Defending Collaborative Filtering Recommenders via Adversarial Robustness Based Edge Reweighting
Yongyu Wang
TL;DR
This paper introduces an adversarial robustness-based edge reweighting method to defend user-based collaborative filtering recommender systems from profile injection attacks by evaluating and attenuating sensitive edges.
Contribution
The paper proposes a novel spectral adversarial robustness evaluation to reweight user similarity edges, enhancing CF robustness against shilling attacks.
Findings
Effective defense against various attack types
Improved recommendation accuracy under attack
Robustness scores successfully identify vulnerable edges
Abstract
User based collaborative filtering (CF) relies on a user and user similarity graph, making it vulnerable to profile injection (shilling) attacks that manipulate neighborhood relations to promote (push) or demote (nuke) target items. In this work, we propose an adversarial robustness based edge reweighting defense for CF. We first assign each user and user edge a non robustness score via spectral adversarial robustness evaluation, which quantifies the edge sensitivity to adversarial perturbations. We then attenuate the influence of non robust edges by reweighting similarities during prediction. Extensive experiments demonstrate that the proposed method effectively defends against various types of attacks.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Fault Detection and Control Systems · Anomaly Detection Techniques and Applications