Profile Injection Attack Detection in Recommender System

Profile Injection Attack Detection in Recommender System

Supervisor:Dr. Deepak GargAssociate Professor & HeadThapar UniversityPresented By:Ashish Kumar801331004ME-SE

1

Recommender System (RS) is a system used to serve the right product to the user based on either his previous interests or by using his correlation with other users [1].Types:Content Based RS (uses feature/ keywords).Collaborative RS (uses relationship between users & items).Hybrid RS (uses both content & collaborative based RS).

Recommender System: Introduction

2

Recommended Items:Profile Injection Attacks why???

SellerAttacker5

3

Attack Profile Structure

Figure 1: General structure of attack profile.

4

Types of Attacks

5

6

Measure the robustness of the system: we measure the effect of attack profiles on our system. After attack their will be some change in the predictions, this change in prediction tells about the robustness and power of attack. More prediction shift indicates large effect on the system.

Detection of attacks: to detect the attacks, we use generic and model specific attributes.

Problem Statement

7

Steps:Measure the efficiency (Prediction shift) of attack.Calculate the attack detection attributes (generic and model specific attributes).Compare the accuracy of statistical models.Pick the top three performing models.Ensemble the models (resulting models from step 4) using voting approach. Proposed Approach

8

Measuring the effectiveness of attacks

Figure 2: Prediction shift versus attack size for random, average and bandwagon attacks.

Figure 3: Prediction shift versus attack size for reverse bandwagon and Love-Hate attacks.

9

Attack Detection Attributes

10

11

Evaluation Metrics

12

Attack Size1%3%6%9%12%15%ModelsPRPRPRPRPRPRDecision Tree.822.811.844.830.859.848.868.855.889.872.901.928Random Forest.880.872.894.897.905.912.909.902.929.917.957.922Ada Boost.819.802.829.810.834.828.858.840.883.868.902.915SVM.901.902.912.928.928.908.937.911.972.959.99.984Linear Regression.862.842.872.882.882.908.908.919.918.935.939.941Neural Network.892.901.919.911.922.929.959.958.961.969.97.964Ensemble.891.892.908.912.918.916.935.924.954.948.972.957

Ensemble approach for profile classification Table 1: Performance analysis for 10% average attacks.

Filler Size1%10%20%30%40%50%ModelsPRPRPRPRPRPRDecision Tree.90.892.921.93.928.919.939.912.94.94.961.968Random Forest.929.930.939.92.948.948.952.956.962.961.973.979Ada Boost.9.908.914.918.93.924.935.938.948.934.950.943SVM.938.927.949.94.959.959.971.975.979.981.988.989Linear Regression.89.862.89.907.918.91.925.918.929.902.93.931Neural Network.949.938.95.943.951.954.959.958.968.967.979.98Ensemble.939.932.946.934.953.953.961.963.968.969.98.982

Table 2: Performance analysis for average attacks at 5% filler size.

13

Clustering Approach for Attack Detection

Figure 4: Performance analysis for 10% average attack.

Figure 5: Performance analysis for average attacks at 5% filler size.

14

We focused on several keys in the area of attacks against recommender system i.e. different types of attacks, attack detection attributes and model evaluation metrics.We give two approach for the attack detection; 1st is ensambling (supervised) approach and 2nd is clustering (unsupervised) approach.We found that accuracy of supervised approach is better than unsupervised.We found that love-hate attack not only require least knowledge but it is more effective than reverse bandwagon for demoting an item.We also found that average attack perform better that other attacks of the same category.

Conclusion

15

Proposed system can be used for email classification i.e. spam or non spam.This system can be applied for the detection of DOS attacks.Same approach can be applied for the intrusion detection.More research can be done for the detection of more attributes as more the attributes better will be the accuracy.Future Scope

16

2015:[1]. Kumar Ashish, Garg Deepak, and Rana Prashant. Ensemble approach to detect profile injection attack in recommender system, Fourth International Conference on Advances in Computing, Communications and Informatics (ICACCI-2015), IEEE, August 10-13, 2015, Kochi. [Accepted][2]. Kumar Ashish, Garg Deepak, and Rana Prashant Clustering approach to detect profile injection attack in recommender system, PCITC-2015, IEEE, October 15-17, 2015, Bhubaneshwar. [Accepted]

2014:[3]. Kumar, Ashish. "Software Architecture Styles: A Survey." International Journal of Computer Applications 87(9), 2014.

List of Publication

[1]. Davoodi, Fatemeh Ghiyafeh, and Omid Fatemi. "Tag based recommender system for social bookmarking sites." InAdvances in Social Networks Analysis and Mining (ASONAM), 2012 IEEE/ACM International Conference on, pp. 934-940. IEEE, 2012.[2]. Lam, Shyong K., and John Riedl. "Shilling recommender systems for fun and profit." InProceedings of the 13th international conference on World Wide Web, pp. 393-402. ACM, 2004.[3]. Mobasher, Bamshad, Robin Burke, Runa Bhaumik, and Chad Williams. "Toward trustworthy recommender systems: An analysis of attack models and algorithm robustness."ACM Transactions on Internet Technology (TOIT)7, no. 4 (2007): 23.[4]. O'Mahony, Michael, Neil Hurley, Nicholas Kushmerick, and Gunol Silvestre. "Collaborative recommendation: A robustness analysis."ACM Transactions on Internet Technology (TOIT)4, no. 4 (2004): 344-377.

References

19

You tube video linkhttps://www.youtube.com/watch?v=7FsrMneUZl4&feature=youtu.be