack or nuke attack which is rated with the highest score or lowest score on the target items. Few pay attention to grey attack when a target item is rated with a lower or higher score than the average score, which shows a more hidden rating behavior than push or nuke attack. In this paper, we present a novel detection method to make recommender systems resistant to such attacks. To characterize grey ratings, we exploit rating deviation of item to discriminate between grey attack profiles and genuine profiles. In addition, we also employ novelty and popularity of item to construct rating series. Since it is difficult to discriminate between the rating series of attacker and genuine users, we incorporate into discrete wavelet transform (DWT) to amplify these differences based on the rating series of rating deviation, novelty and popularity, respectively. Finally, we respectively extract features from rating series of rating deviation-based, novelty-based and popularity-based by using amplitude domain analysis method and combine all clustered results as our detection results. We conduct a list of experiments on both the Book-Crossing and HetRec-2011 datasets in diverse attack models. Experimental results were included to validate the effectiveness of our approach in comparison with the benchmarked methods.Comment: 16 pages, 16 figure