Limits...
Shilling Attacks Detection in Recommender Systems Based on Target Item Analysis.

Zhou W, Wen J, Koh YS, Xiong Q, Gao M, Dobbie G, Alam S - PLoS ONE (2015)

Bottom Line: Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach.In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim.The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

View Article: PubMed Central - PubMed

Affiliation: College of Computer Science, Chongqing University, Chongqing, China.

ABSTRACT
Recommender systems are highly vulnerable to shilling attacks, both by individuals and groups. Attackers who introduce biased ratings in order to affect recommendations, have been shown to negatively affect collaborative filtering (CF) algorithms. Previous research focuses only on the differences between genuine profiles and attack profiles, ignoring the group characteristics in attack profiles. In this paper, we study the use of statistical metrics to detect rating patterns of attackers and group characteristics in attack profiles. Another question is that most existing detecting methods are model specific. Two metrics, Rating Deviation from Mean Agreement (RDMA) and Degree of Similarity with Top Neighbors (DegSim), are used for analyzing rating patterns between malicious profiles and genuine profiles in attack models. Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach. In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim. The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

No MeSH data available.


Comparison of AUC value in multi-targeted detection when the number of target items varies.There are multi-target items in each attack. Comparison of AUC value in random push attack, average push attack, random nuke attack and average nuke attack.
© Copyright Policy
Related In: Results  -  Collection

License
getmorefigures.php?uid=PMC4519300&req=5

pone.0130968.g007: Comparison of AUC value in multi-targeted detection when the number of target items varies.There are multi-target items in each attack. Comparison of AUC value in random push attack, average push attack, random nuke attack and average nuke attack.

Mentions: We notice in Fig 6 that the false positive rate increases when the number of target items increases. There is no big difference in false positive rate between random and average detection when the attacks are the same purpose. On the other side, the false positive rates of nuke attacks are smaller than that of push attacks. AUC values are compared in Fig 7 of different attack models. AUC values of different attack models decline when the number of target items increases. There is no big difference in AUC values between random and average detection when the attacks are the same purpose (push or nuke). In conclusion, the performance of RD-TIA(a) on random and average attacks with multi target items in one attack is not as good as single target items attack. Detection result of nuke attack is better than that of push attack using RD-TIA(a) in the same condition.


Shilling Attacks Detection in Recommender Systems Based on Target Item Analysis.

Zhou W, Wen J, Koh YS, Xiong Q, Gao M, Dobbie G, Alam S - PLoS ONE (2015)

Comparison of AUC value in multi-targeted detection when the number of target items varies.There are multi-target items in each attack. Comparison of AUC value in random push attack, average push attack, random nuke attack and average nuke attack.
© Copyright Policy
Related In: Results  -  Collection

License
Show All Figures
getmorefigures.php?uid=PMC4519300&req=5

pone.0130968.g007: Comparison of AUC value in multi-targeted detection when the number of target items varies.There are multi-target items in each attack. Comparison of AUC value in random push attack, average push attack, random nuke attack and average nuke attack.
Mentions: We notice in Fig 6 that the false positive rate increases when the number of target items increases. There is no big difference in false positive rate between random and average detection when the attacks are the same purpose. On the other side, the false positive rates of nuke attacks are smaller than that of push attacks. AUC values are compared in Fig 7 of different attack models. AUC values of different attack models decline when the number of target items increases. There is no big difference in AUC values between random and average detection when the attacks are the same purpose (push or nuke). In conclusion, the performance of RD-TIA(a) on random and average attacks with multi target items in one attack is not as good as single target items attack. Detection result of nuke attack is better than that of push attack using RD-TIA(a) in the same condition.

Bottom Line: Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach.In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim.The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

View Article: PubMed Central - PubMed

Affiliation: College of Computer Science, Chongqing University, Chongqing, China.

ABSTRACT
Recommender systems are highly vulnerable to shilling attacks, both by individuals and groups. Attackers who introduce biased ratings in order to affect recommendations, have been shown to negatively affect collaborative filtering (CF) algorithms. Previous research focuses only on the differences between genuine profiles and attack profiles, ignoring the group characteristics in attack profiles. In this paper, we study the use of statistical metrics to detect rating patterns of attackers and group characteristics in attack profiles. Another question is that most existing detecting methods are model specific. Two metrics, Rating Deviation from Mean Agreement (RDMA) and Degree of Similarity with Top Neighbors (DegSim), are used for analyzing rating patterns between malicious profiles and genuine profiles in attack models. Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach. In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim. The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

No MeSH data available.