Knowledge-enhanced Shilling Attacks for Recommendation: Discussion Paper

摘要

Collaborative filtering (CF) recommendation models lie at the core of most industrial engines due to their state-of-the-art performance. Their leading performance owes hugely on exploiting users' past feedbacks to identify similar user or item pairs. Unfortunately this similarity computation is vulnerable to shilling profile injection attack, in which an attacker can insert fake user profiles into the system with the goal to alter the similarities and resulting recommendations in an engineered manner. In this work, we introduce SAShA, a new attack strategy that leverages semantic features extracted from a knowledge graph in order to strengthen the efficacy of the attack against standard CF models. Validation of the system is conducted across two publicly available datasets and various attacks, CF models and semantic information. Results underline the vulnerability of well-known CF models against the proposed semantic attacks compared with the baseline version.