Research And Implementation Of An Attack Detection System Based On Network Embeddedding

With the development of science and technology,the amount of information has increased rapidly,and the problem of information overload has also arisen.The recommendation system can effectively solve the information overload problem and actively recommend the information that the user may need.The recommendation algorithm based on collaborative filtering technology is widely used due to its high efficiency.The basic idea of collaborative filtering technology is that users with similar preferences tend to purchase the same product.Malicious users will use this feature to inject user profiles into the system to influence the system's recommendation results.Shilling attack will reduce the accuracy of the recommendation result,which will affect the system's robustness and reduce the user experience.Therefore,it is very important to study the method of detecting attack.Due to the lack of real data sets in the research process of shilling attacks,most existing detection algorithms use artificially constructed datasets for research.Yelp and Amazon have recently opened marked real datasets.This thesis analyzes and compares the difference between constructed datasets and real datasets.It is found that the difference between the statistical profiles of the spammers and the normal users in the real dataset is not obvious.Existing methods based on profile features are difficult to effectively detect spammers in the real dataset.Therefore,this paper proposes an efficient attack detection algorithm by using the essential feature that "the attacker will inevitably attack a certain number of target projects in a group to achieve the goal." Based on the detection technology,the attack detection system was developed.The main work of this thesis as follows:(1)Comparisons were made between the datasets artificially constructed using the attack model and the real datasets.The differences between the two types of data are analyzed from two aspects of the user's statistical profile characteristics and low-dimensional space.Through analysis,some existing detection algorithms based on user statistical profile features are not suitable for real scenarios.(2)An attack detection algorithm is proposed by jointly decomposing user-item matrix and user-user co-occurrence matrix through shared potential user vector.Attacks by groups on a large scale can cause local clustering in the user project's bipartite graph.No matter how the attack mode changes,this essential feature does not change.Methods based on profile features do not capture this structural information.The user vector learned through joint matrix decomposition includes not only the user-item behavior information but also the structure information,so it has a better detection effect.Experiments on constructing datasets and two real datasets demonstrate the efficiency and universality of the proposed method.(4)Combining software development techniques to develop a shilling attack detection system.The system mainly includes the attack injection function and the attack detection function.The injection attack implements some existing attack models.Users can construct attack data manually by using the injection attack function.The attack detection function implements existing detection algorithms with better results and helps users to detect spammers in the system.