Article

Attack detection in time series for recommender systems

Authors:

Sheng Zhang,

Amit Chakrabarti,

James Ford,

Fillia MakedonAuthors Info & Claims

KDD '06: Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining

Pages 809 - 814

https://doi.org/10.1145/1150402.1150508

Published: 20 August 2006 Publication History

Get Access

Abstract

Recent research has identified significant vulnerabilities in recommender systems. Shilling attacks, in which attackers introduce biased ratings in order to influence future recommendations, have been shown to be effective against collaborative filtering algorithms. We postulate that the distribution of item ratings in time can reveal the presence of a wide range of shilling attacks given reasonable assumptions about their duration. To construct a time series of ratings for an item, we use a window size of k to group consecutive ratings for the item into disjoint windows and compute the sample average and sample entropy in each window. We derive a theoretically optimal window size to best detect an attack event if the number of attack profiles is known. For practical applications where this number is unknown, we propose a heuristic algorithm that adaptively changes the window size. Our experimental results demonstrate that monitoring rating distributions in time series is an effective approach for detecting shilling attacks.

References

[1]

A. Antos and I. Kontoyiannis. Convergence properties of functional estimates for discrete distributions. Random Structures and Algorithms, 19(3-4):163--193, 2001.

Digital Library

Google Scholar

[2]

G. Basarin. On a statistical estimate for the entropy of a sequence of independent random variables. Theory of Probability and Its Applications, 4(3):333--336, 1959.

Crossref

Google Scholar

[3]

P. J. Brockwell and R. A. Davis. Introduction to Time Series and Forecasting. Springer, 2nd edition, 2002.

Google Scholar

[4]

J. D. Brutlag. Aberrant behavior detection in time series for network monitoring. In Proc. of the 14th USENIX Systems Administration Conference, pages 139--146, 2000.

Digital Library

Google Scholar

[5]

R. Burke, B. Mobasher, R. Bhaumik, and C. Williams. Segment-based injection attacks against collaborative filtering recommender systems. In Proc. of the IEEE Int. Conf. on Data Mining, pages 577--580, 2005.

Digital Library

Google Scholar

[6]

P.-A. Chirita, W. Nejdl, and C. Zamfir. Preventing shilling attacks in online recommender systems. In Proc. of ACM Int. Workshop on Web Information and Data Management, pages 67--74, 2005.

Digital Library

Google Scholar

[7]

E. Keogh, J. Lin, and A. Fu. HOT SAX: Finding the most unusual time series subsequence: Algorithms and applications. In Proc. of the IEEE Int. Conf. on Data Mining, pages 226--233, 2005.

Digital Library

Google Scholar

[8]

A. Lakhina, M. Crovella, and C. Diot. Mining anomalies using traffic feature distributions. In Proc. of SIGCOMM, pages 217--228, 2005.

Digital Library

Google Scholar

[9]

S. K. Lam and J. Riedl. Shilling recommender systems for fun and profit. In Proc. of the 13th WWW, pages 393--402, 2004.

Digital Library

Google Scholar

[10]

B. Mobasher, R. Burke, C. Williams, and R. Bhaumik. Analysis and detection of segment-focused attacks against collaborative recommendation. In Proceedings of the 2005 WebKDD Workshop (Lecture Notes in Computer Science), 2006.

Digital Library

Google Scholar

[11]

M. O'Mahony, N. Hurley, N. Kushmerick, and G. Silvestre. Collaborative recommendation: A robust analysis. ACM Transactions on Internet Technology, 4(4):344--377, 2004.

Digital Library

Google Scholar

[12]

L. Wasserman. All of Statistics: A Concise Course in Statistical Inference. Springer, 2004.

Digital Library

Google Scholar

[13]

S. Zhang, J. Ford, and F. Makedon. Analysis of a low-dimensional linear model under recommendation attacks. In Proc. of the 29th ACM SIGIR, 2006.

Digital Library

Google Scholar

Cited By

View all

Nguyen TQuoc Viet Hung NNguyen THuynh TNguyen TWeidlich MYin H(2024)Manipulating Recommender Systems: A Survey of Poisoning Attacks and CountermeasuresACM Computing Surveys10.1145/3677328Online publication date: 25-Jul-2024
https://doi.org/10.1145/3677328
Hao YWang HZhao QFeng LWang J(2024)Detecting the adversarially-learned injection attacks via knowledge graphsInformation Systems10.1016/j.is.2024.102419125(102419)Online publication date: Nov-2024
https://doi.org/10.1016/j.is.2024.102419
Jia JLiu YHu YGong NCalandrino JTroncoso C(2023)POREProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620333(1703-1720)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620333
Show More Cited By

Index Terms

Attack detection in time series for recommender systems

Recommendations

Preventing shilling attacks in online recommender systems
WIDM '05: Proceedings of the 7th annual ACM international workshop on Web information and data management

Collaborative filtering techniques have been successfully employed in recommender systems in order to help users deal with information overload by making high quality personalized recommendations. However, such systems have been shown to be vulnerable ...
Strategies for Effective Shilling Attacks against Recommender Systems
Privacy, Security, and Trust in KDD

One area of research which has recently gained importance is the security of recommender systems. Malicious users may influence the recommender system by inserting biased data into the system. Such attacks may lead to erosion of user trust in the ...
Detecting shilling attacks in recommender systems based on analysis of user rating behavior
Abstract
The existing unsupervised methods for detecting shilling attacks are mostly based on the rating patterns of users, ignoring the rating behavior difference between genuine users and attack users, and these methods suffer from low ...

Comments

Information & Contributors

Information

Published In

KDD '06: Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining

August 2006

986 pages

ISBN:1595933395

DOI:10.1145/1150402

Conference Chair:
Tina Eliassi-Rad
LLNL
,
General Chair:
Lyle Ungar
University of Pennsylvania
,
Program Chairs:
Mark Craven
University of Wisconsin
,
Dimitrios Gunopulos
University of California, Riverside

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 20 August 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

KDD06

Sponsor:

KDD06: The 12th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining

August 20 - 23, 2006

PA, Philadelphia, USA

Acceptance Rates

Overall Acceptance Rate 1,133 of 8,635 submissions, 13%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

56
Total Citations
View Citations
953
Total Downloads

Downloads (Last 12 months)16
Downloads (Last 6 weeks)1

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Nguyen TQuoc Viet Hung NNguyen THuynh TNguyen TWeidlich MYin H(2024)Manipulating Recommender Systems: A Survey of Poisoning Attacks and CountermeasuresACM Computing Surveys10.1145/3677328Online publication date: 25-Jul-2024
https://doi.org/10.1145/3677328
Hao YWang HZhao QFeng LWang J(2024)Detecting the adversarially-learned injection attacks via knowledge graphsInformation Systems10.1016/j.is.2024.102419125(102419)Online publication date: Nov-2024
https://doi.org/10.1016/j.is.2024.102419
Jia JLiu YHu YGong NCalandrino JTroncoso C(2023)POREProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620333(1703-1720)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620333
Wu CLian DGe YZhu ZChen E(2023)Influence-Driven Data Poisoning for Robust Recommender SystemsIEEE Transactions on Pattern Analysis and Machine Intelligence10.1109/TPAMI.2023.3274759(1-17)Online publication date: 2023
https://doi.org/10.1109/TPAMI.2023.3274759
Zayed RIbrahim LHefny HSalman HAlMohimeed A(2023)Experimental and Theoretical Study for the Popular Shilling Attacks Detection Methods in Collaborative Recommender SystemIEEE Access10.1109/ACCESS.2023.328940411(79358-79369)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3289404
Shao CSun Y(2022)Shilling attack detection for collaborative recommender systems: a gradient boosting methodMathematical Biosciences and Engineering10.3934/mbe.202234219:7(7248-7271)Online publication date: 2022
https://doi.org/10.3934/mbe.2022342
Barbieri JAlvim LBraida FZimbrão G(2022)Simulating real profiles for shilling attacksKnowledge-Based Systems10.1016/j.knosys.2021.107390230:COnline publication date: 22-Apr-2022
https://dl.acm.org/doi/10.1016/j.knosys.2021.107390
Wu CLian DGe YZhu ZChen EZhu FChin Ooi BMiao CWang HSkrypnyk IHsu WChawla S(2021)Triple Adversarial Learning for Influence based Poisoning Attack in Recommender SystemsProceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery & Data Mining10.1145/3447548.3467335(1830-1840)Online publication date: 14-Aug-2021
https://dl.acm.org/doi/10.1145/3447548.3467335
Wu CLian DGe YZhu ZChen EYuan SDiaz FShah CSuel TCastells PJones RSakai T(2021)Fight Fire with Fire: Towards Robust Recommender Systems via Adversarial Poisoning TrainingProceedings of the 44th International ACM SIGIR Conference on Research and Development in Information Retrieval10.1145/3404835.3462914(1074-1083)Online publication date: 11-Jul-2021
https://dl.acm.org/doi/10.1145/3404835.3462914
Ebrahimian MKashef R(2021)A CNN-based Hybrid Model and Architecture for Shilling Attack Detection2021 IEEE Canadian Conference on Electrical and Computer Engineering (CCECE)10.1109/CCECE53047.2021.9569048(1-7)Online publication date: 12-Sep-2021
https://doi.org/10.1109/CCECE53047.2021.9569048
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Preventing shilling attacks in online recommender systems

Strategies for Effective Shilling Attacks against Recommender Systems

Detecting shilling attacks in recommender systems based on analysis of user rating behavior

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Preventing shilling attacks in online recommender systems

Strategies for Effective Shilling Attacks against Recommender Systems

Detecting shilling attacks in recommender systems based on analysis of user rating behavior

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Get Access

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations