PORE: Provably Robust Recommender Systems against Data Poisoning Attacks

被引：0

作者：

Jia, Jinyuan ^{[1
]}

Liu, Yupei ^{[2
]}

Hu, Yuepeng ^{[2
]}

Gong, Neil Zhenqiang ^{[2
]}

机构：

[1] Penn State Univ, University Pk, PA 16802 USA

[2] Duke Univ, Durham, NC 27706 USA

来源：

PROCEEDINGS OF THE 32ND USENIX SECURITY SYMPOSIUM | 2023年

关键词：

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Data poisoning attacks spoof a recommender system to make arbitrary, attacker-desired recommendations via injecting fake users with carefully crafted rating scores into the recommender system. We envision a cat-and-mouse game for such data poisoning attacks and their defenses, i.e., new defenses are designed to defend against existing attacks and new attacks are designed to break them. To prevent such cat-and-mouse game, we propose PORE, the first framework to build provably robust recommender systems in this work. PORE can transform any existing recommender system to be provably robust against any untargeted data poisoning attacks, which aim to reduce the overall performance of a recommender system. Suppose PORE recommends top-N items to a user when there is no attack. We prove that PORE still recommends at least r of the N items to the user under any data poisoning attack, where r is a function of the number of fake users in the attack. Moreover, we design an efficient algorithm to compute r for each user. We empirically evaluate PORE on popular benchmark datasets.

引用

页码：1703 / 1720

页数：18

共 50 条

[1] Data Poisoning Attacks against Differentially Private Recommender Systems
Wadhwa, Soumya
Agrawal, Saurabh
Chaudhari, Harsh
Sharma, Deepthi
Achan, Kannan
PROCEEDINGS OF THE 43RD INTERNATIONAL ACM SIGIR CONFERENCE ON RESEARCH AND DEVELOPMENT IN INFORMATION RETRIEVAL (SIGIR '20), 2020, : 1617 - 1620
[2] Accelerating the Surrogate Retraining for Poisoning Attacks against Recommender Systems
Wu, Yunfan
Cao, Qi
Tao, Shuchang
Zhang, Kaike
Sun, Fei
Shen, Huawei
PROCEEDINGS OF THE EIGHTEENTH ACM CONFERENCE ON RECOMMENDER SYSTEMS, RECSYS 2024, 2024, : 701 - 711
[3] Data poisoning attacks on neighborhood-based recommender systems
Chen, Liang
Xu, Yangjun
Xie, Fenfang
Huang, Min
Zheng, Zibin
TRANSACTIONS ON EMERGING TELECOMMUNICATIONS TECHNOLOGIES, 2021, 32 (06)
[4] Data Poisoning Attacks to Deep Learning Based Recommender Systems
Huang, Hai
Mu, Jiaming
Gong, Neil Zhenqiang
Li, Qi
Liu, Bin
Xu, Mingwei
28TH ANNUAL NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM (NDSS 2021), 2021,
[5] Recommender Systems Robust to Data Poisoning using Trim Learning
Hidano, Seira
Kiyomoto, Shinsaku
ICISSP: PROCEEDINGS OF THE 6TH INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY, 2020, : 721 - 724
[6] Influence-Driven Data Poisoning for Robust Recommender Systems
Wu, Chenwang
Lian, Defu
Ge, Yong
Zhu, Zhihao
Chen, Enhong
IEEE TRANSACTIONS ON PATTERN ANALYSIS AND MACHINE INTELLIGENCE, 2023, 45 (10) : 11915 - 11931
[7] PARL: Poisoning Attacks Against Reinforcement Learning-based Recommender Systems
Du, Linkang
Yuan, Quan
Chen, Min
Sun, Mingyang
Cheng, Peng
Chen, Jiming
Zhang, Zhikun
PROCEEDINGS OF THE 19TH ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, ACM ASIACCS 2024, 2024, : 1331 - 1344
[8] Poison-Tolerant Collaborative Filtering Against Poisoning Attacks on Recommender Systems
Baker, Thar
Li, Tong
Jia, Jingyu
Zhang, Baolei
Tan, Chang
Zomaya, Albert Y.
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2024, 21 (05) : 4589 - 4599
[9] Targeted Poisoning Attacks on Social Recommender Systems
Hu, Rui
Guo, Yuanxiong
Pan, Miao
Gong, Yanmin
2019 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM), 2019,
[10] FLCert: Provably Secure Federated Learning Against Poisoning Attacks
Cao, Xiaoyu
Zhang, Zaixi
Jia, Jinyuan
Gong, Neil Zhenqiang
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2022, 17 : 3691 - 3705

← 1 2 3 4 5 →