Faced with the evolving attacks in recommender systems, many detection features have been proposed by human engineering and used in supervised or unsupervised detection methods. However, the detection features extract...Faced with the evolving attacks in recommender systems, many detection features have been proposed by human engineering and used in supervised or unsupervised detection methods. However, the detection features extracted by human engineering are usually aimed at some specific types of attacks. To further detect other new types of attacks, the traditional methods have to re-extract detection features with high knowledge cost. To address these limitations, the method for automatic extraction of robust features is proposed and then an Adaboost-based detection method is presented. Firstly, to obtain robust representation with prior knowledge, unlike uniform corruption rate in traditional mLDA(marginalized Linear Denoising Autoencoder), different corruption rates for items are calculated according to the ratings’ distribution. Secondly, the ratings sparsity is used to weight the mapping matrix to extract low-dimensional representation. Moreover, the uniform corruption rate is also set to the next layer in mSLDA(marginalized Stacked Linear Denoising Autoencoder) to extract the stable and robust user features. Finally, under the robust feature space, an Adaboost-based detection method is proposed to alleviate the imbalanced classification problem. Experimental results on the Netflix and Amazon review datasets indicate that the proposed method can effectively detect various attacks.展开更多
With the rapid development of e-commerce, the security issues of collaborative filtering recommender systems have been widely investigated. Malicious users can benefit from injecting a great quantities of fake profile...With the rapid development of e-commerce, the security issues of collaborative filtering recommender systems have been widely investigated. Malicious users can benefit from injecting a great quantities of fake profiles into recommender systems to manipulate recommendation results. As one of the most important attack methods in recommender systems, the shilling attack has been paid considerable attention, especially to its model and the way to detect it. Among them, the loose version of Group Shilling Attack Generation Algorithm (GSAGenl) has outstanding performance. It can be immune to some PCC (Pearson Correlation Coefficient)-based detectors due to the nature of anti-Pearson correlation. In order to overcome the vulnerabilities caused by GSAGenl, a gravitation-based detection model (GBDM) is presented, integrated with a sophisticated gravitational detector and a decider. And meanwhile two new basic attributes and a particle filter algorithm are used for tracking prediction. And then, whether an attack occurs can be judged according to the law of universal gravitation in decision-making. The detection performances of GBDM, HHT-SVM, UnRAP, AP-UnRAP Semi-SAD,SVM-TIA and PCA-P are compared and evaluated. And simulation results show the effectiveness and availability of GBDM.展开更多
A collaborative filtering-based recommendation system has been an integral part of e-commerce and e-servicing.To keep the recommendation systems reliable,authentic,and superior,the security of these systems is very cr...A collaborative filtering-based recommendation system has been an integral part of e-commerce and e-servicing.To keep the recommendation systems reliable,authentic,and superior,the security of these systems is very crucial.Though the existing shilling attack detection methods in collaborative filtering are able to detect the standard attacks,in this paper,we prove that they fail to detect a new or unknown attack.We develop a new attack model,named Obscure attack,with unknown features and observed that it has been successful in biasing the overall top-N list of the target users as intended.The Obscure attack is able to push target items to the top-N list as well as remove the actual rated items from the list.Our proposed attack is more effective at a smaller number of k in top-k similar user as compared to other existing attacks.The effectivity of the proposed attack model is tested on the MovieLens dataset,where various classifiers like SVM,J48,random forest,and naïve Bayes are utilized.展开更多
Maliciously manufactured user profiles are often generated in batch for shilling attacks.These profiles may bring in a lot of quality problems but not worthy to be repaired.Since repairing data always be expensive,we ...Maliciously manufactured user profiles are often generated in batch for shilling attacks.These profiles may bring in a lot of quality problems but not worthy to be repaired.Since repairing data always be expensive,we need to scrutinize the data and pick out the data that really deserves to be repaired.In this paper,we focus on how to distinguish the unintentional data quality problems from the batch generated fake users for shilling attacks.A two-steps framework named DPIF is proposed for the distinguishment.Based on the framework,the metrics of homology and suspicious degree are proposed.The homology can be used to represent both the similarities of text and the data quality problems contained by different profiles.The suspicious degree can be used to identify potential attacks.The experiments on real-life data verified that the proposed framework and the corresponding metrics are effective.展开更多
Abstract Recommender systems (RS) have been found supportive and practical in e-commerce and been established as useful aiding services. Despite their great adoption in the user communities, RS are still vulnerable ...Abstract Recommender systems (RS) have been found supportive and practical in e-commerce and been established as useful aiding services. Despite their great adoption in the user communities, RS are still vulnerable to unscrupulous producers who try to promote their products by shilling the systems. With the advent of social networks new sources of information have been made available which can potentially render RS more resistant to attacks. In this paper we explore the information provided in the form of social links with clustering for diminishing the impact of attacks. We propose two algorithms, CLUTR and WCLUTR, to combine clustering with "trust" among users. We demonstrate that CLuTR and WCLUTR enhance the robustness of RS by experimentally evaluating them on data from a public consumer recommender system Epinions.com.展开更多
Uncovering shilling attackers hidden in recommender systems is very crucial to enhance the robustness and trustworthiness of product recommendation. Many shilling attack detection algorithms have been proposed so far,...Uncovering shilling attackers hidden in recommender systems is very crucial to enhance the robustness and trustworthiness of product recommendation. Many shilling attack detection algorithms have been proposed so far, and they exhibit complementary advantage and disadvantage towards various types of attackers. In this paper, we provide a thorough experimental comparison of several well-known detectors, including supervised C4.5 and NB, unsupervised PCA and MDS, semi-supervised HySAD methods, as well as statistical analysis methods. MovieLens 100K is the most widely-used dataset in the realm of shilling attack detection, and thus it is selected as the benchmark dataset. Meanwhile, seven types of shilling attacks generated by average-filling and random-filling model are compared in our experiments. As a result of our analysis, we show clearly causes and essential characteristics insider attackers that might determine the success or failure of different kinds of detectors.展开更多
The existing collaborative recommendation algorithms have lower robustness against shilling attacks.With this problem in mind,in this paper we propose a robust collaborative recommendation algorithm based on k-distanc...The existing collaborative recommendation algorithms have lower robustness against shilling attacks.With this problem in mind,in this paper we propose a robust collaborative recommendation algorithm based on k-distance and Tukey M-estimator.Firstly,we propose a k-distancebased method to compute user suspicion degree(USD).The reliable neighbor model can be constructed through incorporating the user suspicion degree into user neighbor model.The influence of attack profiles on the recommendation results is reduced through adjusting similarities among users.Then,Tukey M-estimator is introduced to construct robust matrix factorization model,which can realize the robust estimation of user feature matrix and item feature matrix and reduce the influence of attack profiles on item feature matrix.Finally,a robust collaborative recommendation algorithm is devised by combining the reliable neighbor model and robust matrix factorization model.Experimental results show that the proposed algorithm outperforms the existing methods in terms of both recommendation accuracy and robustness.展开更多
Collaborative filtering (CF) is a technique commonly used for personalized recommendation and Web service quality-of-service (QoS) prediction. However, CF is vulnerable to shilling attackers who inject fake user profi...Collaborative filtering (CF) is a technique commonly used for personalized recommendation and Web service quality-of-service (QoS) prediction. However, CF is vulnerable to shilling attackers who inject fake user profiles into the system. In this paper, we first present the shilling attack problem on CF-based QoS recommender systems for Web services. Then, a robust CF recommendation approach is proposed from a user similarity perspective to enhance the resistance of the recommender systems to the shilling attack. In the approach, the generally used similarity measures are analyzed, and the DegSim (the degree of similarities with top k neighbors) with those measures is selected for grouping and weighting the users. Then, the weights are used to calculate the service similarities/differences and predictions. We analyzed and evaluated our algorithms using WS-DREAM and Movielens datasets. The experimental results demonstrate that shilling attacks influence the prediction of QoS values, and our proposed features and algorithms achieve a higher degree of robustness against shilling attacks than the typical CF algorithms.展开更多
The existing recommendation algorithms have lower robustness in facing of shilling attacks. Considering this problem, we present a robust recommendation algorithm based on kernel principal component analysis and fuzzy...The existing recommendation algorithms have lower robustness in facing of shilling attacks. Considering this problem, we present a robust recommendation algorithm based on kernel principal component analysis and fuzzy c-means clustering. Firstly, we use kernel principal component analysis method to reduce the dimensionality of the original rating matrix, which can extract the effective features of users and items. Then, according to the dimension-reduced rating matrix and the high correlation characteristic between attack profiles, we use fuzzy c-means clustering method to cluster user profiles, which can realize the effective separation of genuine profiles and attack profiles. Finally, we construct an indicator function based on the attack detection results to decrease the influence of attack profiles on the recommendation, and incorporate it into the matrix factorization technology to design the corresponding robust recommendation algorithm. Experiment results indicate that the proposed algorithm is superior to the existing methods in both recommendation accuracy and robustness.展开更多
This paper asks a new question: how can we control the collective behavior of self-organized multi-agent systems? We try to answer the question by proposing a new notion called 'Soft Control' which keeps the local...This paper asks a new question: how can we control the collective behavior of self-organized multi-agent systems? We try to answer the question by proposing a new notion called 'Soft Control' which keeps the local rule of the existing agents in the system. We show the feasibility of soft control by a case study. Consider the simple but typical distributed multi-agent model proposed by Vicsek et al. for flocking of birds: each agent moves with the same speed but with different headings which are updated using a local rule based on the average of its own heading and the headings of its neighbors. Most studies of this model are about the self-organized collective behavior, such as synchronization of headings. We want to intervene in the collective behavior (headings) of the group by soft control. A specified method is to add a special agent, called a 'Shill', which can be controlled by us but is treated as an ordinary agent by other agents. We construct a control law for the shill so that it can synchronize the whole group to an objective heading. This control law is proved to be effective analytically and numerieally. Note that soft control is different from the approach of distributed control. It is a natural way to intervene in the distributed systems. It may bring out many interesting issues and challenges on the control of complex systems.展开更多
基金supported by the National Natural Science Foundation of China [Nos. 61772452, 61379116]the Scientific and Technological Innovation Programs of Higher Education Institutions in Shanxi [No.2019L0847]the Natural Science Foundation of Hebei Province, China [No. F2015203046]
文摘Faced with the evolving attacks in recommender systems, many detection features have been proposed by human engineering and used in supervised or unsupervised detection methods. However, the detection features extracted by human engineering are usually aimed at some specific types of attacks. To further detect other new types of attacks, the traditional methods have to re-extract detection features with high knowledge cost. To address these limitations, the method for automatic extraction of robust features is proposed and then an Adaboost-based detection method is presented. Firstly, to obtain robust representation with prior knowledge, unlike uniform corruption rate in traditional mLDA(marginalized Linear Denoising Autoencoder), different corruption rates for items are calculated according to the ratings’ distribution. Secondly, the ratings sparsity is used to weight the mapping matrix to extract low-dimensional representation. Moreover, the uniform corruption rate is also set to the next layer in mSLDA(marginalized Stacked Linear Denoising Autoencoder) to extract the stable and robust user features. Finally, under the robust feature space, an Adaboost-based detection method is proposed to alleviate the imbalanced classification problem. Experimental results on the Netflix and Amazon review datasets indicate that the proposed method can effectively detect various attacks.
基金supported by the National Natural Science Foundation of P.R.China(No.61672297)the Key Research and Development Program of Jiangsu Province(Social Development Program,No.BE2017742)+1 种基金The Sixth Talent Peaks Project of Jiangsu Province(No.DZXX-017)Jiangsu Natural Science Foundation for Excellent Young Scholar(No.BK20160089)
文摘With the rapid development of e-commerce, the security issues of collaborative filtering recommender systems have been widely investigated. Malicious users can benefit from injecting a great quantities of fake profiles into recommender systems to manipulate recommendation results. As one of the most important attack methods in recommender systems, the shilling attack has been paid considerable attention, especially to its model and the way to detect it. Among them, the loose version of Group Shilling Attack Generation Algorithm (GSAGenl) has outstanding performance. It can be immune to some PCC (Pearson Correlation Coefficient)-based detectors due to the nature of anti-Pearson correlation. In order to overcome the vulnerabilities caused by GSAGenl, a gravitation-based detection model (GBDM) is presented, integrated with a sophisticated gravitational detector and a decider. And meanwhile two new basic attributes and a particle filter algorithm are used for tracking prediction. And then, whether an attack occurs can be judged according to the law of universal gravitation in decision-making. The detection performances of GBDM, HHT-SVM, UnRAP, AP-UnRAP Semi-SAD,SVM-TIA and PCA-P are compared and evaluated. And simulation results show the effectiveness and availability of GBDM.
基金Funding is provided by Taif University Researchers Supporting Project number(TURSP-2020/10),Taif University,Taif,Saudi Arabia.
文摘A collaborative filtering-based recommendation system has been an integral part of e-commerce and e-servicing.To keep the recommendation systems reliable,authentic,and superior,the security of these systems is very crucial.Though the existing shilling attack detection methods in collaborative filtering are able to detect the standard attacks,in this paper,we prove that they fail to detect a new or unknown attack.We develop a new attack model,named Obscure attack,with unknown features and observed that it has been successful in biasing the overall top-N list of the target users as intended.The Obscure attack is able to push target items to the top-N list as well as remove the actual rated items from the list.Our proposed attack is more effective at a smaller number of k in top-k similar user as compared to other existing attacks.The effectivity of the proposed attack model is tested on the MovieLens dataset,where various classifiers like SVM,J48,random forest,and naïve Bayes are utilized.
基金The work is supported by the National Natural Science Foundation of China(Nos.61702220,61702223,61871140,61572153,61572492,U1636215)the National Key Research and Development Plan(Grant Nos.2018YEB1004003,2018YFB0803504).
文摘Maliciously manufactured user profiles are often generated in batch for shilling attacks.These profiles may bring in a lot of quality problems but not worthy to be repaired.Since repairing data always be expensive,we need to scrutinize the data and pick out the data that really deserves to be repaired.In this paper,we focus on how to distinguish the unintentional data quality problems from the batch generated fake users for shilling attacks.A two-steps framework named DPIF is proposed for the distinguishment.Based on the framework,the metrics of homology and suspicious degree are proposed.The homology can be used to represent both the similarities of text and the data quality problems contained by different profiles.The suspicious degree can be used to identify potential attacks.The experiments on real-life data verified that the proposed framework and the corresponding metrics are effective.
文摘Abstract Recommender systems (RS) have been found supportive and practical in e-commerce and been established as useful aiding services. Despite their great adoption in the user communities, RS are still vulnerable to unscrupulous producers who try to promote their products by shilling the systems. With the advent of social networks new sources of information have been made available which can potentially render RS more resistant to attacks. In this paper we explore the information provided in the form of social links with clustering for diminishing the impact of attacks. We propose two algorithms, CLUTR and WCLUTR, to combine clustering with "trust" among users. We demonstrate that CLuTR and WCLUTR enhance the robustness of RS by experimentally evaluating them on data from a public consumer recommender system Epinions.com.
文摘Uncovering shilling attackers hidden in recommender systems is very crucial to enhance the robustness and trustworthiness of product recommendation. Many shilling attack detection algorithms have been proposed so far, and they exhibit complementary advantage and disadvantage towards various types of attackers. In this paper, we provide a thorough experimental comparison of several well-known detectors, including supervised C4.5 and NB, unsupervised PCA and MDS, semi-supervised HySAD methods, as well as statistical analysis methods. MovieLens 100K is the most widely-used dataset in the realm of shilling attack detection, and thus it is selected as the benchmark dataset. Meanwhile, seven types of shilling attacks generated by average-filling and random-filling model are compared in our experiments. As a result of our analysis, we show clearly causes and essential characteristics insider attackers that might determine the success or failure of different kinds of detectors.
基金National Natural Science Foundation of China under Grant No.61379116,Natural Science Foundation of Hebei Province under Grant No.F2015203046 and No.F2013203124,Key Program of Research on Science and Technology of Higher Education Institutions of Hebei Province under Grant No.ZH2012028
文摘The existing collaborative recommendation algorithms have lower robustness against shilling attacks.With this problem in mind,in this paper we propose a robust collaborative recommendation algorithm based on k-distance and Tukey M-estimator.Firstly,we propose a k-distancebased method to compute user suspicion degree(USD).The reliable neighbor model can be constructed through incorporating the user suspicion degree into user neighbor model.The influence of attack profiles on the recommendation results is reduced through adjusting similarities among users.Then,Tukey M-estimator is introduced to construct robust matrix factorization model,which can realize the robust estimation of user feature matrix and item feature matrix and reduce the influence of attack profiles on item feature matrix.Finally,a robust collaborative recommendation algorithm is devised by combining the reliable neighbor model and robust matrix factorization model.Experimental results show that the proposed algorithm outperforms the existing methods in terms of both recommendation accuracy and robustness.
基金the Basic and Advanced Research Projects in Chongqing (cstc2015jcyjA40049)the National Natural Science Foundation of China (Grant No. 71102065)+1 种基金the Fundamental Research Funds for the Central Universities (106112014 CDJZR 095502)the China Scholarship Council.
文摘Collaborative filtering (CF) is a technique commonly used for personalized recommendation and Web service quality-of-service (QoS) prediction. However, CF is vulnerable to shilling attackers who inject fake user profiles into the system. In this paper, we first present the shilling attack problem on CF-based QoS recommender systems for Web services. Then, a robust CF recommendation approach is proposed from a user similarity perspective to enhance the resistance of the recommender systems to the shilling attack. In the approach, the generally used similarity measures are analyzed, and the DegSim (the degree of similarities with top k neighbors) with those measures is selected for grouping and weighting the users. Then, the weights are used to calculate the service similarities/differences and predictions. We analyzed and evaluated our algorithms using WS-DREAM and Movielens datasets. The experimental results demonstrate that shilling attacks influence the prediction of QoS values, and our proposed features and algorithms achieve a higher degree of robustness against shilling attacks than the typical CF algorithms.
基金Supported by the Scientific Research Foundation of Liaoning Provincial Education Department(L2015240)the National Natural Science Foundation of China(61379116,61503169)the Joint Fund of the Science and Technology Department of Liaoning Province(20170540448)
文摘The existing recommendation algorithms have lower robustness in facing of shilling attacks. Considering this problem, we present a robust recommendation algorithm based on kernel principal component analysis and fuzzy c-means clustering. Firstly, we use kernel principal component analysis method to reduce the dimensionality of the original rating matrix, which can extract the effective features of users and items. Then, according to the dimension-reduced rating matrix and the high correlation characteristic between attack profiles, we use fuzzy c-means clustering method to cluster user profiles, which can realize the effective separation of genuine profiles and attack profiles. Finally, we construct an indicator function based on the attack detection results to decrease the influence of attack profiles on the recommendation, and incorporate it into the matrix factorization technology to design the corresponding robust recommendation algorithm. Experiment results indicate that the proposed algorithm is superior to the existing methods in both recommendation accuracy and robustness.
基金This work was supported by the National Natural Science Foundation of China(No.20336040.No.60574068.and No.60221301).
文摘This paper asks a new question: how can we control the collective behavior of self-organized multi-agent systems? We try to answer the question by proposing a new notion called 'Soft Control' which keeps the local rule of the existing agents in the system. We show the feasibility of soft control by a case study. Consider the simple but typical distributed multi-agent model proposed by Vicsek et al. for flocking of birds: each agent moves with the same speed but with different headings which are updated using a local rule based on the average of its own heading and the headings of its neighbors. Most studies of this model are about the self-organized collective behavior, such as synchronization of headings. We want to intervene in the collective behavior (headings) of the group by soft control. A specified method is to add a special agent, called a 'Shill', which can be controlled by us but is treated as an ordinary agent by other agents. We construct a control law for the shill so that it can synchronize the whole group to an objective heading. This control law is proved to be effective analytically and numerieally. Note that soft control is different from the approach of distributed control. It is a natural way to intervene in the distributed systems. It may bring out many interesting issues and challenges on the control of complex systems.
