Practical Cross-System Shilling Attacks with Limited Access to Data

Meifang Zeng; Ke Li; Bingchuan Jiang; Liujuan Cao; Hui Li

2023 AAAI AAAI 2023

Practical Cross-System Shilling Attacks with Limited Access to Data

Abstract

Abstract In shilling attacks, an adversarial party injects a few fake user profiles into a Recommender System (RS) so that the target item can be promoted or demoted. Although much effort has been devoted to developing shilling attack methods, we find that existing approaches are still far from practical. In this paper, we analyze the properties a practical shilling attack method should have and propose a new concept of Cross-system Attack. With the idea of Cross-system Attack, we design a Practical Cross-system Shilling Attack (PC-Attack) framework that requires little information about the victim RS model and the target RS data for conducting attacks. PC-Attack is trained to capture graph topology knowledge from public RS data in a self-supervised manner. Then, it is fine-tuned on a small portion of target data that is easy to access to construct fake profiles. Extensive experiments have demonstrated the superiority of PC-Attack over state-of-the-art baselines. Our implementation of PC-Attack is available at https://github.com/KDEGroup/PC-Attack.

🌉 Interdisciplinary Bridge — Computer Science and Data Science & Analytics and Deep Learning and Machine Learning

🧭 Keyword Pioneer — shilling attack

🐝 Cross-Pollinator — Artificial Intelligence, Computer Science, Computer Vision, Data Science & Analytics, Deep Learning, Healthcare & Medicine, Interdisciplinary, Knowledge & Reasoning, Machine Learning, Mathematics & Optimization, Natural Language Processing, Reinforcement Learning, Robotics, Security & Privacy, Speech & Audio

Authors

Meifang Zeng , Ke Li , Bingchuan Jiang , Liujuan Cao , Hui Li

Topics

Machine Learning > Learning Types > Adversarial Learning Data Science & Analytics > Applications > Recommender Systems Computer Science > Applications > Cybersecurity Deep Learning > Learning Types > Self-Supervised Learning Machine Learning > Application Areas > Recommender Systems

Keywords

self-supervised learning graph topology recommender system shilling attack cross-system attack fake user profile fake profile

Download PDF

Related papers

A Model-Agnostic Heuristics for Selective Classification 2023

Tackling Safe and Efficient Multi-Agent Reinforcement Learning via Dynamic Shielding (Student Abstract) 2023

Head-Free Lightweight Semantic Segmentation with Linear Transformer 2023

Hierarchical ConViT with Attention-Based Relational Reasoner for Visual Analogical Reasoning 2023

Deep Spiking Neural Networks with High Representation Similarity Model Visual Pathways of Macaque and Mouse 2023