Limits...
Shilling Attacks Detection in Recommender Systems Based on Target Item Analysis.

Zhou W, Wen J, Koh YS, Xiong Q, Gao M, Dobbie G, Alam S - PLoS ONE (2015)

Bottom Line: Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach.In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim.The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

View Article: PubMed Central - PubMed

Affiliation: College of Computer Science, Chongqing University, Chongqing, China.

ABSTRACT
Recommender systems are highly vulnerable to shilling attacks, both by individuals and groups. Attackers who introduce biased ratings in order to affect recommendations, have been shown to negatively affect collaborative filtering (CF) algorithms. Previous research focuses only on the differences between genuine profiles and attack profiles, ignoring the group characteristics in attack profiles. In this paper, we study the use of statistical metrics to detect rating patterns of attackers and group characteristics in attack profiles. Another question is that most existing detecting methods are model specific. Two metrics, Rating Deviation from Mean Agreement (RDMA) and Degree of Similarity with Top Neighbors (DegSim), are used for analyzing rating patterns between malicious profiles and genuine profiles in attack models. Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach. In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim. The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

No MeSH data available.


Detection rate and false positive rate when the attack size is 5% and filler size varies in different datasets.Detection rate and false positive rate are detected when the attack size is 5% and filler size varies using four different datasets, including MovieLens 100k Dataset, MovieLens 1M Dataset, Eachmovie Dataset and Netflix sub-Dataset.
© Copyright Policy
Related In: Results  -  Collection

License
getmorefigures.php?uid=PMC4519300&req=5

pone.0130968.g008: Detection rate and false positive rate when the attack size is 5% and filler size varies in different datasets.Detection rate and false positive rate are detected when the attack size is 5% and filler size varies using four different datasets, including MovieLens 100k Dataset, MovieLens 1M Dataset, Eachmovie Dataset and Netflix sub-Dataset.

Mentions: Fig 8 shows the detection rates and false positive rates of the proposed method while facing group attacks on four different datasets. Fig 8(A) is the detection rates when the attack size is 5% and filler size varies. Fig 8(B) shows the false positive rates of the detection. We find that the detection rates increase along with the increase in filler size. The detection rates reach close to 100% when filler size reaches 4%. The false positive rates, on the other hand, consistently stay below 0.5% when the filler size is greater than 2%, regardless of attack sizes.


Shilling Attacks Detection in Recommender Systems Based on Target Item Analysis.

Zhou W, Wen J, Koh YS, Xiong Q, Gao M, Dobbie G, Alam S - PLoS ONE (2015)

Detection rate and false positive rate when the attack size is 5% and filler size varies in different datasets.Detection rate and false positive rate are detected when the attack size is 5% and filler size varies using four different datasets, including MovieLens 100k Dataset, MovieLens 1M Dataset, Eachmovie Dataset and Netflix sub-Dataset.
© Copyright Policy
Related In: Results  -  Collection

License
Show All Figures
getmorefigures.php?uid=PMC4519300&req=5

pone.0130968.g008: Detection rate and false positive rate when the attack size is 5% and filler size varies in different datasets.Detection rate and false positive rate are detected when the attack size is 5% and filler size varies using four different datasets, including MovieLens 100k Dataset, MovieLens 1M Dataset, Eachmovie Dataset and Netflix sub-Dataset.
Mentions: Fig 8 shows the detection rates and false positive rates of the proposed method while facing group attacks on four different datasets. Fig 8(A) is the detection rates when the attack size is 5% and filler size varies. Fig 8(B) shows the false positive rates of the detection. We find that the detection rates increase along with the increase in filler size. The detection rates reach close to 100% when filler size reaches 4%. The false positive rates, on the other hand, consistently stay below 0.5% when the filler size is greater than 2%, regardless of attack sizes.

Bottom Line: Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach.In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim.The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

View Article: PubMed Central - PubMed

Affiliation: College of Computer Science, Chongqing University, Chongqing, China.

ABSTRACT
Recommender systems are highly vulnerable to shilling attacks, both by individuals and groups. Attackers who introduce biased ratings in order to affect recommendations, have been shown to negatively affect collaborative filtering (CF) algorithms. Previous research focuses only on the differences between genuine profiles and attack profiles, ignoring the group characteristics in attack profiles. In this paper, we study the use of statistical metrics to detect rating patterns of attackers and group characteristics in attack profiles. Another question is that most existing detecting methods are model specific. Two metrics, Rating Deviation from Mean Agreement (RDMA) and Degree of Similarity with Top Neighbors (DegSim), are used for analyzing rating patterns between malicious profiles and genuine profiles in attack models. Building upon this, we also propose and evaluate a detection structure called RD-TIA for detecting shilling attacks in recommender systems using a statistical approach. In order to detect more complicated attack models, we propose a novel metric called DegSim' based on DegSim. The experimental results show that our detection model based on target item analysis is an effective approach for detecting shilling attacks.

No MeSH data available.