Data Poisoning Attacks against Differentially Private Recommender Systems

被引：11

作者：

Wadhwa, Soumya ^{[1
]}

Agrawal, Saurabh ^{[1
]}

Chaudhari, Harsh ^{[1
,2
]}

Sharma, Deepthi ^{[1
]}

Achan, Kannan ^{[1
]}

机构：

[1] Walmart Labs, Bangalore, Karnataka, India

[2] Indian Inst Sci, Bangalore, Karnataka, India

来源：

PROCEEDINGS OF THE 43RD INTERNATIONAL ACM SIGIR CONFERENCE ON RESEARCH AND DEVELOPMENT IN INFORMATION RETRIEVAL (SIGIR '20) | 2020年

关键词：

Data Poisoning; Shilling Attacks; Differential Privacy; Matrix Factorization; Collaborative Filtering; Recommender Systems;

D O I：

10.1145/3397271.3401301

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Recommender systems based on collaborative filtering are highly vulnerable to data poisoning attacks, where a determined attacker injects fake users with false user-item feedback, with an objective to either corrupt the recommender system or promote/demote a target set of items. Recently, differential privacy was explored as a defense technique against data poisoning attacks in the typical machine learning setting. In this paper, we study the effectiveness of differential privacy against such attacks on matrix factorization based collaborative filtering systems. Concretely, we conduct extensive experiments for evaluating robustness to injection of malicious user profiles by simulating common types of shilling attacks on real-world data and comparing the predictions of typical matrix factorization with differentially private matrix factorization.

引用

页码：1617 / 1620

页数：4

共 11 条

[1] The Algorithmic Foundations of Differential Privacy
Dwork, Cynthia
Roth, Aaron
[J]. FOUNDATIONS AND TRENDS IN THEORETICAL COMPUTER SCIENCE, 2013, 9 (3-4): : 211 - 406
[2] The MovieLens Datasets: History and Context
Harper, F. Maxwell
Konstan, Joseph A.
[J]. ACM TRANSACTIONS ON INTERACTIVE INTELLIGENT SYSTEMS, 2016, 5 (04)
[3] Hurley N., 2009, Proceedings of the third ACM conference on Recommender systems, P149, DOI DOI 10.1145/1639714.1639740
[4] Li B, 2016, ADV NEUR IN, V29
[5] Liu Ziqi, 2015, P 9 ACM C REC SYST, P171, DOI DOI 10.1145/2792838.2800191
[6] Ma YZ, 2019, PROCEEDINGS OF THE TWENTY-EIGHTH INTERNATIONAL JOINT CONFERENCE ON ARTIFICIAL INTELLIGENCE, P4732
[7] Attacking Item-Based Recommender Systems with Power Items
Seminario, Carlos E.
Wilson, David C.
[J]. PROCEEDINGS OF THE 8TH ACM CONFERENCE ON RECOMMENDER SYSTEMS (RECSYS'14), 2014, : 57 - 64
[8] Steinhardt J, 2017, ADV NEUR IN, V30
[9] Wang YX, 2015, PR MACH LEARN RES, V37, P2493
[10] Detecting abnormal profiles in collaborative filtering recommender systems
Yang, Zhihai
Cai, Zhongmin
[J]. JOURNAL OF INTELLIGENT INFORMATION SYSTEMS, 2017, 48 (03) : 499 - 518

← 1 2 →