Top

Published in:

2020 | OriginalPaper | Chapter

Big Enough to Care Not Enough to Scare! Crawling to Attack Recommender Systems

Authors : Fabio Aiolli, Mauro Conti, Stjepan Picek, Mirko Polato

Published in: Computer Security – ESORICS 2020

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Online recommendation services, such as e-commerce sites, rely on a vast amount of knowledge about users/items that represent an invaluable resource. Part of this acquired knowledge is public and can be accessed by anyone through the Internet. Unfortunately, that same knowledge can be used by competitors or malicious users. A large body of research proposes methods to attack recommender systems, but most of these works assume that the attacker knows or can easily access the rating matrix. In practice, this information is not directly accessible, but can only be gathered via crawling.

Considering such real-life limitations, in this paper, we assess the impact of different crawling approaches when attacking a recommendation service. From the crawled information, we mount different shilling attacks. We determine the value of the collected knowledge through the reconstruction of the user/item neighborhood. Our results show that while crawling can indeed bring knowledge to the attacker (up to 65% of neighborhood reconstruction), this will not be enough to mount a successful shilling attack in practice.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Detection by Attack: Detecting Adversarial Samples by Undercover Attack

next chapter Active Re-identification Attacks on Periodically Released Dynamic Social Graphs

Available only for authorised users

https://www.torproject.org/.

http://www.netflixprize.com/.

Baeza-Yates, R., Castillo, C., Marin, M., Rodriguez, A.: Crawling a country: better strategies than breadth-first for web page ordering. In: Special Interest Tracks and Posters of the 14th International Conference on World Wide Web, WWW 2005, New York, NY, USA, pp. 864–872. Association for Computing Machinery (2005). https://doi.org/10.1145/1062745.1062768

Bhebe, W., Kogeda, O.P.: Shilling attack detection in collaborative recommender systems using a meta learning strategy. In: 2015 International Conference on Emerging Trends in Networks and Computer Communications, pp. 56–61 (2015)

Brin, S., Page, L.: The anatomy of a large-scale hypertextual web search engine. In: Proceedings of the Seventh International Conference on World Wide Web, WWW 2007, pp. 107–117. Elsevier, NLD (1998)

Burke, R., Mobasher, B., Bhaumik, R.: Limited knowledge shilling attacks in collaborative filtering systems. In: Proceedings of the 3rd IJCAI Workshop in Intelligent Techniques for Personalization (2005)

Chakrabarti, S.: Focused Web Crawling, pp. 1147–1155. Springer, Boston (2009). https://doi.org/10.1007/978-0-387-39940-9_165

Chakrabarti, S., Dom, B., Raghavan, P., Rajagopalan, S., Gibson, D., Kleinberg, J.: Automatic resource compilation by analyzing hyperlink structure and associated text. In: Proceedings of the Seventh International Conference on World Wide Web 2007, WWW 2007, pp. 65–74. Elsevier, NLD (1998)

Cho, J., Garcia-Molina, H., Page, L.: Efficient crawling through URL ordering. Comput. Netw. ISDN Syst. 30(1), 161–172 (1998). https://doi.org/10.1016/S0169-7552(98)00108-1. http://www.sciencedirect.com/science/article/pii/S0169755298001081. Proceedings of the Seventh International World Wide Web Conference

Christakopoulou, K., Banerjee, A.: Adversarial attacks on an oblivious recommender. In: Proceedings of the 13th ACM Conference on Recommender Systems, RecSys 2019, pp. 322–330. ACM (2019). https://doi.org/10.1145/3298689.3347031. http://doi.acm.org/10.1145/3298689.3347031

Deldjoo, Y., Di Noia, T., Merra, F.A.: Assessing the impact of a user-item collaborative attack on class of users. In: In Proceedings of the 13th ACM RecSys Workshop on Impact of Recommender Systems (ImpactRS@RecSys 2019) (2019). http://sisinflab.poliba.it/publications/2019/DDM19

10.

Eksombatchai, C., et al.: Pixie: a system for recommending 3+ billion items to 200+ million users in real-time. In: Proceedings of the 2018 World Wide Web Conference, WWW 2018, pp. 1775–1784. WWW Conferences Steering Committee, Republic and Canton of Geneva, CHE (2018). https://doi.org/10.1145/3178876.3186183

11.

Ester, M., Kriegel, H.P., Schubert, M.: Accurate and efficient crawling for relevant websites. In: Proceedings of the Thirtieth International Conference on Very Large Data Bases - Volume 30, VLDB 2004, pp. 396–407. VLDB Endowment (2004)

12.

Fang, M., Yang, G., Gong, N.Z., Liu, J.: Poisoning attacks to graph-based recommender systems. In: Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC 2018, New York, NY, USA, pp. 381–392. Association for Computing Machinery (2018). https://doi.org/10.1145/3274694.3274706

13.

Gomez-Uribe, C., Hunt, N.: The netflix recommender system: algorithms, business value, and innovation. ACM Trans. Manage. Inf. Syst. 6(4) (2016). https://doi.org/10.1145/2843948

14.

Gunes, I., Bilge, A., Polat, H.: Shilling attacks against memory-based privacy-preserving recommendation algorithms. TIIS 7, 1272–1290 (2013)CrossRef

15.

Gunes, I., Kaleli, C., Bilge, A., Polat, H.: Shilling attacks against recommender systems: a comprehensive survey. Artif. Intell. Rev. 42(4), 767–799 (2012). https://doi.org/10.1007/s10462-012-9364-9CrossRef

16.

Hara, K., Suzuki, I., Kobayashi, K., Fukumizu, K.: Reducing hubness: a cause of vulnerability in recommender systems. In: Proceedings of the 38th International ACM SIGIR Conference on Research and Development in Information Retrieval, SIGIR 2015, New York, NY, USA, pp. 815–818. Association for Computing Machinery (2015). https://doi.org/10.1145/2766462.2767823

17.

Holzmann, H., Anand, A., Khosla, M.: Delusive PageRank in incomplete graphs. In: Aiello, L.M., Cherifi, C., Cherifi, H., Lambiotte, R., Lió, P., Rocha, L.M. (eds.) COMPLEX NETWORKS 2018. SCI, vol. 812, pp. 104–117. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-05411-3_9CrossRef

18.

Holzmann, H., Anand, A., Khosla, M.: Estimating PageRank deviations in crawled graphs. Appl. Netw. Sci. 4, 86–107 (2019)CrossRef

19.

Hurley, N.J., O’Mahony, M.P., Silvestre, G.C.M.: Attacking recommender systems: a cost-benefit analysis. IEEE Intell. Syst. 22(3), 64–68 (2007)CrossRef

20.

Knees, P., Schnitzer, D., Flexer, A.: Improving neighborhood-based collaborative filtering by reducing hubness. In: Proceedings of International Conference on Multimedia Retrieval, ICMR 2014, New York, NY, USA, pp. 161–168. Association for Computing Machinery (2014). https://doi.org/10.1145/2578726.2578747

21.

Koren, Y., Bell, R.: Advances in Collaborative Filtering, pp. 145–186. Springer, Boston (2011). https://doi.org/10.1007/978-0-387-85820-3_5CrossRef

22.

Koster, M.: Robots in the web: threat or treat? ConneXions 9(4), 8–18 (1995)

23.

Lawankar, A., Mangrulkar, N.: A review on techniques for optimizing web crawler results. In: 2016 World Conference on Futuristic Trends in Research and Innovation for Social Welfare (Startup Conclave), pp. 1–4 (2016)

24.

Li, B., Wang, Y., Singh, A., Vorobeychik, Y.: Data poisoning attacks on factorization-based collaborative filtering. In: Proceedings of the 30th International Conference on Neural Information Processing Systems, NIPS 2016, pp. 1893–1901 (2016). http://dl.acm.org/citation.cfm?id=3157096.3157308

25.

Linden, G., Smith, B., York, J.: Amazon.com recommendations: item-to-item collaborative filtering. IEEE Internet Comput. 7(1), 76–80 (2003)

26.

Muñoz-González, L., Pfitzner, B., Russo, M., Carnerero-Cano, J., Lupu, E.C.: Poisoning attacks with generative adversarial nets. ArXiv abs/1906.07773 (2019)

27.

Page, L., Brin, S., Motwani, R., Winograd, T.: The PageRank citation ranking: bringing order to the web. In: WWW 1999 (1999)

28.

Patel, K., Thakkar, A., Shah, C., Makvana, K.: A state of art survey on shilling attack in collaborative filtering based recommendation system. In: Satapathy, S.C.C., Das, S. (eds.) Proceedings of First International Conference on Information and Communication Technology for Intelligent Systems: Volume 1. SIST, vol. 50, pp. 377–385. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-30933-0_38CrossRef

29.

Rendle, S., Freudenthaler, C., Gantner, Z., Schmidt-Thieme, L.: BPR: Bayesian personalized ranking from implicit feedback. In: Proceedings of the Twenty-Fifth Conference on Uncertainty in Artificial Intelligence, UAI 2009, Arlington, Virginia, USA, pp. 452–461. AUAI Press (2009)

30.

Ricci, F., Rokach, L., Shapira, B.: Recommender Systems Handbook. Springer, Boston (2011). https://doi.org/10.1007/978-0-387-85820-3_25

31.

Si, M., Li, Q.: Shilling attacks against collaborative recommender systems: a review. Artif. Intell. Rev. 53(1), 291–319 (2018). https://doi.org/10.1007/s10462-018-9655-xCrossRef

32.

Su, X., Khoshgoftaar, T.M.: A survey of collaborative filtering techniques. Adv. Artif. Intell. 2009 (2009). https://doi.org/10.1155/2009/421425

33.

Zhang, Y., Gao, H., Pei, G., Luo, S., Chang, G., Cheng, N.: A survey of research on captcha designing and breaking techniques. In: 2019 18th IEEE International Conference On Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), pp. 75–84 (2019)

34.

Zhou, W., et al.: Shilling attacks detection in recommender systems based on target item analysis. PLoS ONE 10(7), 1–26 (2015). https://doi.org/10.1371/journal.pone.0130968CrossRef

Title: Big Enough to Care Not Enough to Scare! Crawling to Attack Recommender Systems
Authors: Fabio Aiolli
Mauro Conti
Stjepan Picek
Mirko Polato
Publisher: Springer International Publishing
Book: Computer Security – ESORICS 2020
Print ISBN: 978-3-030-59012-3

Electronic ISBN: 978-3-030-59013-0

Copyright Year: 2020
DOI: https://doi.org/10.1007/978-3-030-59013-0_9

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner