Learning-based Attack and Defense on Recommender Systems

Palanisamy Sundar, Agnideven

08 1900

Indiana University-Purdue University Indianapolis (IUPUI) / The internet is the home for massive volumes of valuable data constantly being created, making it difficult for users to find information relevant to them. In recent times, online users have been relying on the recommendations made by websites to narrow down the options. Online reviews have also become an increasingly important factor in the final choice of a customer. Unfortunately, attackers have found ways to manipulate both reviews and recommendations to mislead users. A Recommendation System is a special type of information filtering system adapted by online vendors to provide suggestions to their customers based on their requirements. Collaborative filtering is one of the most widely used recommendation systems; unfortunately, it is prone to shilling/profile injection attacks. Such attacks alter the recommendation process to promote or demote a particular product. On the other hand, many spammers write deceptive reviews to change the credibility of a product/service. This work aims to address these issues by treating the review manipulation and shilling attack scenarios independently. For the shilling attacks, we build an efficient Reinforcement Learning-based shilling attack method. This method reduces the uncertainty associated with the item selection process and finds the most optimal items to enhance attack reach while treating the recommender system as a black box. Such practical online attacks open new avenues for research in building more robust recommender systems. When it comes to review manipulations, we introduce a method to use a deep structure embedding approach that preserves highly nonlinear structural information and the dynamic aspects of user reviews to identify and cluster the spam users. It is worth mentioning that, in the experiment with real datasets, our method captures about 92\% of all spam reviewers using an unsupervised learning approach.

Recommender Systems

Machine Learning

Deep Learning

Reinforcement Learning

Fraud Detection

Fake Reviews

Shilling Attacks

Graph Embedding

Multi-Armed Bandits

Technologický manipulátor udírny / Technological manipulator of smoking-chamber

Gajdušek, Jakub

January 2010

This work designs overall structural design of technological manipulator of smoking- chamber, which serves to move the trolleys with food between smoking and chilling chamber. Chambers are connected in a single device. Trolleys are considered with full and uniformly distributed load. Work includes a 3D model of equipment and production documentation.

Recommending privacy preferences in location-sharing services

Zhao, Yuchen

January 2017

Location-sharing services have become increasingly popular with the proliferation of smartphones and online social networks. People share their locations with each other to record their daily lives or satisfy their social needs. At the same time, inappropriate disclosure of location information poses threats to people's privacy. One of the reasons why people fail to protect their location privacy is the difficulty of using the current mechanisms to manually configure location-privacy settings. Since people's location-privacy preferences are context-aware, manual configuration is cumbersome. People's incapability and unwillingness to do so lead to unexpected location disclosures that violate their location privacy. In this thesis, we investigate the feasibility of using recommender systems to help people protect their location privacy. We examine the performance of location-privacy recommender systems and compare it with the state-of-the-art. We also conduct online user studies to understand people's acceptance of such recommender systems and their concerns. We revise our design of the systems according to the results of the user studies. We find that user-based collaborative filtering can accurately recommend location-privacy preferences and outperform the state-of-the-art when training data are insufficient. From users' perspective, their acceptance of location-privacy recommender systems is affected by the openness and the context of recommendations and their privacy concerns about the systems. It is feasible to use data obfuscation or decentralisation to alleviate people's concerns and meanwhile keep the systems robust against malicious data attacks.

621.382

Learning-based Attack and Defense on Recommender Systems

Agnideven Palanisamy Sundar (11190282)

06 August 2021

The internet is the home for massive volumes of valuable data constantly being created, making it difficult for users to find information relevant to them. In recent times, online users have been relying on the recommendations made by websites to narrow down the options. Online reviews have also become an increasingly important factor in the final choice of a customer. Unfortunately, attackers have found ways to manipulate both reviews and recommendations to mislead users. A Recommendation System is a special type of information filtering system adapted by online vendors to provide suggestions to their customers based on their requirements. Collaborative filtering is one of the most widely used recommendation systems; unfortunately, it is prone to shilling/profile injection attacks. Such attacks alter the recommendation process to promote or demote a particular product. On the other hand, many spammers write deceptive reviews to change the credibility of a product/service. This work aims to address these issues by treating the review manipulation and shilling attack scenarios independently. For the shilling attacks, we build an efficient Reinforcement Learning-based shilling attack method. This method reduces the uncertainty associated with the item selection process and finds the most optimal items to enhance attack reach while treating the recommender system as a black box. Such practical online attacks open new avenues for research in building more robust recommender systems. When it comes to review manipulations, we introduce a method to use a deep structure embedding approach that preserves highly nonlinear structural information and the dynamic aspects of user reviews to identify and cluster the spam users. It is worth mentioning that, in the experiment with real datasets, our method captures about 92\% of all spam reviewers using an unsupervised learning approach.<br>

Computer System Security

Computer Communications Networks

Recommender Systems

Machine Learning

Deep Learning

Reinforcement Learning

Fraud Detection

Fake Reviews

Shilling Attacks

Graph Embedding

Multi-Armed Bandits