Mixed Shilling Attack Detection Based On User Profiles And Rating Series

Recommender systems (RS) are important information filtering technology. Thesafety of RS has been widely focused. Researches indicate that shilling attack (SA) is aserious threat to RS, which usually affects the prediction of RS to seek improperbenefits by injecting malicious biased profiles to rating matrix. Both of the operator andusers would be abused, if the SA is bungled.The study of SA detection consist of the two parts: the study of SA models and thestudy of SA detectors. The former defines the basic framework of SA in the aspects ofthe knowledge requirements, the purpose of the attack, attack power. The latter tries tofind different characteristics between attack profiles and user profiles from twoapproaches: the profile approach and the rating series approach. Aiming at givingeffective solutions to the defects of the current approaches, this paper studies in thefollowing two aspects:①This paper proposes a novel approach called anomaly detection of rating seriesbased on hypothesis testing. This paper introduces multinomial distribution to describethe subsequences observed by the sliding window. And then dirichlet distribution isemployed to capture the variation of multinomial distribution. Based on above work,statistical inference could be made to decide if a subsequence is anomalous. This papercaptures the variation of sequence more accurately than the former ones. Moreimportantly, dirichlet hypothesis testing is designed to implement the statisticalinference. Instead of the non-parameterized chi-square test or Gaussian hypothesis test,dirichlet hypothesis is more pertinent with less error rate. The experiment results showthat the performance is better than the compared ones.②This article summarizes the advantages and disadvantages of both rating seriesapproach and user profile approach, and then point out the flaws of the both. Theformer’s defect is that the attack, which have the right distribution, can avoid beingdetected by rating series detectors. And the more serious problem is that pure ratingseries detectors will ignore the toxicity of attack profiles. And few highly-toxic profiles(1%-3%) may have huge impact on the target item before the detector start to work. Thelatter’s defect is that when the attacker has enough knowledge to create user simulationattack and there is too little difference between user profiles and attack profiles to becaptured by the profile detectors. In order to make up for these shortcomings, this paper puts forward a mixed test technology which enables two classes of method to make upfor their own defects of each other. In order to reduce the effects of attack，mixed testworks from two aspects: slow down the injection progress and weaken the toxicity ofevery profile. The experiments testify the following points in several classic RS:1) User profile detector is not responding to simulation attack. And highly-toxicprofiles have huge impact on the target item before the detector start to work.2）The mixed detector, combining the advantages of above two detectors, thusgreatly limits the impact of shilling attack to RS.