Data Poisoning Attacks against Differentially Private Recommender Systems

被引：11

作者：

Wadhwa, Soumya ^{[1
]}

Agrawal, Saurabh ^{[1
]}

Chaudhari, Harsh ^{[1
,2
]}

Sharma, Deepthi ^{[1
]}

Achan, Kannan ^{[1
]}

机构：

[1] Walmart Labs, Bangalore, Karnataka, India

[2] Indian Inst Sci, Bangalore, Karnataka, India

来源：

PROCEEDINGS OF THE 43RD INTERNATIONAL ACM SIGIR CONFERENCE ON RESEARCH AND DEVELOPMENT IN INFORMATION RETRIEVAL (SIGIR '20) | 2020年

关键词：

Data Poisoning; Shilling Attacks; Differential Privacy; Matrix Factorization; Collaborative Filtering; Recommender Systems;

D O I：

10.1145/3397271.3401301

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Recommender systems based on collaborative filtering are highly vulnerable to data poisoning attacks, where a determined attacker injects fake users with false user-item feedback, with an objective to either corrupt the recommender system or promote/demote a target set of items. Recently, differential privacy was explored as a defense technique against data poisoning attacks in the typical machine learning setting. In this paper, we study the effectiveness of differential privacy against such attacks on matrix factorization based collaborative filtering systems. Concretely, we conduct extensive experiments for evaluating robustness to injection of malicious user profiles by simulating common types of shilling attacks on real-world data and comparing the predictions of typical matrix factorization with differentially private matrix factorization.

引用

页码：1617 / 1620

页数：4

共 50 条

[1] Disguised as Privacy: Data Poisoning Attacks Against Differentially Private Crowdsensing Systems
Li, Zhetao
Zheng, Zhirun
Guo, Suiming
Guo, Bin
Xiao, Fu
Ren, Kui
IEEE TRANSACTIONS ON MOBILE COMPUTING, 2023, 22 (09) : 5155 - 5169
[2] Data Poisoning against Differentially-Private Learners: Attacks and Defenses
Ma, Yuzhe
Zhu, Xiaojin
Hsu, Justin
PROCEEDINGS OF THE TWENTY-EIGHTH INTERNATIONAL JOINT CONFERENCE ON ARTIFICIAL INTELLIGENCE, 2019, : 4732 - 4738
[3] PORE: Provably Robust Recommender Systems against Data Poisoning Attacks
Jia, Jinyuan
Liu, Yupei
Hu, Yuepeng
Gong, Neil Zhenqiang
PROCEEDINGS OF THE 32ND USENIX SECURITY SYMPOSIUM, 2023, : 1703 - 1720
[4] Assessing Wearable Human Activity Recognition Systems Against Data Poisoning Attacks in Differentially-Private Federated Learning
Shahid, Abdur R.
Imteaj, Ahmed
Badsha, Shahriar
Hossain, Md Zarif
2023 IEEE INTERNATIONAL CONFERENCE ON SMART COMPUTING, SMARTCOMP, 2023, : 355 - 360
[5] Accelerating the Surrogate Retraining for Poisoning Attacks against Recommender Systems
Wu, Yunfan
Cao, Qi
Tao, Shuchang
Zhang, Kaike
Sun, Fei
Shen, Huawei
PROCEEDINGS OF THE EIGHTEENTH ACM CONFERENCE ON RECOMMENDER SYSTEMS, RECSYS 2024, 2024, : 701 - 711
[6] Data poisoning attacks on neighborhood-based recommender systems
Chen, Liang
Xu, Yangjun
Xie, Fenfang
Huang, Min
Zheng, Zibin
TRANSACTIONS ON EMERGING TELECOMMUNICATIONS TECHNOLOGIES, 2021, 32 (06)
[7] Data Poisoning Attacks to Deep Learning Based Recommender Systems
Huang, Hai
Mu, Jiaming
Gong, Neil Zhenqiang
Li, Qi
Liu, Bin
Xu, Mingwei
28TH ANNUAL NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM (NDSS 2021), 2021,
[8] A Differentially Private Federated Learning Model Against Poisoning Attacks in Edge Computing
Zhou, Jun
Wu, Nan
Wang, Yisong
Gu, Shouzhen
Cao, Zhenfu
Dong, Xiaolei
Choo, Kim-Kwang Raymond
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2023, 20 (03) : 1941 - 1958
[9] PARL: Poisoning Attacks Against Reinforcement Learning-based Recommender Systems
Du, Linkang
Yuan, Quan
Chen, Min
Sun, Mingyang
Cheng, Peng
Chen, Jiming
Zhang, Zhikun
PROCEEDINGS OF THE 19TH ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, ACM ASIACCS 2024, 2024, : 1331 - 1344
[10] Poison-Tolerant Collaborative Filtering Against Poisoning Attacks on Recommender Systems
Baker, Thar
Li, Tong
Jia, Jingyu
Zhang, Baolei
Tan, Chang
Zomaya, Albert Y.
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2024, 21 (05) : 4589 - 4599

← 1 2 3 4 5 →