On Detecting Data Pollution Attacks On Recommender Systems Using Sequential GANs
This work is significant for e-commerce platforms and users, as it aims to protect the integrity of recommender systems against malicious data injection, which can lead to financial gain for attackers and poor recommendations for users.
This paper addresses data pollution attacks on recommender systems, where malicious actors inject data to manipulate recommendations. The authors propose a semi-supervised attack detection algorithm that modifies a Generative Adversarial Network (GAN) to incorporate contextual information from user activity, enabling it to distinguish legitimate from injected data.
Recommender systems are an essential part of any e-commerce platform. Recommendations are typically generated by aggregating large amounts of user data. A malicious actor may be motivated to sway the output of such recommender systems by injecting malicious datapoints to leverage the system for financial gain. In this work, we propose a semi-supervised attack detection algorithm to identify the malicious datapoints. We do this by leveraging a portion of the dataset that has a lower chance of being polluted to learn the distribution of genuine datapoints. Our proposed approach modifies the Generative Adversarial Network architecture to take into account the contextual information from user activity. This allows the model to distinguish legitimate datapoints from the injected ones.