Limits...
Shilling Attacks Detection in Recommender Systems Based on Target Item Analysis.

Zhou W, Wen J, Koh YS, Xiong Q, Gao M, Dobbie G, Alam S - PLoS ONE (2015)

Bottom Line: Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach.In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim.The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

View Article: PubMed Central - PubMed

Affiliation: College of Computer Science, Chongqing University, Chongqing, China.

ABSTRACT
Recommender systems are highly vulnerable to shilling attacks, both by individuals and groups. Attackers who introduce biased ratings in order to affect recommendations, have been shown to negatively affect collaborative filtering (CF) algorithms. Previous research focuses only on the differences between genuine profiles and attack profiles, ignoring the group characteristics in attack profiles. In this paper, we study the use of statistical metrics to detect rating patterns of attackers and group characteristics in attack profiles. Another question is that most existing detecting methods are model specific. Two metrics, Rating Deviation from Mean Agreement (RDMA) and Degree of Similarity with Top Neighbors (DegSim), are used for analyzing rating patterns between malicious profiles and genuine profiles in attack models. Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach. In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim. The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

No MeSH data available.


RD-TIA Detecting structure based on two metrics RDMA and DegSim.There are two phases in RD-TIA. In the first phase, extract profile attributes and determine the suspicious profiles by using two statistical metrics DegSim and RDMA.
© Copyright Policy
Related In: Results  -  Collection

License
getmorefigures.php?uid=PMC4519300&req=5

pone.0130968.g002: RD-TIA Detecting structure based on two metrics RDMA and DegSim.There are two phases in RD-TIA. In the first phase, extract profile attributes and determine the suspicious profiles by using two statistical metrics DegSim and RDMA.

Mentions: Firstly in attack profiles, filler items are randomly chosen thus the similarity based on these filler items between attack and genuine profiles should be lower. We choose 20 neighbours that have the highest similarity in DegSim. Secondly, since shilling attacks usually try to push items with low ratings or vice versa in nuke attacks, the users mounting such an attack will assign a rating that deviates from the average rating value assigned by the genuine profiles. We use metric RDMA to calculate this. Attackers’ profiles should therefore have relatively high values for RDMA, as well as very low values in DegSim. Fig 1 shows the distribution of RDMA and DegSim when average attacks are injected. Last but not least, all target items are assigned a highest or lowest value, the count number of this value should be bigger than other values among items. Based on these three reasons, we propose a detection structure called RD-TIA that uses two metrics, RDMA and DegSim to reveal these distinctive features in the rating patterns. Feature extraction using Eqs (1) and (2). Profiles that have a greater value in RDMA and smaller DegSim value are suspected of being attack profiles. Since there must be some false positives in the detecting result. Based on the third reason, we proposed a Target Item Analysis (TIA) method to filter genuine profiles out. The detection model is shown in Fig 2.


Shilling Attacks Detection in Recommender Systems Based on Target Item Analysis.

Zhou W, Wen J, Koh YS, Xiong Q, Gao M, Dobbie G, Alam S - PLoS ONE (2015)

RD-TIA Detecting structure based on two metrics RDMA and DegSim.There are two phases in RD-TIA. In the first phase, extract profile attributes and determine the suspicious profiles by using two statistical metrics DegSim and RDMA.
© Copyright Policy
Related In: Results  -  Collection

License
Show All Figures
getmorefigures.php?uid=PMC4519300&req=5

pone.0130968.g002: RD-TIA Detecting structure based on two metrics RDMA and DegSim.There are two phases in RD-TIA. In the first phase, extract profile attributes and determine the suspicious profiles by using two statistical metrics DegSim and RDMA.
Mentions: Firstly in attack profiles, filler items are randomly chosen thus the similarity based on these filler items between attack and genuine profiles should be lower. We choose 20 neighbours that have the highest similarity in DegSim. Secondly, since shilling attacks usually try to push items with low ratings or vice versa in nuke attacks, the users mounting such an attack will assign a rating that deviates from the average rating value assigned by the genuine profiles. We use metric RDMA to calculate this. Attackers’ profiles should therefore have relatively high values for RDMA, as well as very low values in DegSim. Fig 1 shows the distribution of RDMA and DegSim when average attacks are injected. Last but not least, all target items are assigned a highest or lowest value, the count number of this value should be bigger than other values among items. Based on these three reasons, we propose a detection structure called RD-TIA that uses two metrics, RDMA and DegSim to reveal these distinctive features in the rating patterns. Feature extraction using Eqs (1) and (2). Profiles that have a greater value in RDMA and smaller DegSim value are suspected of being attack profiles. Since there must be some false positives in the detecting result. Based on the third reason, we proposed a Target Item Analysis (TIA) method to filter genuine profiles out. The detection model is shown in Fig 2.

Bottom Line: Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach.In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim.The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

View Article: PubMed Central - PubMed

Affiliation: College of Computer Science, Chongqing University, Chongqing, China.

ABSTRACT
Recommender systems are highly vulnerable to shilling attacks, both by individuals and groups. Attackers who introduce biased ratings in order to affect recommendations, have been shown to negatively affect collaborative filtering (CF) algorithms. Previous research focuses only on the differences between genuine profiles and attack profiles, ignoring the group characteristics in attack profiles. In this paper, we study the use of statistical metrics to detect rating patterns of attackers and group characteristics in attack profiles. Another question is that most existing detecting methods are model specific. Two metrics, Rating Deviation from Mean Agreement (RDMA) and Degree of Similarity with Top Neighbors (DegSim), are used for analyzing rating patterns between malicious profiles and genuine profiles in attack models. Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach. In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim. The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

No MeSH data available.