Defending Collaborative Filtering Recommenders via Adversarial Robustness Based Edge Reweighting

Yongyu Wang

Paper

Defending Collaborative Filtering Recommenders via Adversarial Robustness Based Edge Reweighting

Abstract

User based collaborative filtering (CF) relies on a user and user similarity graph, making it vulnerable to profile injection (shilling) attacks that manipulate neighborhood relations to promote (push) or demote (nuke) target items. In this work, we propose an adversarial robustness based edge reweighting defense for CF. We first assign each user and user edge a non robustness score via spectral adversarial robustness evaluation, which quantifies the edge sensitivity to adversarial perturbations. We then attenuate the influence of non robust edges by reweighting similarities during prediction. Extensive experiments demonstrate that the proposed method effectively defends against various types of attacks.