Towards Robust Recommender Systems via Triple Cooperative Defense

TL;DR

This paper introduces Triple Cooperative Defense (TCD), a novel framework that enhances recommender system robustness against fake profiles by co-training three models with pseudo labels, outperforming existing methods in resisting poisoning attacks.

Contribution

The paper proposes a new integrated framework, TCD, combining data processing and robust modeling through cooperative co-training of three models for improved robustness and generalization.

Findings

TCD significantly outperforms baseline methods against five poisoning attacks.

TCD enhances model robustness without excluding normal data.

TCD also improves the generalization ability of recommender models.

Abstract

Recommender systems are often susceptible to well-crafted fake profiles, leading to biased recommendations. The wide application of recommender systems makes studying the defense against attack necessary. Among existing defense methods, data-processing-based methods inevitably exclude normal samples, while model-based methods struggle to enjoy both generalization and robustness. Considering the above limitations, we suggest integrating data processing and robust model and propose a general framework, Triple Cooperative Defense (TCD), which cooperates to improve model robustness through the co-training of three models. Specifically, in each round of training, we sequentially use the high-confidence prediction ratings (consistent ratings) of any two models as auxiliary training data for the remaining model, and the three models cooperatively improve recommendation robustness. Notably, TCD adds pseudo label data instead of deleting abnormal data, which avoids the cleaning of normal data, and the cooperative training of the three models is also beneficial to model generalization. Through extensive experiments with five poisoning attacks on three real-world datasets, the results show that the robustness improvement of TCD significantly outperforms baselines. It is worth mentioning that TCD is also beneficial for model generalizations.