Item-based top-N recommendation resilient to aggregated information revelation

Abstract

In item-based top-N recommender systems, the recommendation results are generated based on item correlation computation among all users. Therefore, recommendation results can be used to infer the correlations among recommended items. This is not an issue as long as the total amount of queries produced by a typical user is small, and the queried items among users are largely uncorrelated. However, by systematically probing the recommender system, a large amount of correlated recommendation results can be obtained and combined, and valuable aggregated knowledge, such as system-wide cross-user item popularity ranking and item clustering, can be accurately inferred. Such aggregated knowledge is of significant commercial value to online service providers, and therefore need be restricted from open access.In this work, four aggregated knowledge attack methods are proposed to demonstrate that aggregated knowledge can be accurately inferred by attacking item-based top-N recommender systems. To make the recommender systems resilient to aggregated information revelation, a supervised randomization technique is proposed, which can protect item-based top-N recommender systems from aggregated knowledge attacks with bounded loss in recommendation accuracy. Detailed evaluation on real-world data demonstrates that the proposed attack methods can identify aggregated knowledge with high accuracy, and the proposed randomization technique can increase attack error or reduce attack precision significantly. In addition, guidelines for designing recommender systems that are resilient to such aggregated knowledge attacks are discussed in the paper.