Robustness analysis of multi-criteria collaborative filtering algorithms against shilling attacks


EXPERT SYSTEMS WITH APPLICATIONS, vol.115, pp.386-402, 2019 (SCI-Expanded) identifier identifier

  • Publication Type: Article / Article
  • Volume: 115
  • Publication Date: 2019
  • Doi Number: 10.1016/j.eswa.2018.08.001
  • Journal Indexes: Science Citation Index Expanded (SCI-EXPANDED), Scopus
  • Page Numbers: pp.386-402
  • Keywords: Collaborative filtering, Multi-criteria, Shilling attack, Profile injection, Robustness analysis, Mode attack, DECOMPOSITION, FEEDBACK, SYSTEM
  • Anadolu University Affiliated: Yes


Collaborative filtering is an emerging recommender system technique that aims guiding users based on other customers preferences with behavioral similarities. Such correspondences are located based on preference history of users. A relatively new extension of traditional collaborative filtering schemes takes into account not only how much a user likes an item, but also why she likes the item by collecting multi-criteria preferences focusing on distinctive features of the items. These multi-criteria collaborative filtering systems have the potential to improve recommender system accuracy since they reveal multiple views of users on products. However, due to providing more insightful recommendations, such systems might be subjected to malicious attacks more substantially than the traditional ones. Attackers attempt to insert fake profiles to bias outputs of these systems in favor of a particular product or disrepute the system itself. Since outputs of expert systems directly dependent on input signals; interventions to the inputs coherently cause failures on productions of such systems. In this study, we examine shilling attack strategies against multi-criteria preference collections, how to extend well-known attack scenarios against these systems, and propose an alternative attacking scheme. We analyze the robustness of baseline multi-criteria recommendation algorithms regarding various similarity aggregation procedures against proposed attacking schemes by the extensive experimental investigation. Empirical results on real-world data demonstrate that these systems are highly vulnerable to manipulations and proper attack detection practices are needed to ensure recommendation quality. According to our findings, manipulative attempts at such expert systems mislead decision making process. (C) 2018 Elsevier Ltd. All rights reserved.