Preventing shilling attacks in online recommender systems
read more
Citations
Recommender systems survey
Evaluating Recommendation Systems
Toward trustworthy recommender systems: An analysis of attack models and algorithm robustness
Comparison of collaborative filtering algorithms: Limitations of current techniques and proposals for scalable, high-performance recommender systems
Shilling attacks against recommender systems: a comprehensive survey
References
Item-based collaborative filtering recommendation algorithms
GroupLens: an open architecture for collaborative filtering of netnews
Industry Report: Amazon.com Recommendations: Item-to-Item Collaborative Filtering.
Amazon.com recommendations: item-to-item collaborative filtering
Social information filtering: algorithms for automating “word of mouth”
Related Papers (5)
Frequently Asked Questions (11)
Q2. What is the effect of using this modification in a user-based collaborative filtering algorithm?
Since the probability for regular users is almost 0, and for attackers is almost 1, the effect of using this modification in a user-based collaborative filtering algorithm is to practically filter out malicious users from making recommendations, while reducing the influence of users with special preferences.
Q3. What are the popular types of algorithms for collaborative filtering?
The most popular types of algorithms for collaborative filtering (CF) are user-based and item-based:1. User-based algorithms build for each user a neighborhood of users with similar opinions (i.e., ratings) in the system.
Q4. What is the overhead for the recommender system?
The only overhead for the recommender system would be to take the shilling probability into account when computing the recommendation list.
Q5. What is the reasoning behind the Random Bot attack?
The intuition behind this is that making random ratings within a certain average interval will allow the attacker to have a high influence in making predictions for other users.
Q6. What is the main idea behind the Random Bot attack?
The authors think that zero-knowledge attacks such as the Random Bot are particularly interesting, since for the other attacks, recommender systems administrators could increase the privacy of user profiles using cryptographic means [6, 10, 2], thus falling back to the zero-knowledge ones.
Q7. What is the RDMA for a large scale attack?
when the attackers give a rating centered around 3.6 to the items outside the target set, users that only expressed extreme like (the maximum rating) or utter dislike (the minimum rating) have an increased RDMA for a large-scale attack.
Q8. Why is RDMA higher for a large attack?
This is partially because an attack of such a large size is enough to radically increase the average rating for the target items, so that regular users who rated these items with the minimum rating get in this case an increased RDMA.
Q9. What is the effect of a button on a web based recommender system?
In an on-line web based recommender system, the authors can provide the user with an additional button to be pressed foractivating protection against shilling attackers.
Q10. What is the argument that a collaborative filtering system should not be perceived as malicious?
attackers in a collaborative filtering based recommender system should not necessarily be perceived as malicious by the other users, since the process of giving ratings to items is mostly a question of taste.
Q11. How many users have a 0 shilling probability?
Lines 8-12 assign a 0 shilling probability for users having less than the average RDMA and use function f to compute the shilling probability for the other users.