Shilling attacks can affect the robustness and reliability of recommendation systems. There are many shilling attack detection schemes proposed in the literature. However, these schemes have not considered the case that the examiner who is in charge of shilling attack detections can be a malicious attacker. In this paper, we study the privacy issue in the shilling attack detection for recommendation systems. In our attack model, an examiner is assumed to be an attacker who is kept from the rating profiles by secure computations techniques. And we present a novel insider attack approach where the attacker only utilizes the output of secure computations and very little prior knowledge about ratings of a target user to infer the private rating profile. The experimental results illustrate that the proposed attack approach is very effective to breach privacy of users in the recommendation systems. It is proved that there is a serious risk to privacy in the shilling attack detection.
展开▼
