The majority of the existing unsupervised methods for detecting shilling attacks are based on user rating patterns, ignoring the differences in rating behavior between legitimate users and attack users. These methods have low accuracy in detecting different shilling attacks without having any prior knowledge of the attack types. We provide a novel unsupervised shilling assault detection technique based on an examination of user rating behavior in order to overcome these constraints. By first examining the deviation of rating tendencies on each item, we are able to determine the target item(s) and the accompanying goals of the attack users. Based on the results of this study, a group of suspicious users is then created. Second, we examine the users' rating behaviors in terms of their rating and interest preferences. Finally, using measurements of user rating behavior, we determine the suspicious degree and identify attack users within the collection of suspicious users. The Movie Lens 1M dataset, the sampled Amazon review dataset, and the Netflix dataset all show how good the suggested detection model.