Towards Robust Recommender Systems via Triple Cooperative Defense
This addresses the need for robust recommender systems against attacks, but it is incremental as it builds on existing defense methods by combining them.
The paper tackles the problem of recommender systems being vulnerable to fake profiles by proposing the Triple Cooperative Defense (TCD) framework, which integrates data processing and robust models through co-training of three models to improve robustness, showing significant outperformance over baselines in experiments with five poisoning attacks on three datasets.
Recommender systems are often susceptible to well-crafted fake profiles, leading to biased recommendations. The wide application of recommender systems makes studying the defense against attack necessary. Among existing defense methods, data-processing-based methods inevitably exclude normal samples, while model-based methods struggle to enjoy both generalization and robustness. Considering the above limitations, we suggest integrating data processing and robust model and propose a general framework, Triple Cooperative Defense (TCD), which cooperates to improve model robustness through the co-training of three models. Specifically, in each round of training, we sequentially use the high-confidence prediction ratings (consistent ratings) of any two models as auxiliary training data for the remaining model, and the three models cooperatively improve recommendation robustness. Notably, TCD adds pseudo label data instead of deleting abnormal data, which avoids the cleaning of normal data, and the cooperative training of the three models is also beneficial to model generalization. Through extensive experiments with five poisoning attacks on three real-world datasets, the results show that the robustness improvement of TCD significantly outperforms baselines. It is worth mentioning that TCD is also beneficial for model generalizations.