Bo Li, Yining Wang, Aarti Singh, Yevgeniy Vorobeychik
Citation
Bo Li, Yining Wang, Aarti Singh, Yevgeniy Vorobeychik. "Data poisoning attacks on factorization-based collaborative filtering". Neural Information Processing Systems (NIPS 2016), 2017.
Abstract
Recommendation and collaborative filtering systems are important in modern information
and e-commerce applications. As these systems are becoming increasingly
popular in the industry, their outputs could affect business decision making, introducing
incentives for an adversarial party to compromise the availability or
integrity of such systems. We introduce a data poisoning attack on collaborative
filtering systems. We demonstrate how a powerful attacker with full knowledge
of the learner can generate malicious data so as to maximize his/her malicious
objectives, while at the same time mimicking normal user behavior to avoid being
detected. While the complete knowledge assumption seems extreme, it enables a
robust assessment of the vulnerability of collaborative filtering schemes to highly
motivated attacks. We present efficient solutions for two popular factorizationbased
collaborative filtering algorithms: the alternative minimization formulation
and the nuclear norm minimization method. Finally, we test the effectiveness of our
proposed algorithms on real-world data and discuss potential defensive strategies.
Electronic downloads
| Citation formats |
- HTML
Bo Li, Yining Wang, Aarti Singh, Yevgeniy Vorobeychik. <a href="http://www.cps-forces.org/pubs/252.html" >Data poisoning attacks on factorization-based collaborative filtering</a>, Neural Information Processing Systems (NIPS 2016), 2017.
- Plain text
Bo Li, Yining Wang, Aarti Singh, Yevgeniy Vorobeychik. "Data poisoning attacks on factorization-based collaborative filtering". Neural Information Processing Systems (NIPS 2016), 2017.
- BibTeX
@inproceedings{LiWangSinghVorobeychik17_DataPoisoningAttacksOnFactorizationbasedCollaborative, author = {Bo Li and Yining Wang and Aarti Singh and Yevgeniy Vorobeychik}, title = {Data poisoning attacks on factorization-based collaborative filtering}, booktitle = {Neural Information Processing Systems (NIPS 2016)}, year = {2017}, abstract = {Recommendation and collaborative filtering systems are important in modern information and e-commerce applications. As these systems are becoming increasingly popular in the industry, their outputs could affect business decision making, introducing incentives for an adversarial party to compromise the availability or integrity of such systems. We introduce a data poisoning attack on collaborative filtering systems. We demonstrate how a powerful attacker with full knowledge of the learner can generate malicious data so as to maximize his/her malicious objectives, while at the same time mimicking normal user behavior to avoid being detected. While the complete knowledge assumption seems extreme, it enables a robust assessment of the vulnerability of collaborative filtering schemes to highly motivated attacks. We present efficient solutions for two popular factorizationbased collaborative filtering algorithms: the alternative minimization formulation and the nuclear norm minimization method. Finally, we test the effectiveness of our proposed algorithms on real-world data and discuss potential defensive strategies. }, URL = {http://cps-forces.org/pubs/252.html} }
Posted by Waseem Abbas on 2 Mar 2017.
Groups: forces
For additional information, see the
Publications FAQ or
contact webmaster at cps-forces org.
Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.