Cihan Kaleli

Shilling attacks against recommender systems: a comprehensive survey

Online vendors employ collaborative filtering algorithms to provide recommendations to their customers so that they can increase their sales and profits. Although recommendation schemes are successful in e-commerce sites, they are vulnerable to shilling or profile injection attacks. On one hand, online shopping sites utilize collaborative filtering schemes to enhance their competitive edge over other companies. On the other hand, malicious users and/or competing vendors might decide to insert fake profiles into the user-item matrices in such a way so that they can affect the predicted ratings on behalf of their advantages. In the past decade, various studies have been conducted to scrutinize different shilling attacks strategies, profile injection attack types, shilling attack detection schemes, robust algorithms proposed to overcome such attacks, and evaluate them with respect to accuracy, cost/benefit, and overall performance. Due to their popularity and importance, we survey about shilling attacks in collaborative filtering algorithms. Giving an overall picture about various shilling attack types by introducing new classification attributes is imperative for further research. Explaining shilling attack detection schemes in detail and robust algorithms proposed so far might open a lead to develop new detection schemes and enhance such robust algorithms further, even propose new ones. Thus, we describe various attack types and introduce new dimensions for attack classification. Detailed description of the proposed detection and robust recommendation algorithms are given. Moreover, we briefly explain evaluation of the proposed schemes. We conclude the paper by discussing various open questions.

Providing Naïve Bayesian Classifier-Based Private Recommendations on Partitioned Data

Data collected for collaborative filtering (CF) purposes might be split between various parties. Integrating such data is helpful for both e-companies and customers due to mutual advantageous. However, due to privacy reasons, data owners do not want to disclose their data. We hypothesize that if privacy measures are provided, data holders might decide to integrate their data to perform richer CF services. In this paper, we investigate how to achieve naive Bayesian classifier (NBC)-based CF tasks on partitioned data with privacy. We perform experiments on real data, analyze our outcomes, and provide some suggestions.

Providing Private Recommendations Using Naïve Bayesian Classifier

Today’s CF systems fail to protect users’ privacy. Without privacy protection, it becomes a challenge to collect sufficient and high quality data for CF. With privacy protection, users feel comfortable to provide more truthful and dependable data. In this paper, we propose to employ randomized response techniques (RRT) to protect users’ privacy while producing accurate referrals using naive Bayesian classifier (NBC), which is one of the most successful learning algorithms. We perform various experiments using real data sets to evaluate our privacy-preserving schemes.

Achieving optimal privacy in trust-aware social recommender systems

Collaborative filtering (CF) recommenders are subject to numerous shortcomings such as centralized processing, vulnerability to shilling attacks, and most important of all privacy. To overcome these obstacles, researchers proposed for utilization of interpersonal trust between users, to alleviate many of these crucial shortcomings. Till now, attention has been mainly paid to strong points about trust-aware recommenders such as alleviating profile sparsity or calculation cost efficiency, while least attention has been paid on investigating the notion of privacy surrounding the disclosure of individual ratings and most importantly protection of trust computation across social networks forming the backbone of these systems. To contribute to addressing problem of privacy in trust-aware recommenders, within this paper, first we introduce a framework for enabling privacy-preserving trust-aware recommendation generation. While trust mechanism aims at elevating recommenders accuracy, to preserve privacy, accuracy of the system needs to be decreased. Since within this context, privacy and accuracy are conflicting goals we show that a Pareto set can be found as an optimal setting for both privacy-preserving and trust-enabling mechanisms. We show that this Pareto set, when used as the configuration for measuring the accuracy of base collaborative filtering engine, yields an optimized tradeoff between conflicting goals of privacy and accuracy. We prove this concept along with applicability of our framework by experimenting with accuracy and privacy factors, and we show through experiment how such optimal set can be inferred.

SOM-based recommendations with privacy on multi-party vertically distributed data

Data collected for providing recommendations can be partitioned among different parties. Offering distributed data-based predictions is popular due to mutual advantages. It is almost impossible to present trustworthy referrals with decent accuracy from split data only. Meaningful outcomes can be drawn from adequate data. Those companies with distributed data might want to collaborate to produce accurate and dependable recommendations to their customers. However, they hesitate to work together or refuse to collaborate because of privacy, financial concerns, and legal issues. If privacy-preserving measures are provided, such data holders might decide to collaborate for better predictions. In this study, we investigate how to provide predictions based on vertically distributed data (VDD) among multiple parties without deeply jeopardizing their confidentiality. Users are first grouped into various clusters off-line using self-organizing map clustering while protecting the online vendors’ privacy. With privacy concerns, recommendations are produced based on partitioned data using a nearest neighbour prediction algorithm. We analyse our privacy-preserving scheme in terms of confidentiality and supplementary costs. Our analysis shows that our method offers recommendations without greatly exposing data holders’ privacy and causes negligible superfluous costs because of privacy concerns. To evaluate the scheme in terms of accuracy, we perform real-data-based experiments. Our experiment results demonstrate that the scheme is still able to provide truthful predictions.

Privacy-Preserving Naïve Bayesian Classifier-Based Recommendations on Distributed Data

Data collected for recommendation purposes might be distributed among various e‐commerce sites, which can collaboratively provide more accurate predictions. However, because of privacy concerns, they might not want to work together. If privacy measures are provided, they may decide to become involved in prediction generation processes. We propose privacy‐preserving schemes eliminating e‐commerce sites’ privacy concerns for providing predictions on distributed data. We investigate how to achieve naïve Bayesian classifier‐based recommendations when data are distributed horizontally or vertically among multiple parties, even competing ones, without greatly violating their confidentiality. We analyze our schemes in terms of privacy and additional costs and show that they do not deeply violate online vendors’ secrecy and they cause insignificant overhead costs. We also perform experiments on real data, evaluate our outcomes, and provide suggestions. Our empirical results show that our schemes produce more accurate predictions.

Privacy-preserving concordance-based recommendations on vertically distributed data

Recommender systems are attractive components of e-commerce. Customers apply such systems to get help for choosing the appropriate product to purchase. To provide accurate and dependable referrals, recommender systems require sufficient user data. On the other hand, since people purchase products from different online vendors, collected user data for recommendation purposes might be distributed among several e-companies. Consequently, due to distributed data, such companies having inadequate data cannot provide truthful predictions. To overcome this challenge, data holders might want to collaborate. However, due to privacy and financial fears, they might hesitate to partnership. In this paper, we propose a concordance measure-based solution that enables data holders to produce recommendations without jeopardizing their privacy. We perform real data set-based experiments and analyze the solution in terms of privacy and extra costs. The experimental results show that e-companies can produce more accurate recommendations by employing the provided scheme.

Methods of privacy preserving in collaborative filtering

Privacy considerations of individuals becomes more and more popular issue in recommender systems due to the increasing need for protecting confidential data. Even though users of recommender systems enjoy with personalized productions, they behave timidly about sharing their private data due to the some privacy concerns about price discrimination, unsolicited marketing, govern-ment surveillance and etc. Thus, preserving confidential data of users while producing accurate predictions is one of the extremely important directions of the researches about recommendation systems. In this paper, we gather the most known studies and recently published ones about producing accurately predictions without endangering privacy in order to guide researchers interested with privacy concerns in recommender systems. Moreover, we give a brief discussion about utilized methods.

Robustness Analysis of Naïve Bayesian Classifier-Based Collaborative Filtering

In this study, binary forms of previously defined basic shilling attack models are proposed and the robustness of naive Bayesian classifier-based collaborative filtering algorithm is examined. Real data-based experiments are conducted and each attack type’s performance is explicated. Since existing measures, which are used to assess the success of shilling attacks, do not work on binary data, a new evaluation metric is proposed. Empirical outcomes show that it is possible to manipulate binary rating-based recommender systems’ predictions by inserting malicious user profiles. Hence, it is shown that naive Bayesian classifier-based collaborative filtering scheme is not robust against shilling attacks.

A review on deep learning for recommender systems: challenges and remedies

Recommender systems are effective tools of information filtering that are prevalent due to increasing access to the Internet, personalization trends, and changing habits of computer users. Although existing recommender systems are successful in producing decent recommendations, they still suffer from challenges such as accuracy, scalability, and cold-start. In the last few years, deep learning, the state-of-the-art machine learning technique utilized in many complex tasks, has been employed in recommender systems to improve the quality of recommendations. In this study, we provide a comprehensive review of deep learning-based recommendation approaches to enlighten and guide newbie researchers interested in the subject. We analyze compiled studies within four dimensions which are deep learning models utilized in recommender systems, remedies for the challenges of recommender systems, awareness and prevalence over recommendation domains, and the purposive properties. We also provide a comprehensive quantitative assessment of publications in the field and conclude by discussing gained insights and possible future work on the subject.