ABSTRACT
Adversarial Machine Learning (AML) has initially emerged as the field of study that investigates security issues of conventional and modern machine learning (ML) models. The objective of this tutorial is to present a comprehensive overview on the application of AML techniques for recommendation in a two-fold categorization: (i) AML for the attack/defense purposes, and (ii) AML to build GAN-based recommender models. A theoretical presentation on the topics is paired with two corresponding hands-on sessions to show the efficacy of AML application and push up novel ideas and advances in recommendation tasks. The tutorial is divided into four parts. We start by introducing a summary on state-of-the-art recommender models, including deep learning ones, and we define the fundamentals of AML. Then, we present the Adversarial Recommendation Framework, to represent attack/defense strategies on RSs, and the GAN-based Recommendation Framework, which is at the basis of novel adversarial-based generative recommenders. The presentation of each framework is followed by a practical session. Finally, we conclude with open challenges and possible future works for both applications.
- Vito Walter Anelli, Yashar Deldjoo, Tommaso Di Noia, Eugenio Di Sciascio, and Felice Antonio Merra. 2020. Sasha: Semantic-aware shilling attacks on recommender systems exploiting knowledge graphs. In European Semantic Web Conference. Springer, 307–323.Google ScholarDigital Library
- Homanga Bharadhwaj, Homin Park, and Brian Y. Lim. 2018. RecGAN: recurrent generative adversarial networks for recommendation systems. In Proceedings of the 12th ACM Conference on Recommender Systems, RecSys 2018, Vancouver, BC, Canada, October 2-7, 2018. 372–376.Google ScholarDigital Library
- Robin Burke, Michael P. O’Mahony, and Neil J. Hurley. 2015. Robust Collaborative Recommendation. In Recommender Systems Handbook, Francesco Ricci, Lior Rokach, and Bracha Shapira (Eds.). Springer, 961–995. https://doi.org/10.1007/978-1-4899-7637-6_28Google Scholar
- Dong-Kyu Chae, Jin-Soo Kang, Sang-Wook Kim, and Jaeho Choi. 2019. Rating Augmentation with Generative Adversarial Networks towards Accurate Collaborative Filtering. In WWW. ACM, 2616–2622.Google Scholar
- Dong-Kyu Chae, Jin-Soo Kang, Sang-Wook Kim, and Jung-Tae Lee. 2018. CFGAN: A Generic Collaborative Filtering Framework based on Generative Adversarial Networks. In CIKM. ACM, 137–146.Google ScholarDigital Library
- Huiyuan Chen and Jing Li. 2019. Adversarial tensor factorization for context-aware recommendation. In RecSys. ACM, 363–367.Google Scholar
- Yashar Deldjoo, Tommaso Di Noia, Felice Antonio Merra, and Eugenio Di Sciascio. 2020. How Dataset Characteristics Affect the Robustness of Collaborative Recommendation Models. In Proc. of ACM SIGIR 2020 - 43rd International ACM SIGIR Conference on Research and Development in Information Retrieval. ACM Press. http://sisinflab.poliba.it/publications/2020/DDMD2 0 to appear.Google ScholarDigital Library
- Yashar Deldjoo, Tommaso Di Noia, and Felice Antonio Merra. 2019. Assessing the Impact of a User-Item Collaborative Attack on Class of Users. In Proceedings of the 1st Workshop on the Impact of Recommender Systems co-located with 13th ACM Conference on Recommender Systems, ImpactRS@RecSys 2019), Copenhagen, Denmark, September 19, 2019(CEUR Workshop Proceedings), Oren Sar Shalom, Dietmar Jannach, and Ido Guy (Eds.), Vol. 2462. CEUR-WS.org. http://ceur-ws.org/Vol-2462/paper2.pdfGoogle Scholar
- Yashar Deldjoo, Tommaso Di Noia, and Felice Antonio Merra. 2020. Adversarial Machine Learning in Recommender Systems (AML-RecSys). In WSDM ’20: The Thirteenth ACM International Conference on Web Search and Data Mining, Houston, TX, USA, February 3-7, 2020, James Caverlee, Xia (Ben) Hu, Mounia Lalmas, and Wei Wang (Eds.). ACM, 869–872. https://doi.org/10.1145/3336191.3371877Google Scholar
- Yashar Deldjoo, Tommaso Di Noia, and Felice Antonio Merra. 2020. Adversarial Machine Learning in Recommender Systems: State of the art and Challenges. CoRR abs/2005.10322(2020). arxiv:2005.10322https://arxiv.org/abs/2005.10322Google Scholar
- Yashar Deldjoo, Markus Schedl, Paolo Cremonesi, and Gabriella Pasi. 2020. Recommender Systems Leveraging Multimedia Content. Comput. Surveys (2020). https://doi.org/10.1145/3407190Google Scholar
- Tommaso Di Noia, Daniele Malitesta, and Felice Antonio Merra. 2020. TAaMR: Targeted Adversarial Attack against Multimedia Recommender Systems. In The 3rd International Workshop on Dependable and Secure Machine Learning – DSML 2020 Co-located with the 50th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2020)(2020). IEEE, IEEE Digital Library. http://sisinflab.poliba.it/publications/2020/DMM20Google ScholarCross Ref
- Yali Du, Meng Fang, Jinfeng Yi, Chang Xu, Jun Cheng, and Dacheng Tao. 2019. Enhancing the Robustness of Neural Collaborative Filtering Systems Under Malicious Attacks. IEEE Trans. Multimedia 21, 3 (2019), 555–565. https://doi.org/10.1109/TMM.2018.2887018Google ScholarCross Ref
- Negin Entezari, Saba A. Al-Sayouri, Amirali Darvishzadeh, and Evangelos E. Papalexakis. 2020. All You Need Is Low (Rank): Defending Against Adversarial Attacks on Graphs. In WSDM 2020.Google ScholarDigital Library
- Wenqi Fan, Tyler Derr, Yao Ma, Jianping Wang, Jiliang Tang, and Qing Li. 2019. Deep Adversarial Social Recommendation. In Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence, IJCAI 2019, Macao, China, August 10-16, 2019. 1351–1357. https://doi.org/10.24963/ijcai.2019/187Google ScholarCross Ref
- Minghong Fang, Guolei Yang, Neil Zhenqiang Gong, and Jia Liu. 2018. Poisoning Attacks to Graph-Based Recommender Systems. In Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC 2018, San Juan, PR, USA, December 03-07, 2018. ACM, 381–392. https://doi.org/10.1145/3274694.3274706Google ScholarDigital Library
- Xiangnan He, Zhankui He, Xiaoyu Du, and Tat-Seng Chua. 2018. Adversarial Personalized Ranking for Recommendation. In SIGIR. ACM, 355–364.Google Scholar
- Yehuda Koren and Robert Bell. 2015. Advances in collaborative filtering. In Recommender systems handbook. Springer, 77–118.Google ScholarDigital Library
- Bo Li, Yining Wang, Aarti Singh, and Yevgeniy Vorobeychik. 2016. Data Poisoning Attacks on Factorization-Based Collaborative Filtering. In Advances in Neural Information Processing Systems 29: Annual Conference on Neural Information Processing Systems 2016, December 5-10, 2016, Barcelona, Spain, Daniel D. Lee, Masashi Sugiyama, Ulrike von Luxburg, Isabelle Guyon, and Roman Garnett (Eds.). 1885–1893. http://papers.nips.cc/paper/6142-data-poisoning-attacks-on-factorization-based-collaborative-filteringGoogle Scholar
- Steffen Rendle, Christoph Freudenthaler, Zeno Gantner, and Lars Schmidt-Thieme. 2009. BPR: Bayesian Personalized Ranking from Implicit Feedback. In UAI 2009, Proceedings of the Twenty-Fifth Conference on Uncertainty in Artificial Intelligence, Montreal, QC, Canada, June 18-21, 2009. 452–461. https://dslpitt.org/uai/displayArticleDetails.jsp?mmnu=1&smnu=2&article_id=1630&proceeding_id=25Google ScholarDigital Library
- Elaine Rich. 1979. User Modeling via Stereotypes. Cognitive Science 3, 4 (1979), 329–354. https://doi.org/10.1207/s15516709cog0304_3Google ScholarCross Ref
- Yue Shi, Martha A. Larson, and Alan Hanjalic. 2014. Collaborative Filtering beyond the User-Item Matrix: A Survey of the State of the Art and Future Challenges. ACM Comput. Surv. 47, 1 (2014), 3:1–3:45. https://doi.org/10.1145/2556270Google ScholarDigital Library
- J. Tang, X. Du, X. He, F. Yuan, Q. Tian, and T. Chua. 2019. Adversarial Training Towards Robust Multimedia Recommender System. IEEE Transactions on Knowledge and Data Engineering (2019), 1–1. https://doi.org/10.1109/TKDE.2019.2893638Google Scholar
- Jun Wang, Lantao Yu, Weinan Zhang, Yu Gong, Yinghui Xu, Benyou Wang, Peng Zhang, and Dell Zhang. 2017. IRGAN: A Minimax Game for Unifying Generative and Discriminative Information Retrieval Models. In SIGIR. ACM, 515–524.Google ScholarDigital Library
- Qinyong Wang, Hongzhi Yin, Zhiting Hu, Defu Lian, Hao Wang, and Zi Huang. 2018. Neural Memory Streaming Recommender Networks with Adversarial Training. In KDD. ACM, 2467–2475.Google Scholar
- Feng Yuan, Lina Yao, and Boualem Benatallah. 2019. Adversarial Collaborative Auto-encoder for Top-N Recommendation. In International Joint Conference on Neural Networks, IJCNN 2019 Budapest, Hungary, July 14-19, 2019. 1–8. https://doi.org/10.1109/IJCNN.2019.8851902Google Scholar
- Hengtong Zhang, Yaliang Li, Bolin Ding, and Jing Gao. 2020. Practical Data Poisoning Attack against Next-Item Recommendation. In WWW ’20: The Web Conference 2020, Taipei, Taiwan, April 20-24, 2020, Yennun Huang, Irwin King, Tie-Yan Liu, and Maarten van Steen (Eds.). ACM / IW3C2, 2458–2464. https://doi.org/10.1145/3366423.3379992Google ScholarDigital Library
- Wei Zhao, Benyou Wang, Jianbo Ye, Yongqiang Gao, Min Yang, and Xiaojun Chen. 2018. PLASTIC: Prioritize Long and Short-term Information in Top-n Recommendation using Adversarial Training. In IJCAI. ijcai.org, 3676–3682.Google Scholar
Index Terms
- Adversarial Learning for Recommendation: Applications for Security and Generative Tasks — Concept to Code
Recommendations
A Survey on Adversarial Recommender Systems: From Attack/Defense Strategies to Generative Adversarial Networks
Latent-factor models (LFM) based on collaborative filtering (CF), such as matrix factorization (MF) and deep CF methods, are widely used in modern recommender systems (RS) due to their excellent performance and recommendation accuracy. However, success ...
Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain
In recent years, machine learning algorithms, and more specifically deep learning algorithms, have been widely used in many fields, including cyber security. However, machine learning systems are vulnerable to adversarial attacks, and this limits the ...
Adversarial attacks to API recommender systems: time to wake up and smell the coffee?
ASE '21: Proceedings of the 36th IEEE/ACM International Conference on Automated Software EngineeringRecommender systems in software engineering provide developers with a wide range of valuable items to help them complete their tasks. Among others, API recommender systems have gained momentum in recent years as they became more successful at suggesting ...
Comments