SVM-TIA a shilling attack detection method based on SVM and target item analysis in recommender systems

Abstract

Due to the open nature of recommender systems, collaborative recommender systems are vulnerable to profile injection attacks, in which malicious users inject attack profiles into the rating matrix in order to bias the systems’ ranking list. Recommender systems are highly vulnerable to shilling attacks, both by individuals and groups. Most of previous research focuses only on the differences between genuine profiles and attack profiles, ignoring the group characteristics in attack profiles of an attack. There also exist class unbalance problems in supervised detecting methods, the detecting performance is not as good when the amount of samples of attack profiles in training set is smaller. In this paper, we study the use of SVM based method and group characteristics in attack profiles. A two phase detecting method SVM-TIA is proposed based on these two methods. In the first phase, Borderline-SMOTE method is used to alleviate the class unbalance problem in classification; a rough detecting result is obtained in this phase; the second phase is a fine-tuning phase whereby the target items in the potential attack profiles set are analyzed. We conduct tests on the MovieLens 100K Dataset and compare the performance of SVM-TIA with other shilling detecting methods to demonstrate the effectiveness of the proposed approach.