Developing A Model of the Dynamics of States of A Recommendation System Under Conditions of Profile Injection Attacks

The recommendation systems used to form a news feed in social networks or to create recommendation lists on content websites or Internet stores are often exposed to information profile injection attacks. These attacks are aimed at changing ratings, and thus at changing the frequency of appearing in recommendations, certain objects of a system. This can lead to threats to users' information security and losses of the system owners. There are methods to detect attacks in recommendation systems, but they require permanent repetitive checks of all users' profiles, which is a rather resource-intensive operation. At the same time, these methods do not contain any proposals as for determining the optimal frequency of attack checks. However, a properly chosen frequency of such checks will not overload a system too much and, at the same time, will provide an adequate level of its operational security.A mathematical model of the dynamics of states of a recommendation system under conditions of an information attack with the use of the mathematical apparatus of Markovian and semi-Markovian processes was developed. The developed model makes it possible to study the influence of profile injection attacks on recommendation systems, in particular, on their operation efficiency and amount of costs to ensure their information security. The practical application of the developed model enables calculating for recommendation systems the optimum frequency of information attack check, taking into consideration the damage from such attacks and costs of permanent inspections.Based on the developed mathematical model, the method for determining total costs of a recommendation system as a result of monitoring its own information security, neutralization of bot-networks activity and as a result of information attacks was proposed.A method for determining the optimal frequency of checking a recommendation system for information attacks to optimize the overall costs of a system was developed. The application of this method will enable the owners of websites with recommendation systems to minimize their financial costs to provide their information securit