Timezone: »

 
Poster
Revisiting Injective Attacks on Recommender Systems
Haoyang LI · Shimin DI · Lei Chen

Thu Dec 01 02:00 PM -- 04:00 PM (PST) @ Hall J #1042
in Poster Session 6 »

Recent studies have demonstrated that recommender systems (RecSys) are vulnerable to injective attacks.Given a limited fake user budget, attackers can inject fake users with carefully designed behaviors into the open platforms, making RecSys recommend a target item to more real users for profits. In this paper, we first revisit existing attackers and reveal that they suffer from the difficulty-agnostic and diversity-deficit issues. Existing attackers concentrate their efforts on difficult users who have low tendencies toward the target item, thus reducing their effectiveness. Moreover, they are incapable of affecting the target RecSys to recommend the target item to real users in a diverse manner, because their generated fake user behaviors are dominated by large communities. To alleviate these two issues, we propose a difficulty and diversity aware attacker, namely DADA. We design the difficulty-aware and diversity-aware objectives to enable easy users from various communities to contribute more weights when optimizing attackers. By incorporating these two objectives, the proposed attacker DADA can concentrate on easy users while also affecting a broader range of real users simultaneously, thereby boosting the effectiveness. Extensive experiments on three real-world datasets demonstrate the effectiveness of our proposed attacker.

Keywords: recommender system · Poisoning Attack · Injective Attacks
[ Paper [ Poster [ OpenReview

Author Information

Haoyang LI (The Hong Kong University of Science and Technology)
Shimin DI (HKUST)
Lei Chen (Hong Kong University of Science and Technology)

More from the Same Authors