Researches On Defense Technology Against Shilling Attacks In Collaborative Filtering Recommender Systems

Collaborative filtering recommender systems have a broad application prospect inthe field of information retrieval. They can provide the end users with personalized infor-mation services and thus alleviate the information overload problem. However, shillingattacks pose a significant threat to the security of recommender systems. Malicious usersmay manipulate the recommendation results to their benefits by injecting carefully fakeduserprofilesintorecommendersystems. Ifnotproperlydealtwith, therightsandinterestsof both the administrators and users of recommender systems will be infringed. In recentyears, the defense technology against shilling attacks has aroused widespread concern inthe academic community and become one of the current research focuses in the field ofrecommender systems.As two main research branches of attack defense technology, both attack detectionand robust recommendation technology explore from their own aspects the methods forsuppressing the negative impact of shilling attacks as well as guaranteeing the safety ofrecommender systems. This paper carries out in-depth researches towards both branchesand proposes some effective solutions. The major research achievements include:Attackdetection technologyprimarilyfocusesonhowtoidentifytheattackerssoastofilterthemoutfromthesystems.Inthisaspect, takingthepracticalvalueofdetec-tion technology as the guideline, this paper is dedicated to improving the universaland unsupervised features of detection technology. The major works include:–Considering the low degree of unsupervised feature that the existing attackdetection techniques suffer from, this paper takes the group effect of attackprofiles as the breakthrough point to introduce the quantitative metric for thegroup effect of attack profiles as well as the corresponding object function forgenetic optimization, and proves that the reachment of maxima of the objectfunction marks the optimum detection effects in ideal situation, then on thatbasis proposes the Iterative Bayesian Inference Genetic Detection Algorith-m(IBIGDA) through combining the posterior inference for the adaptive pa-rameters with the process of attack detection. Experimental results show thatIBIGDA can effectively detect shilling attacks of typical types even in lack of the system or attack-related prior parameters, it meets the need of practicaluse due to its superior unsupervised feature.–Besides unsupervised feature, universality serves as another important fac-tor determining the practical value of attack detection technology. Consider-ing the difficulty of possessing both features for the existing attack detectiontechniques, this paper reveals the latent factors invoking missing ratings un-derthenon-random-missingmechanismandfurthercombinestheselatentfac-torswithDirichletprocessintheframeworkofprobabilisticgenerativemodel,thusproposestheLatentFactorAnalysisforMissingRatings(LFAMR)model.Based on performing user clustering with this model, this paper achieves thegoal of attack detection by presenting the method for identifying attack clusterin ideal situation. Experimental results show that comparing with the existingdetection techniques, LFAMR is more universal and unsupervised, and it caneffectively detect shilling attacks of typical types and their derivatives even inlack of the apriori inputs such as user cluster numbers.Robustrecommendationtechnologyprimarilyfocusesonhowtoenhancetheintrin-sic defense ability of recommendation algorithms, without the need of data prepro-cessing by attack detection technology. In this aspect, this paper studies both thememory-based and model-based robust recommendation technology. The majorworks include:–Considering the high vulnerability of traditional user-based recommendationalgorithm to shilling attacks, on the basis of the previous work on the groupeffect of attack profiles, this paper analyzes the statistical features of the n-earest neighbors of target users before and after attack, then designs an onlinefilter for attack profiles by which the attack profiles can be filtered out fromthe nearest neighbors of target users, thus proposes the Collaborative Rec-ommendation algorithm based on Online Filter for Attack Profiles(CROFAP)by using the online filter to improve the selection strategy for nearest neigh-bors of the user-based recommendation algorithm. Experimental results showthat CROFAP exhibits satisfactory robustness, which is due to the online fil-ter capable of identifying and filtering most of the attack profiles with high accuracy.–The metadata of users and items is of great value to improve the robustnessof recommender systems. Following this design philosophy, this paper firstpresents the method for evaluating user suspiciousness with probabilistic la-tent semantic analysis, and then proposes the Metadata-enhanced VariationalBayesianMatrixFactorization(MVBMF)modelthroughintegratingBayesianprobabilistic matrix factorization model with the metadata including user sus-piciousness and item types in the way of model parameter and Logistic regres-sion, respectively, and further designs the corresponding incremental learningstrategy in order to reduce the demand for model rebuilding. Experimentalresults show that MVBMF can effectively defend against shilling attacks andalso has a high level of performance for strong and weak generalization.