Understanding and Improving Adversarial Collaborative Filtering for Robust Recommendation

TL;DR

This paper provides a theoretical analysis of Adversarial Collaborative Filtering (ACF), demonstrating its advantages over traditional CF in robustness and performance, and introduces a personalized perturbation method to further improve its effectiveness.

Contribution

The paper offers the first theoretical insights into ACF's benefits and proposes PamaCF, a personalized perturbation approach that enhances robustness and recommendation quality.

Findings

ACF achieves lower recommendation error than traditional CF.

Personalized perturbation magnitudes improve ACF effectiveness.

PamaCF effectively defends against poisoning attacks.

Abstract

Adversarial Collaborative Filtering (ACF), which typically applies adversarial perturbations at user and item embeddings through adversarial training, is widely recognized as an effective strategy for enhancing the robustness of Collaborative Filtering (CF) recommender systems against poisoning attacks. Besides, numerous studies have empirically shown that ACF can also improve recommendation performance compared to traditional CF. Despite these empirical successes, the theoretical understanding of ACF's effectiveness in terms of both performance and robustness remains unclear. To bridge this gap, in this paper, we first theoretically show that ACF can achieve a lower recommendation error compared to traditional CF with the same training epochs in both clean and poisoned data contexts. Furthermore, by establishing bounds for reductions in recommendation error during ACF's optimization process, we find that applying personalized magnitudes of perturbation for different users based on their embedding scales can further improve ACF's effectiveness. Building on these theoretical understandings, we propose Personalized Magnitude Adversarial Collaborative Filtering (PamaCF). Extensive experiments demonstrate that PamaCF effectively defends against various types of poisoning attacks while significantly enhancing recommendation performance.