RUP-GAN: A Black-Box Attack Method for Social Intelligence Recommendation Systems Based on Adversarial Learning

Cyber Physical Social Intelligence (CPSI) emphasizes the integration of social information and artificial system information from virtual spaces, enabling Social Intelligence Recommendation Systems (SIRS) to make intelligent decisions and optimizations based on more comprehensive data, thereby enhancing the accuracy of recommendations and user experience. However, as the combined application of CPSI and SIRS becomes increasingly widespread, they also face the risk of shilling attacks. Traditional shilling attacks are limited in terms of low stealthiness, specificity to certain systems, and generation of unrealistic fake profiles. In this paper, we propose a black-box attack method, Real User Preference Generative Adversarial Networks (RUP-GAN), based on adversarial learning. RUP-GAN optimizes the authenticity of user profiles and enhances the hit rate of target items within users' top-k recommendation lists. Through experiments conducted on real-world datasets, it has been proved that RUP-GAN surpasses baseline shilling attack methods in attack effectiveness, transferability, and invisibility. Our proposed model can effectively mitigate the risks posed by shilling attacks, and provide valuable insights for the defense research of CPSI and SIRS.