Collaborative filtering (CF) recommendation models lie at the core of most industrial engines due to their state-of-the-art perfor-mance. Their leading performance owes hugely on exploiting users' past feedbacks to identify similar user or item pairs. Unfortunately this sim-ilarity computation is vulnerable to shilling profile injection attack, in which an attacker can insert fake user profiles into the system with the goal to alter the similarities and resulting recommendations in an engi-neered manner. In this work, we introduce SAShA, a new attack strat-egy that leverages semantic features extracted from a knowledge graph in order to strengthen the efficacy of the attack against standard CF models. Validation of the system is conducted across two publicly avail- A ble datasets and various attacks, CF models and semantic information. Results underline the vulnerability of well-known CF models against the proposed semantic attacks compared with the baseline version.
Knowledge-enhanced Shilling Attacks for Recommendation / Anelli, V. W.; Deldjoo, Y.; Di, T.; Merra, F. A.; Acciani, G.; Sciascio, E. D.. - 2646:(2020), pp. 310-317. (Intervento presentato al convegno 28th Italian Symposium on Advanced Database Systems, SEBD 2020 tenutosi a ita nel 2020).
Knowledge-enhanced Shilling Attacks for Recommendation
Anelli V. W.;Deldjoo Y.;Merra F. A.
;Acciani G.;
2020-01-01
Abstract
Collaborative filtering (CF) recommendation models lie at the core of most industrial engines due to their state-of-the-art perfor-mance. Their leading performance owes hugely on exploiting users' past feedbacks to identify similar user or item pairs. Unfortunately this sim-ilarity computation is vulnerable to shilling profile injection attack, in which an attacker can insert fake user profiles into the system with the goal to alter the similarities and resulting recommendations in an engi-neered manner. In this work, we introduce SAShA, a new attack strat-egy that leverages semantic features extracted from a knowledge graph in order to strengthen the efficacy of the attack against standard CF models. Validation of the system is conducted across two publicly avail- A ble datasets and various attacks, CF models and semantic information. Results underline the vulnerability of well-known CF models against the proposed semantic attacks compared with the baseline version.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.