Adversarial machine learning is the research field investigating vulnerabilities inherent to machine learning systems’ design and ways to defend against them. Recently, recommender systems have been shown vulnerable to adversarial attacks that force the models to produce misleading recommendations. For instance, adversaries can attempt to push target items into high/low positions in the recommendation lists by inserting optimized fake profiles in pure-collaborative recommenders or uploading item images with human-imperceptible perturbations. This chapter lays out a taxonomy of how recommender systems can be dramatically affected by adversarial attacks, together with the analysis of existing defense mechanisms and their limits. A discussion and an analysis are provided on the methodologies to evaluate recommender systems under adversarial settings. Finally, open issues and future research directions are discussed that need further investigation in designing powerful attacks while proposing more robust defense strategies.

Adversarial Recommender Systems: Attack, Defense, and Advances / Anelli, Vito Walter; Deldjoo, Yashar; Di Noia, Tommaso; Merra, Felice Antonio - In: Third Edition of Recommender systems handbookELETTRONICO. - [s.l], 2022. - ISBN 978-1-0716-2196-7. - pp. 335-379 [10.1007/978-1-0716-2197-4_9]

Adversarial Recommender Systems: Attack, Defense, and Advances

Anelli, Vito Walter;Deldjoo, Yashar;Di Noia, Tommaso;Merra, Felice Antonio
2022-01-01

Abstract

Adversarial machine learning is the research field investigating vulnerabilities inherent to machine learning systems’ design and ways to defend against them. Recently, recommender systems have been shown vulnerable to adversarial attacks that force the models to produce misleading recommendations. For instance, adversaries can attempt to push target items into high/low positions in the recommendation lists by inserting optimized fake profiles in pure-collaborative recommenders or uploading item images with human-imperceptible perturbations. This chapter lays out a taxonomy of how recommender systems can be dramatically affected by adversarial attacks, together with the analysis of existing defense mechanisms and their limits. A discussion and an analysis are provided on the methodologies to evaluate recommender systems under adversarial settings. Finally, open issues and future research directions are discussed that need further investigation in designing powerful attacks while proposing more robust defense strategies.
2022
Third Edition of Recommender systems handbook
978-1-0716-2196-7
978-1-0716-2197-4
Adversarial Recommender Systems: Attack, Defense, and Advances / Anelli, Vito Walter; Deldjoo, Yashar; Di Noia, Tommaso; Merra, Felice Antonio - In: Third Edition of Recommender systems handbookELETTRONICO. - [s.l], 2022. - ISBN 978-1-0716-2196-7. - pp. 335-379 [10.1007/978-1-0716-2197-4_9]
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11589/243821
Citazioni
  • Scopus 13
  • ???jsp.display-item.citation.isi??? ND
social impact