In this paper, we present FilmTrust, a website that
integrates Semantic Web-based social networks,
augmented with trust, to create predictive movie
recommendations. We show how these
recommendations are more accurate than other
techniques in certain cases, and discuss this
technique as a mechanism of Semantic Web
interaction.
link: http://trust.mindswap.org/papers/CCNC2006.pdf
Thursday, January 31, 2008
Monday, January 21, 2008
Attacking recommender systems
A good (but very long) paper by Mobasher et al., "Towards trustworthy recommender systems: An analysis of attack models and algorithm robustness" (PDF), explores a variety of ways of spamming or otherwise manipulating recommendation systems.Some excerpts:
An attack against a collaborative filtering recommender system consists of a set of attack profiles, each contained biased rating data associated with a fictitious user identity, and including a target item, the item that the attacker wishes the system to recommend more highly (a push attack), or wishes to prevent the system from recommending (a nuke attack).Previous work had suggested that item-based collaborative filtering might provide significant robustness compared to the user-based algorithm, but, as this paper shows, the item-based algorithm also is still vulnerable in the face of some of the attacks we introduced.
The paper lists several types of attacks, suggests several ways to detect attacks, tests several attacks using the GroupLens movie data set, and concludes that "item-based proved far more robust overall" but that "a knowledge-based / collaborative hybrid recommendation algorithm .... [that] extends item-based similarity by combining it with content based similarity .... [seems] likely to provide defensive advantages for recommender systems."It is worth noting that spam is a much worse problem with winner-take-all systems that show the most popular or most highly rated articles (like Digg). In those systems, spamming gets you seen by everyone.In recommender systems, spamming only impacts the fraction of the users who are in the immediate neighborhood and see the spammy recommendations. The payoff is much reduced and so is the incentive to spam.For more on that, please see my Jul 2006 post, "Combating web spam with personalization" and my Jan 2007 post, "SEO and personalized search".The same authors published a similar but much shorter article, "Attacks and Remedies in Collaborative Recommendation", in the May/June IEEE Intelligent Systems, but there is no full text copy of that article easily available online.
http://glinden.blogspot.com/2007/07/attacking-recommender-systems.html
An attack against a collaborative filtering recommender system consists of a set of attack profiles, each contained biased rating data associated with a fictitious user identity, and including a target item, the item that the attacker wishes the system to recommend more highly (a push attack), or wishes to prevent the system from recommending (a nuke attack).Previous work had suggested that item-based collaborative filtering might provide significant robustness compared to the user-based algorithm, but, as this paper shows, the item-based algorithm also is still vulnerable in the face of some of the attacks we introduced.
The paper lists several types of attacks, suggests several ways to detect attacks, tests several attacks using the GroupLens movie data set, and concludes that "item-based proved far more robust overall" but that "a knowledge-based / collaborative hybrid recommendation algorithm .... [that] extends item-based similarity by combining it with content based similarity .... [seems] likely to provide defensive advantages for recommender systems."It is worth noting that spam is a much worse problem with winner-take-all systems that show the most popular or most highly rated articles (like Digg). In those systems, spamming gets you seen by everyone.In recommender systems, spamming only impacts the fraction of the users who are in the immediate neighborhood and see the spammy recommendations. The payoff is much reduced and so is the incentive to spam.For more on that, please see my Jul 2006 post, "Combating web spam with personalization" and my Jan 2007 post, "SEO and personalized search".The same authors published a similar but much shorter article, "Attacks and Remedies in Collaborative Recommendation", in the May/June IEEE Intelligent Systems, but there is no full text copy of that article easily available online.
http://glinden.blogspot.com/2007/07/attacking-recommender-systems.html
Subscribe to:
Posts (Atom)
