https://scholars.lib.ntu.edu.tw/handle/123456789/636103
標題: | Planning Data Poisoning Attacks on Heterogeneous Recommender Systems in a Multiplayer Setting | 作者: | Yeh, Chin Yuan Chen, Hsi Wen Yang, De Nian Lee, Wang Chien Yu, Philip S. MING-SYAN CHEN |
關鍵字: | data poisoning attack | graph neural network | recommender system | Stackelberg game | 公開日期: | 1-一月-2023 | 卷: | 2023-April | 來源出版物: | Proceedings - International Conference on Data Engineering | 摘要: | Data poisoning attacks against recommender systems (RecSys) often assume a single seller as the adversary. However, in reality, there are usually multiple sellers attempting to promote their items through RecSys manipulation. To obtain the best data poisoning plan, it is important for an attacker to anticipate and withstand the actions of his opponents. This work studies the problem of Multiplayer Comprehensive Attack (MCA) from the perspective of the attacker, considering the subsequent attacks by his opponents. In MCA, we target the Heterogeneous RecSys, where user-item interaction records, user social network, and item correlation graph are used for recommendations. To tackle MCA, we present the Multilevel Stackelberg Optimization over Progressive Differentiable Surrogate (MSOPDS). The Multilevel Stackelberg Optimization (MSO) method is used to form the optimum strategies by solving the Stackelberg game equilibrium between the attacker and his opponents, while the Progressive Differentiable Surrogate (PDS) addresses technical challenges in deriving gradients for candidate poisoning actions. Experiments on Heterogeneous RecSys trained with public datasets show that MSOPDS outperforms all examined prior works by up to 10.6% in average predicted ratings and up to 11.4% in HitRate@3 for an item targeted by an attacker facing one opponent. Source code provided in https://github.com/jimmy-academia/MSOPDS. |
URI: | https://scholars.lib.ntu.edu.tw/handle/123456789/636103 | ISBN: | 9798350322279 | ISSN: | 10844627 | DOI: | 10.1109/ICDE55515.2023.00193 |
顯示於: | 電機工程學系 |
在 IR 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。