scispace - formally typeset
Search or ask a question
Book ChapterDOI

Strategies for Effective Shilling Attacks against Recommender Systems

13 May 2009-pp 111-125
TL;DR: This paper explores the importance of target item and filler items in mounting effective shilling attacks and proposes a new approach for creating attack strategies based on intelligent selection of filler items.
Abstract: One area of research which has recently gained importance is the security of recommender systems. Malicious users may influence the recommender system by inserting biased data into the system. Such attacks may lead to erosion of user trust in the objectivity and accuracy of the system. In this paper, we propose a new approach for creating attack strategies. Our paper explores the importance of target item and filler items in mounting effective shilling attacks. Unlike previous approaches, we propose strategies built specifically for user based and item based collaborative filtering systems. Our attack strategies are based on intelligent selection of filler items. Filler items are selected on the basis of the target item rating distribution. We show through experiments that our strategies are effective against both user based and item based collaborative filtering systems. Our approach is shown to provide substantial improvement in attack effectiveness over existing attack models.
Citations
More filters
Journal ArticleDOI
TL;DR: An overview of recommender systems as well as collaborative filtering methods and algorithms is provided, which explains their evolution, provides an original classification for these systems, identifies areas of future implementation and develops certain areas selected for past, present or future importance.
Abstract: Recommender systems have developed in parallel with the web. They were initially based on demographic, content-based and collaborative filtering. Currently, these systems are incorporating social information. In the future, they will use implicit, local and personal information from the Internet of things. This article provides an overview of recommender systems as well as collaborative filtering methods and algorithms; it also explains their evolution, provides an original classification for these systems, identifies areas of future implementation and develops certain areas selected for past, present or future importance.

2,639 citations


Cites background from "Strategies for Effective Shilling A..."

  • ...RS are still highly vulnerable to such attacks [191]....

    [...]

Journal ArticleDOI
TL;DR: Various attack types are described and new dimensions for attack classification are introduced and detailed description of the proposed detection and robust recommendation algorithms are given.
Abstract: Online vendors employ collaborative filtering algorithms to provide recommendations to their customers so that they can increase their sales and profits. Although recommendation schemes are successful in e-commerce sites, they are vulnerable to shilling or profile injection attacks. On one hand, online shopping sites utilize collaborative filtering schemes to enhance their competitive edge over other companies. On the other hand, malicious users and/or competing vendors might decide to insert fake profiles into the user-item matrices in such a way so that they can affect the predicted ratings on behalf of their advantages. In the past decade, various studies have been conducted to scrutinize different shilling attacks strategies, profile injection attack types, shilling attack detection schemes, robust algorithms proposed to overcome such attacks, and evaluate them with respect to accuracy, cost/benefit, and overall performance. Due to their popularity and importance, we survey about shilling attacks in collaborative filtering algorithms. Giving an overall picture about various shilling attack types by introducing new classification attributes is imperative for further research. Explaining shilling attack detection schemes in detail and robust algorithms proposed so far might open a lead to develop new detection schemes and enhance such robust algorithms further, even propose new ones. Thus, we describe various attack types and introduce new dimensions for attack classification. Detailed description of the proposed detection and robust recommendation algorithms are given. Moreover, we briefly explain evaluation of the proposed schemes. We conclude the paper by discussing various open questions.

273 citations

Journal ArticleDOI
TL;DR: An intelligent real-time user-specific travel recommender system (IRTUSTRS) is developed through incorporating users' social network profile and current location by exploiting global positioning system (GPS) data for travel recommendation generation.
Abstract: Recent developments in internet technologies have created a massive demand for online services with the rapidly growing users. Travel recommender systems have been embraced by many researchers due to recent developments and significant requirements in the e-tourism domain. Generating personalised recommendations with minimal interactions is a key challenge and predicting personalised list of locations with the available ratings alone cannot achieve effective recommendations. To address this issue, we develop an intelligent real-time user-specific travel recommender system (IRTUSTRS) through incorporating users' social network profile and current location by exploiting global positioning system (GPS) data for travel recommendation generation. The proposed IRTUSTRS approach helps end users through enhanced travel recommendations with improved accuracy. The experimental evaluation portrays the improved performance of IRTUSTRS over baseline approaches. The presented work helps to understand the performance of recommender systems by utilising online social network profile of users with the current location through the GPS data.

51 citations

Journal ArticleDOI
TL;DR: This paper provides a group recommendation similarity metric and demonstrates the convenience of tackling the aggregation of the group's users in the actual similarity metric of the collaborative filtering process.
Abstract: In collaborative filtering recommender systems recommendations can be made to groups of users. There are four basic stages in the collaborative filtering algorithms where the group's users' data can be aggregated to the data of the group of users: similarity metric, establishing the neighborhood, prediction phase, determination of recommended items. In this paper we perform aggregation experiments in each of the four stages and two fundamental conclusions are reached: (1) the system accuracy does not vary significantly according to the stage where the aggregation is performed, (2) the system performance improves notably when the aggregation is performed in an earlier stage of the collaborative filtering process. This paper provides a group recommendation similarity metric and demonstrates the convenience of tackling the aggregation of the group's users in the actual similarity metric of the collaborative filtering process.

50 citations


Cites background from "Strategies for Effective Shilling A..."

  • ...RS are still highly vulnerable to such attacks (Ray & Mahanti, 2009)....

    [...]

Journal ArticleDOI
TL;DR: This work proposes and evaluates a content-driven framework for effectively linking free text posts with common “talking points” and extracting campaigns from large-scale social media and shows how these campaigns may be extracted with high precision and recall.
Abstract: In this manuscript, we study the problem of detecting coordinated free text campaigns in large-scale social media. These campaigns—ranging from coordinated spam messages to promotional and advertising campaigns to political astro-turfing—are growing in significance and reach with the commensurate rise in massive-scale social systems. Specifically, we propose and evaluate a content-driven framework for effectively linking free text posts with common “talking points” and extracting campaigns from large-scale social media. Three of the salient features of the campaign extraction framework are: (i) first, we investigate graph mining techniques for isolating coherent campaigns from large message-based graphs; (ii) second, we conduct a comprehensive comparative study of text-based message correlation in message and user levels; and (iii) finally, we analyze temporal behaviors of various campaign types. Through an experimental study over millions of Twitter messages we identify five major types of campaigns—namely Spam, Promotion, Template, News, and Celebrity campaigns—and we show how these campaigns may be extracted with high precision and recall.

40 citations

References
More filters
Proceedings ArticleDOI
01 Apr 2001
TL;DR: This paper analyzes item-based collaborative ltering techniques and suggests that item- based algorithms provide dramatically better performance than user-based algorithms, while at the same time providing better quality than the best available userbased algorithms.
Abstract: Recommender systems apply knowledge discovery techniques to the problem of making personalized recommendations for information, products or services during a live interaction. These systems, especially the k-nearest neighbor collaborative ltering based ones, are achieving widespread success on the Web. The tremendous growth in the amount of available information and the number of visitors to Web sites in recent years poses some key challenges for recommender systems. These are: producing high quality recommendations, performing many recommendations per second for millions of users and items and achieving high coverage in the face of data sparsity. In traditional collaborative ltering systems the amount of work increases with the number of participants in the system. New recommender system technologies are needed that can quickly produce high quality recommendations, even for very large-scale problems. To address these issues we have explored item-based collaborative ltering techniques. Item-based techniques rst analyze the user-item matrix to identify relationships between di erent items, and then use these relationships to indirectly compute recommendations for users. In this paper we analyze di erent item-based recommendation generation algorithms. We look into di erent techniques for computing item-item similarities (e.g., item-item correlation vs. cosine similarities between item vectors) and di erent techniques for obtaining recommendations from them (e.g., weighted sum vs. regression model). Finally, we experimentally evaluate our results and compare them to the basic k-nearest neighbor approach. Our experiments suggest that item-based algorithms provide dramatically better performance than user-based algorithms, while at the same time providing better quality than the best available userbased algorithms.

8,634 citations


"Strategies for Effective Shilling A..." refers methods in this paper

  • ...In item based collaborative filtering [ 10 ], similarities between the various items are computed....

    [...]

Journal ArticleDOI
TL;DR: The combination of high volume and personal taste made Usenet news a promising candidate for collaborative filtering and the potential predictive utility for Usenets news was very high.
Abstract: newsgroups carry a wide enough spread of messages to make most individuals consider Usenet news to be a high noise information resource. Furthermore, each user values a different set of messages. Both taste and prior knowledge are major factors in evaluating news articles. For example, readers of the rec.humor newsgroup, a group designed for jokes and other humorous postings, value articles based on whether they perceive them to be funny. Readers of technical groups, such as comp.lang.c11 value articles based on interest and usefulness to them—introductory questions and answers may be uninteresting to an expert C11 programmer just as debates over subtle and advanced language features may be useless to the novice. The combination of high volume and personal taste made Usenet news a promising candidate for collaborative filtering. More formally, we determined the potential predictive utility for Usenet news was very high. The GroupLens project started in 1992 and completed a pilot study at two sites to establish the feasibility of using collaborative filtering for Usenet news [8]. Several critical design decisions were made as part of that pilot study, including:

2,657 citations


"Strategies for Effective Shilling A..." refers methods in this paper

  • ...This technique mainly relies on explicit ratings given by the user and is the most successful and widely used technique [ 3 ]....

    [...]

Proceedings ArticleDOI
17 May 2004
TL;DR: Four open questions are explored that may affect the effectiveness of shilling attacks on recommender systems: which recommender algorithm is being used, whether the application is producing recommendations or predictions, how detectable the attacks are by the operator of the system, and what the properties are of the items being attacked.
Abstract: Recommender systems have emerged in the past several years as an effective way to help people cope with the problem of information overload. One application in which they have become particularly common is in e-commerce, where recommendation of items can often help a customer find what she is interested in and, therefore can help drive sales. Unscrupulous producers in the never-ending quest for market penetration may find it profitable to shill recommender systems by lying to the systems in order to have their products recommended more often than those of their competitors. This paper explores four open questions that may affect the effectiveness of such shilling attacks: which recommender algorithm is being used, whether the application is producing recommendations or predictions, how detectable the attacks are by the operator of the system, and what the properties are of the items being attacked. The questions are explored experimentally on a large data set of movie ratings. Taken together, the results of the paper suggest that new ways must be used to evaluate and detect shilling attacks on recommender systems.

639 citations

Journal ArticleDOI
TL;DR: This study shows that both user-based and item-based algorithms are highly vulnerable to specific attack models, but that hybrid algorithms may provide a higher degree of robustness.
Abstract: Publicly accessible adaptive systems such as collaborative recommender systems present a security problem. Attackers, who cannot be readily distinguished from ordinary users, may inject biased profiles in an attempt to force a system to “adapt” in a manner advantageous to them. Such attacks may lead to a degradation of user trust in the objectivity and accuracy of the system. Recent research has begun to examine the vulnerabilities and robustness of different collaborative recommendation techniques in the face of “profile injection” attacks. In this article, we outline some of the major issues in building secure recommender systems, concentrating in particular on the modeling of attacks and their impact on various recommendation algorithms. We introduce several new attack models and perform extensive simulation-based evaluations to show which attacks are most successful and practical against common recommendation techniques. Our study shows that both user-based and item-based algorithms are highly vulnerable to specific attack models, but that hybrid algorithms may provide a higher degree of robustness. Using our formal characterization of attack models, we also introduce a novel classification-based approach for detecting attack profiles and evaluate its effectiveness in neutralizing attacks.

460 citations


"Strategies for Effective Shilling A..." refers background or methods in this paper

  • ...However, it has been found that average attack is more effective compared to bandwagon and segmented attack [ 8 ]....

    [...]

  • ...An attack is also classified as a high-knowledge attack or low-knowledge attack [ 8 ]....

    [...]

  • ...It has been found that this model is not very effective [ 8 ]....

    [...]

  • ...A comprehensive study of different attack models can be found in [ 8 ]....

    [...]

  • ...As it is difficult to manipulate the similarities of two items compared to that of two users, item based recommender systems are found to be more robust that user based systems [ 8 ]....

    [...]