On Detecting Data Pollution Attacks On Recommender Systems Using Sequential GANs

TL;DR

This paper introduces a semi-supervised method using a modified sequential GAN architecture to detect malicious data injections in recommender systems by leveraging genuine data distribution and contextual user activity.

Contribution

It presents a novel semi-supervised attack detection approach that incorporates contextual information into GANs to identify data pollution in recommender systems.

Findings

Effective detection of malicious datapoints demonstrated

Utilizes less polluted data to learn genuine data distribution

Enhances robustness of recommender systems against attacks

Abstract

Recommender systems are an essential part of any e-commerce platform. Recommendations are typically generated by aggregating large amounts of user data. A malicious actor may be motivated to sway the output of such recommender systems by injecting malicious datapoints to leverage the system for financial gain. In this work, we propose a semi-supervised attack detection algorithm to identify the malicious datapoints. We do this by leveraging a portion of the dataset that has a lower chance of being polluted to learn the distribution of genuine datapoints. Our proposed approach modifies the Generative Adversarial Network architecture to take into account the contextual information from user activity. This allows the model to distinguish legitimate datapoints from the injected ones.