A detection method for hybrid attacks in recommender systems

Abstract

To defend recommender systems, some methods have been proposed to detect model-generative shilling attacks and group shilling attacks respectively. Unfortunately, these two categories of attacks are often mixed together to carry out actual attacks. Without the additional knowledge about attack categories, traditional detection methods are likely to be trapped in the poor performance under hybrids of model-generative shilling attacks and group shilling attacks. To simultaneously detect these hybrid attacks, we put forward a detector based on the graph convolutional networks (GCN). Firstly, we extract five user features from the item popularity sequence and rating values to characterize both model-generative shilling profiles and group shilling profiles. And we define the users’ distance to construct the user graph. Secondly, we develop a two-stage scheme for detecting shilling profiles based on user features and the user graph. In particular, we propose a cluster-based method to partially label user nodes, and then these labeled samples are fed into a GCN-based detector to training the model to identify the other tangled shilling profiles. In the GCN-based model, we present a weighted loss function with R-drop regularization to solve the over-fitting problem and the imbalanced classification problem for the specific detection task. Finally, we make extensive experiments on three datasets to evaluate the proposed detector. Experiential results demonstrate the efficacy of our method when detecting the hybrids of model-generative shilling attacks and group shilling attacks.