共查询到19条相似文献,搜索用时 375 毫秒
1.
2.
3.
推荐系统安全问题及技术研究综述* 总被引:2,自引:0,他引:2
从托(shilling)攻击的分类、攻击模型、影响程度评价、检测和防御等几个方面进行系统评述,着重分析了托攻击所面临的关键议题.最后指出了推荐系统托攻击的研究难点和研究方向. 相似文献
4.
推荐系统托攻击检测算法监督学习过度依赖训练集,无监督算法依赖于攻击概貌之间相似性。本文提出一种半监督托攻击检测模型,对标记用户分类计算簇中心,给出中心用户相似度特征属性。对不同攻击选择合适的特征指标,把输入用户划分到不同的簇集中,通过簇集中输入用户全部评分项为最大值的均值与标记用户对该项均值差,确定攻击项。依据特征指标对不同簇集进行两次分类,进而确定攻击对象。实验证明,该检测算法对不同的托攻击有较高的检测准确率。 相似文献
5.
用于鲁棒协同推荐的元信息增强变分贝叶斯矩阵分解模型 总被引:1,自引:0,他引:1
托攻击是协同过滤推荐系统面临的重大安全威胁. 研究可抵御托攻击的鲁棒协同推荐技术已成为目前的重要课题. 本文在引入用户嫌疑性评估策略的基础上, 通过将用户嫌疑性及项类属等元信息与贝叶斯概率矩阵分解模型相融合, 提出了用于鲁棒协同推荐的元信息增强变分贝叶斯矩阵分解模型(Metadata-enhanced variational Bayesian matrix factorization, MVBMF), 并设计了相应的模型增量学习策略. 实验表明, 与现有推荐模型相比, 这种模型具备更强的攻击耐受力, 能够有效提高推荐系统的鲁棒性. 相似文献
6.
7.
8.
吕成戍 《计算机工程与科学》2014,36(4):697-701
基于标准支持向量机的托攻击检测方法不能体现由于用户误分代价不同对分类效果带来的影响,提出了一种基于代价敏感支持向量机的托攻击检测新方法,该方法在代价敏感性学习机制下引入支持向量机作为分类工具,对支持向量机输出进行后验概率建模,建立了基于类别隶属度的动态代价函数,更准确地反映不同样本的分类代价,在此基础上设计了代价敏感支持向量机分类器。将该分类器应用在推荐系统托攻击检测中,并与标准的支持向量机方法、代价敏感支持向量机方法进行比较,实验结果表明,本方法可以更精确地控制代价敏感性,进一步提高对攻击用户的检测精度,降低总体的误分类代价。 相似文献
9.
10.
11.
基于数据非随机缺失机制的推荐系统托攻击探测 总被引:1,自引:0,他引:1
协同过滤推荐系统极易受到托攻击的侵害. 开发托攻击探测技术已成为保障推荐系统可靠性与鲁棒性的关键. 本文以数据非随机缺失机制为依托,对导致评分缺失的潜在因素进行解析, 并在概率产生模型框架内将这些潜在因素与Dirichlet过程相融合, 提出了用于托攻击探测的缺失评分潜在因素分析(Latent factor analysis for missing ratings, LFAMR)模型. 实验表明,与现有探测技术相比, LFAMR具备更强的普适性和无监督性, 即使缺乏系统相关先验知识,仍可有效探测各种常见托攻击. 相似文献
12.
基于用户声誉的鲁棒协同推荐算法 总被引:2,自引:0,他引:2
随着推荐系统在电子商务界的快速发展以及取得的巨大经济收益, 有目的性的托攻击是目前协同过滤系统面临的重大安全威胁, 研究一种可抵御攻击的鲁棒推荐技术已成为目前推荐系统领域的重要课题.本文利用历史记录得到用户声誉, 建立声誉推荐系统, 并结合协同过滤推荐领域内的隐语义模型, 提出基于用户声誉的隐语义模型鲁棒协同算法.本文提出的算法从人为攻击和自然噪声两个方面对系统的鲁棒性进行了改善.在真实的数据集 Movielens 1M 上的实验表明, 与现有的鲁棒性推荐算法相比, 这种算法具有形式简单、可解释性强、稳定的特点, 且在精度得到一定提升的情况下大大增强了系统抵御攻击的能力. 相似文献
13.
Min GAO Bin LING Linda YANG Junhao WEN Qingyu XIONG Shun LI 《Frontiers of Computer Science》2019,13(2):231
Collaborative filtering (CF) is a technique commonly used for personalized recommendation and Web service quality-of-service (QoS) prediction. However, CF is vulnerable to shilling attackers who inject fake user profiles into the system. In this paper, we first present the shilling attack problem on CF-based QoS recommender systems for Web services. Then, a robust CF recommendation approach is proposed from a user similarity perspective to enhance the resistance of the recommender systems to the shilling attack. In the approach, the generally used similarity measures are analyzed, and the DegSim (the degree of similarities with top k neighbors) with those measures is selected for grouping and weighting the users. Then, the weights are used to calculate the service similarities/differences and predictions.We analyzed and evaluated our algorithms using WS-DREAM and Movielens datasets. The experimental results demonstrate that shilling attacks influence the prediction of QoS values, and our proposed features and algorithms achieve a higher degree of robustness against shilling attacks than the typical CF algorithms. 相似文献
14.
Collaborative filtering (CF) technique is capable of generating personalized recommendations. However, the recommender systems utilizing CF as their key algorithms are vulnerable to shilling attacks which insert malicious user profiles into the systems to push or nuke the reputations of targeted items. There are only a small number of labeled users in most of the practical recommender systems, while a large number of users are unlabeled because it is expensive to obtain their identities. In this paper, Semi-SAD, a new semi-supervised learning based shilling attack detection algorithm is proposed to take advantage of both types of data. It first trains a naïve Bayes classifier on a small set of labeled users, and then incorporates unlabeled users with EM-λ to improve the initial naïve Bayes classifier. Experiments on MovieLens datasets are implemented to compare the efficiency of Semi-SAD with supervised learning based detector and unsupervised learning based detector. The results indicate that Semi-SAD can better detect various kinds of shilling attacks than others, especially against obfuscated and hybrid shilling attacks. 相似文献
15.
16.
Due to different shopping routines of people, rating preferences of many customers might be partitioned between two parties. Since two different e-companies might sell products from the same range to the identical set of customers, the type of data partition is called arbitrarily. In the case of arbitrarily distributed data, it is a challenge to produce accurate recommendations for those customers, because their ratings are split. Therefore, researchers propose methods for enabling data holders’ collaboration. In this scenario, privacy becomes a deterrent barrier for collaboration, accordingly, the introduced solutions include private protocols for protecting parties’ confidentiality. Although, private protocols encourage data owners to collaborate, they introduce a new drawback for partnership. Since, whole data is distributed and parties do not have full control of data, any malicious user, who knows that two parties collaborate, can easily insert shilling profiles to system by partitioning them between data holders. Parties can have trouble to find such profile injection attacks by employing existing detection methods because of they are arbitrarily distributed. Since profile injection attacks can easily performed on arbitrarily distributed data-based recommender systems, quality, and reliability of such systems decreases, and it causes angry customers. Therefore, in this paper, we try to describe aforementioned problems with arbitrarily distributed data-based recommender systems. As a first step, we analyze robustness of proposed arbitrarily distributed data-based recommendation methods against six well-known shilling attack types. Secondly, we explain why existing detection methods cannot detect malicious user profiles in distributed data. We perform experiments on a well-known movie data set, and according to our results, arbitrarily distributed data-based recommendation methods are vulnerable to shilling attacks. 相似文献
17.
Recommender systems (RS) have been found supportive and practical in e-commerce and been established as useful aiding services. Despite their great adoption in the user communities, RS are still vulnerable to unscrupulous producers who try to promote their products by shilling the systems. With the advent of social networks new sources of information have been made available which can potentially render RS more resistant to attacks. In this paper we explore the information provided in the form of social links with clustering for diminishing the impact of attacks. We propose two algorithms, CluTr and WCluTr, to combine clustering with "trust" among users. We demonstrate that CluTr and WCluTr enhance the robustness of RS by experimentally evaluating them on data from a public consumer recommender system Epinions.com. 相似文献
18.
针对支持向量机方法在标记用户数据不充分的情况下无法有效实现托攻击检测的不足,提出一种基于SVM-KNN的半监督托攻击检测方法。根据少量标记用户数据训练一个初始SVM分类器,利用初始SVM对大量未标记用户数据进行分类,挑选出分类边界附近有可能成为支持向量的样本点,利用KNN分类器优化边界向量的标记质量,再将重新标注过的边界向量融入训练集,迭代训练逐步改善SVM的分类边界,最终获得系统决策函数。实验结果表明在标记用户数据较少的情况下,方法能有效提高托攻击的检测精度和效率,具有较强的推广能力。 相似文献
19.
协同过滤是一种个性化推荐系统最常用的技术,但它对用户概貌信息较为敏感,欺诈攻击者很容易通过注入有偏差的用户概貌使系统的推荐结果有利于他们。研究表明欺诈攻击的攻击模型、攻击成本对攻击性能有不同程度的影响。针对这个问题,实验分析基于奇异值分解(SVD)的协同过滤算法在不同攻击模型下的性能表现,并以三种评估参数分析不同填充规模和攻击规模对攻击效率的影响。 相似文献