Organized malicious shilling attackers influence the output of the collaborative filtering recommendation systems by inserting fake users into the rating matrix within the database. The existence of shilling attack poses a serious risk to the stability of the system. To counter this specific security threat, many attack detection methods are proposed. Some of the past methods suffer from two disadvantages, the first being that they only analyze the rating matrix from a single perspective of user rating values and ignore other perspectives. Another is that some methods only use a single classifier to handle the classification of malicious attackers. Considering the above disadvantages, this paper proposes a gradient boosting method (named XGB-SAD) to achieve attack detection by combining double-view and gradient boosting. We first analyze the rating matrix with a double-view of time and item, which in turn defines the TPUS collection. Then our method uses eXtreme Gradient Boosting to perform heuristic iterative optimization of the model's objective function and uses the idea of ensemble learning to integrate multiple sets of base classifiers into strong classifier. The integrated strong classifiers are used to complete the detection of malicious attackers. Finally, we perform several experiments and the results demonstrate that XGB-SAD outperforms the comparison methods in terms of small-scale attack detection and overall detection, which proves the performance of our method.
Citation: Chen Shao, Yue zhong yi Sun. Shilling attack detection for collaborative recommender systems: a gradient boosting method[J]. Mathematical Biosciences and Engineering, 2022, 19(7): 7248-7271. doi: 10.3934/mbe.2022342
Organized malicious shilling attackers influence the output of the collaborative filtering recommendation systems by inserting fake users into the rating matrix within the database. The existence of shilling attack poses a serious risk to the stability of the system. To counter this specific security threat, many attack detection methods are proposed. Some of the past methods suffer from two disadvantages, the first being that they only analyze the rating matrix from a single perspective of user rating values and ignore other perspectives. Another is that some methods only use a single classifier to handle the classification of malicious attackers. Considering the above disadvantages, this paper proposes a gradient boosting method (named XGB-SAD) to achieve attack detection by combining double-view and gradient boosting. We first analyze the rating matrix with a double-view of time and item, which in turn defines the TPUS collection. Then our method uses eXtreme Gradient Boosting to perform heuristic iterative optimization of the model's objective function and uses the idea of ensemble learning to integrate multiple sets of base classifiers into strong classifier. The integrated strong classifiers are used to complete the detection of malicious attackers. Finally, we perform several experiments and the results demonstrate that XGB-SAD outperforms the comparison methods in terms of small-scale attack detection and overall detection, which proves the performance of our method.
[1] | K. Wang, Z. Zou, Q. Deng, R. Wu, J. Tao, C. Fan, Reinforcement learning with a disentangled universal value function for item recommendation, in Proceedings of the AAAI conference on artificial intelligence, 35 (2021), 4427-4435. https://doi.org/10.48550/arXiv.2104.02981 |
[2] | R. Yu, Y. Gong, X. He, B. An, Y. Zhu, Q. Liu, et al., Personalized adaptive meta learning for cold-start user preference prediction, preprint, arXiv: 2012.11842. https://doi.org/10.48550/arXiv.2012.11842 |
[3] | A. Javari, Z. He, Z. Huang, R. Jeetu, C. C. Chang, Weakly supervised attention for hashtag recommendation using graph data, in Proceedings of The Web Conference, (2020), 1038-1048. https://doi.org/10.1145/3366423.3380182 |
[4] | C. Tong, X. Yin, J. Li, T. Zhu, R. Lv, L. Sun, et al., A shilling attack detector based on convolutional neural network for collaborative recommender system in social aware network, Comput. J., 7 (2018), 949-958. https://doi.org/10.1093/comjnl/bxy008 doi: 10.1093/comjnl/bxy008 |
[5] | C. Rami, O. S. Shalom, D. Jannach, A. Amir, A black-box attack model for visually-aware recommender systems, in Proceedings of the 14th ACM International Conference on Web Search and Data Mining, (2021), 94-102. https://doi.org/10.1145/3437963.3441757 |
[6] | Y. J. Hao, P. Zhang, F. Z. Zhang, Multiview ensemble method for detecting shilling attacks in collaborative recommender systems, Secur. Commun. Netw., 2018 (2018). https://doi.org/10.1155/2018/8174603 doi: 10.1155/2018/8174603 |
[7] | P. A. Chirita, W. Nejdl, C. Zamfir, Preventing shilling attacks in online recommender systems, in Proceedings of the 7th annual ACM international workshop on Web information and data management, (2005), 67-74. https://doi.org/10.1145/1097047.1097061 |
[8] | R. Burke, B. Mobasher, C. Williams, R. Bhaumik, Classification features for attack detection in collaborative recommender systems, in Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining, (2006), 542-547. https://doi.org/10.1145/1150402.1150465 |
[9] | C. A. Williams, B. Mobasher, R. Burke, Defending recommender systems: detection of profile injection attacks, Serv. Oriented Comput. Appl., 1 (2007), 157-170. https://doi.org/10.1007/s11761-007-0013-0 doi: 10.1007/s11761-007-0013-0 |
[10] | T. Tong, Y. Tang, An effective recommender attack detection method based on time SFM factors, in 2011 IEEE 3rd International Conference on Communication Software and Networks, (2011), 78-81. https://doi.org/10.1109/ICCSN.2011.6013780 |
[11] | H. Xia, B. Fang, M. Gao, H. Ma, Y. Tang, J. Wen, A novel item anomaly detection approach against shilling attacks in collaborative recommendation systems using the dynamic time interval segmentation technique, Inf. Sci., (2015), 150-165. https://doi.org/10.1016/j.ins.2015.02.019 |
[12] | Z. Yang, L. Xu, Z. Cai, Z. Xu, Re-scale AdaBoost for attack detection in collaborative filtering recommender systems, Knowl.-Based Syst., 100 (2016), 74-88. https://doi.org/10.1016/j.knosys.2016.02.008 doi: 10.1016/j.knosys.2016.02.008 |
[13] | Z. A. Wu, Y. Zhuang, Y. Q. Wang, J. Cao, Shilling attack detection based on feature selection for recommendation systems, Chin. J. Electron., 8 (2012), 1687. https://doi.org/10.3969/j.issn.0372-2112.2012.08.031 doi: 10.3969/j.issn.0372-2112.2012.08.031 |
[14] | W. T. Li, M. Gao, H. Li, J. Zeng, Q. Xiong, S. Hirokawa, Shilling attack detection in recommender systems via selecting patterns analysis, IEICE Trans. Inf. Syst., 99 (2016), 2600-2611. https://doi.org/10.1587/transinf.2015EDP7500 doi: 10.1587/transinf.2015EDP7500 |
[15] | Z. Wu, J. Wu, J. Cao, D. Tao, Hysad: A semi-supervised hybrid shilling attack detector for trustworthy product recommendation, in Proceedings of the 18th ACM SIGKDD international conference on Knowledge discovery and data mining, (2012), 985-993. https://doi.org/10.1145/2339530.2339684 |
[16] | B. Mehta, Unsupervised shilling detection for collaborative filtering, in 2007 National Conference on Artificial Intelligence, 2 (2007), 1402-1407. https://dl.acm.org/doi/10.5555/1619797.1619870 |
[17] | Z. Yang, Z. Cai, X. Guan, Estimating user behavior toward detecting anomalous ratings in rating systems, Knowl.-Based Syst., 111 (2016), 144-158. https://doi.org/10.1016/j.knosys.2016.08.011 doi: 10.1016/j.knosys.2016.08.011 |
[18] | S. Zhang, A. Chakrabarti, J. Ford, F. Makedon, Attack detection in time series for recommender systems, in Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining, (2006), 809-814. https://doi.org/10.1145/1150402.1150508 |
[19] | G. S. Oestreicher, A. Sundararajan, Recommendation networks and the long tail of electronic commerce, MIS Q., 36 (2012), 65-83. https://dx.doi.org/10.2139/ssrn.1324064 |
[20] | T. Q. Chen, G. Carlos, Xgboost: A scalable tree boosting system, in Proceedings of the 22nd ACM SIGKDD international conference on knowledge discovery and data mining, (2016), 785-794. https://doi.org/10.1145/2939672.2939785 |
[21] | F. M. Harper, J. A. Konstan, The movielens datasets: History and context, ACM Trans. Interact. Intell. Syst., 5 (2015), 1-19. https://doi.org/10.1145/2827872 doi: 10.1145/2827872 |
[22] | J. Cao, W. Zhang, B. Mao, Y. Zhang, Shilling attack detection utilizing semi-supervised learning method for collaborative recommender system, World Wide Web, 16 (2013), 729-748. https://doi.org/10.1007/s11280-012-0164-6 doi: 10.1007/s11280-012-0164-6 |
[23] | W. Bhebe, O. P. Kogeda, Shilling attack detection in collaborative recommender systems using a meta learning strategy, in 2015 International Conference on Emerging Trends in Networks and Computer Communications (ETNCC), (2015), 56-61. https://doi.org/10.1109/ETNCC.2015.7184808 |