DISTRIBUTED COLLABORATIVE DISTRIBUTED COLLABORATIVE FILTERING FOR ROBUST FILTERING FOR ROBUST RECOMMENDATION RECOMMENDATION AGAINST SHILLING ATTACKS AGAINST SHILLING ATTACKS AE-TTIE JI 1 , CHEOL YEON 1 , HEUNG-NAM KIM 1 , AND GEUN-SIK JO 2 1 Intelligent E-Commerce Systems Laboratory, Department of Computer Science & Information Engineering, Inha University {aerry13 , entireboy , nami }@eslab.inha.ac.kr 2 School of Computer Science & Engineering, Inha University, 253 Yonghyun-dong, Incheon, Korea 402-751 [email protected]
29
Embed
DISTRIBUTED COLLABORATIVE FILTERING FOR ROBUST RECOMMENDATION AGAINST SHILLING ATTACKS DISTRIBUTED COLLABORATIVE FILTERING FOR ROBUST RECOMMENDATION AGAINST.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
DISTRIBUTED COLLABORATIVE DISTRIBUTED COLLABORATIVE FILTERING FOR ROBUST FILTERING FOR ROBUST
RECOMMENDATION RECOMMENDATION AGAINST SHILLING ATTACKSAGAINST SHILLING ATTACKS
AE-TTIE JI1, CHEOL YEON1, HEUNG-NAM KIM1, AND GEUN-SIK JO2
1 Intelligent E-Commerce Systems Laboratory, Department of Computer Science & Information Engineering, Inha University
{aerry13, entireboy, nami}@eslab.inha.ac.kr
2 School of Computer Science & Engineering, Inha University, 253 Yonghyun-dong, Incheon, Korea 402-751
A Robustness Analysis of Collaborative Filtering User profiles made by anonymous unauthenticated users Vulnerability to Profile Injection Attacks PocketLens - Distributed Personal Recommender It can partially improve the effects of PIA from system
providers.
Trust in Recommender Systems But, it is still not safe from anonymous attackers! “Trust” in Recommender systems
Automated attack detection schemes and robustness of recommendation algorithms.
Correlation between trust and user similarity
TCFMA ARCHITECTURETCFMA ARCHITECTURETRUST-BASED COLLABORATIVE FILTERING TRUST-BASED COLLABORATIVE FILTERING WITH MOBILE AGENTSWITH MOBILE AGENTS
Credibility of recommendations To achieve robustness against shilling attacks Distributed Personal Recommender Web of Trust
Trust Propagation To overcome sparseness of webs of trust The Advogato trust metric
Scalability To raise the efficiency of distributed computing Mobile Agent Framework
ARCHITECTUREARCHITECTURE
Owner’s Similarity Model
TrustList
ItemList
BlockList
Web of Trust
Action & Feedback
Recommendation
UpdateSimilarity
Dispatch
Creation
Dispatch
MobileAgent
MobileAgent
MobileAgent
Model Owner
Get Neighbors’ Ratings
Neighbors’Ratings
Find Migration Path
Owner’sTrust List
Neighbor’sAgent
Mobile Agent
Message
Neighbors’Trust List
User Agent
Fig. 1. Overview of trust-based collaborative filtering with mobile agents
THE MEANING OF NOTATIONS THE MEANING OF NOTATIONS
PX Arbitrary user included in web of trust
PO Target user, i.e. similarity model owner
PC Current user who PO’s mobile agent is visiting at the moment
{TRUSTPx} List of users who are trusted by PX
{BLOCKPx} List of users who are distrusted by PX
{ITEMSPx}List of <item, rating> pairs, i.e. items which PX already has
expressed his or her own opinion and these preference ratings.
{PATHPx} Migration path which PX’s mobile agent migrates along
AGENTPx Personal agent of PX
AGENTMPx Mobile agent of PX
Table 1. The meaning of notations
TRUST-BASED USER SELECTIONTRUST-BASED USER SELECTION
I. AGENTPo finds the migration path {PATHPo} that includes users trusted by PO for a mobile agent AGENTM
Po.
II. The neighbors of target user PO are chosen from the users included in {PATHPo}.
III. PO’s personal agent AGENTPo creates a mobile agent, AGENTMPo,
to find neighbors and build a similarity model based on them incrementally.
IV. AGENTMPo traces the path recursively until no users exist in
{PATHPo}∩{TRUSTPc}.
V. AGENTMPo is disposed of from the last node after visiting all users
in {PATHPo}.
TRUST-BASED USER SELECTIONTRUST-BASED USER SELECTION
The Advogato maximum flow algorithm Discover which users are trusted by credible
members of an online community and which are not.
The bottleneck property “the total trust quantity accorded to an s → t edge
is not significantly affected by changes to the successors of t”
The minimum number of profiles that make the attack succeed is not included in the process of collaborative filtering.
INCREMENTAL MODEL BUILDINGINCREMENTAL MODEL BUILDING
I. AGENTMPO identifies IOi and IPj that are
{ITEMSPO}∩{ITEMSPC} and {ITEMSPC} - {ITEMSPO} respectively, by communicating with a neighbor agent AGENTPC.
II. For each pair (IOi, IPj), AGENTMPO calculates values and sends
the values to its own user agent AGENTPO. (cosine and adjusted cosine similarity)
2,,
2,,
,,,
)(
)(
)(
jcjj
icii
jcicji
IPPIPIP
IOPIOIO
IPPIOPIPIO
RatingW
RatingW
RatingRatingW
2,,
2,,
,,,
)(
)(
)()(
cjcjj
cicii
cjccicji
PIPPIPIP
PIOPIOIO
PIPPPIOPIPIO
AvgRatingRatingW
AvgRatingRatingW
AvgRatingRatingAvgRatingRatingW
INCREMENTAL MODEL BUILDINGINCREMENTAL MODEL BUILDING
III. AGENTPO adds up these values incrementally until AGENTMPO
sends values of all users in {PATHPO} except for those which don’t have IOi.
IV. AGENTPO calculates the similarity of item pair (IOi, IPj).
jj
ii
ji
IPIPDenomDenom
IOIODenomDenom
IPIONumerNumer
WWW
WWW
WWW
,22
,11
,
21
),(DenomDenom
Numer
ji
jiji
WW
W
IPIO
IPIOIPIOsim
AGENTS’ TASKS IN EACH CASEAGENTS’ TASKS IN EACH CASE
# User 4379.48 4209.75 4505.89 3315.13 2962.29 3874.51
CONCLUSIONCONCLUSION
We proposed a novel TCFMA architecture to solve the problems that can occur in online CF recommender systems related to an improper use of personal information and a profile injection attack.
We obtained very good robustness from malicious attacks without any degradation of prediction quality, compared to general peer-to-peer CF recommender systems.
We also achieved efficient distributed computing for building item-item similarity models by adding useful functionalities of mobile agents.
FUTURE WORKFUTURE WORK Trust Decay
The trust relationship becomes weaker as it forwards to its successors.
It is essential to take this phenomenon into consideration for applying trust propagation algorithms to real-world applications.
Attack Detection Automated attack detection algorithms based on
diverse types of attack models can lead to more robust recommendation algorithms.