TY - GEN
T1 - Big enough to care not enough to scare! crawling to attack recommender systems
AU - Aiolli, Fabio
AU - Conti, Mauro
AU - Picek, Stjepan
AU - Polato, Mirko
PY - 2020
Y1 - 2020
N2 - Online recommendation services, such as e-commerce sites, rely on a vast amount of knowledge about users/items that represent an invaluable resource. Part of this acquired knowledge is public and can be accessed by anyone through the Internet. Unfortunately, that same knowledge can be used by competitors or malicious users. A large body of research proposes methods to attack recommender systems, but most of these works assume that the attacker knows or can easily access the rating matrix. In practice, this information is not directly accessible, but can only be gathered via crawling. Considering such real-life limitations, in this paper, we assess the impact of different crawling approaches when attacking a recommendation service. From the crawled information, we mount different shilling attacks. We determine the value of the collected knowledge through the reconstruction of the user/item neighborhood. Our results show that while crawling can indeed bring knowledge to the attacker (up to 65% of neighborhood reconstruction), this will not be enough to mount a successful shilling attack in practice.
AB - Online recommendation services, such as e-commerce sites, rely on a vast amount of knowledge about users/items that represent an invaluable resource. Part of this acquired knowledge is public and can be accessed by anyone through the Internet. Unfortunately, that same knowledge can be used by competitors or malicious users. A large body of research proposes methods to attack recommender systems, but most of these works assume that the attacker knows or can easily access the rating matrix. In practice, this information is not directly accessible, but can only be gathered via crawling. Considering such real-life limitations, in this paper, we assess the impact of different crawling approaches when attacking a recommendation service. From the crawled information, we mount different shilling attacks. We determine the value of the collected knowledge through the reconstruction of the user/item neighborhood. Our results show that while crawling can indeed bring knowledge to the attacker (up to 65% of neighborhood reconstruction), this will not be enough to mount a successful shilling attack in practice.
KW - Collaborative filtering
KW - Crawling
KW - Recommender systems
KW - Security
KW - Shilling attack
UR - http://www.scopus.com/inward/record.url?scp=85091582876&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-59013-0_9
DO - 10.1007/978-3-030-59013-0_9
M3 - Conference contribution
AN - SCOPUS:85091582876
SN - 9783030590123
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 165
EP - 184
BT - Computer Security – ESORICS 2020 - 25th European Symposium on Research in Computer Security, ESORICS 2020, Proceedings
A2 - Chen, Liqun
A2 - Schneider, Steve
A2 - Li, Ninghui
A2 - Liang, Kaitai
PB - Springer
T2 - 25th European Symposium on Research in Computer Security, ESORICS 2020
Y2 - 14 September 2020 through 18 September 2020
ER -