RecPS: Privacy Risk Scoring for Recommender Systems
Jiajie He, Yuechun Gu, Keke Chen
TL;DR
RecPS introduces a novel privacy risk scoring method for recommender systems, enabling users and developers to quantify and understand the sensitivity of user interactions and improve privacy-aware model development.
Contribution
The paper proposes RecPS, a new privacy scoring framework based on membership inference attacks, extending differential privacy concepts to interaction and user levels in RecSys.
Findings
RecPS effectively quantifies privacy risks in RecSys data.
RecLiRA provides high-quality membership inference for privacy scoring.
Experiments demonstrate RecPS's utility in risk assessment and model unlearning.
Abstract
Recommender systems (RecSys) have become an essential component of many web applications. The core of the system is a recommendation model trained on highly sensitive user-item interaction data. While privacy-enhancing techniques are actively studied in the research community, the real-world model development still depends on minimal privacy protection, e.g., via controlled access. Users of such systems should have the right to choose \emph{not} to share highly sensitive interactions. However, there is no method allowing the user to know which interactions are more sensitive than others. Thus, quantifying the privacy risk of RecSys training data is a critical step to enabling privacy-aware RecSys model development and deployment. We propose a membership-inference attack (MIA)- based privacy scoring method, RecPS, to measure privacy risks at both the interaction and user levels. The…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.