Defining the Problem g In 2002. John Douceur of microsoft Research coined the term Sybil Attack to refer to an attack against identity on masquerades as multiple separate entities as informational abstractions that we cal identities. The system must ensure that o.an entities refer to distinct entities: otherwise, when the local entity selects a subset of operation, it can be duped into selecting a singl a In the same year, the first paper(o Mahony et al. 2002 appeared on the vulnerability of Recommender Systems to malicious strategies for"recommendation promotion"-later dubbed profile injection attacks
Tutorial on Robustness of Recommender Systems What is Robustness? Profile Injection Attacks Defining the Problem In 2002, John Douceur of Microsoft Research coined the term Sybil Attack to refer to an attack against identity on peer-to-peer systems in which an individual entity masquerades as multiple separate entities “If the local entity has no direct physical knowledge of remote entities, it perceives them only as informational abstractions that we call identities. The system must ensure that distinct identities refer to distinct entities; otherwise, when the local entity selects a subset of identities to redundantly perform a remote operation, it can be duped into selecting a single remote entity multiple times, thereby defeating the redundancy” In the same year, the first paper (O’Mahony et al. 2002) appeared on the vulnerability of Recommender Systems to malicious strategies for “recommendation promotion” – later dubbed profile injection attacks. RecSys 2011: Tutorial on Recommender Robustness
jection Attacks Defining the Problem a Robustness refers to the ability of a system to operate under stressful conditions a While there are many possible stresses that can be applied to Recommender Systems, research on RS robustness has focused on performance when the dataset is stressed specifically when a the dataset is full of noisy, erroneous data I typically, imagined to have been corrupted through a concerted sybil attack, with an aim of biasing the recommender output
Tutorial on Robustness of Recommender Systems What is Robustness? Profile Injection Attacks Defining the Problem Robustness refers to the ability of a system to operate under stressful conditions. While there are many possible stresses that can be applied to Recommender Systems, research on RS robustness has focused on performance when the dataset is stressed specifically when the dataset is full of noisy, erroneous data; typically, imagined to have been corrupted through a concerted sybil attack, with an aim of biasing the recommender output. RecSys 2011: Tutorial on Recommender Robustness
Robust rs research a The goal of robust recommendation is to prevent attackers from manipulating an rs through large-scale insertion of false user profiles: a profile injection attack
Tutorial on Robustness of Recommender Systems What is Robustness? Profile Injection Attacks Robust RS Research The goal of robust recommendation is to prevent attackers from manipulating an RS through large-scale insertion of false user profiles: a profile injection attack An attack is a concerted effort to bias the results of a recommender system by the insertion of a large number of profiles using false identities or sybils. Each identity is referred to as an attack profile. Research has concentrated on attacks designed to achieve a particular recommendation outcome A Product Push attack: attempt to secure positive recommendations for an item or items; A Product Nuke attack: attempt to secure negative recommendations for an item or items. We can also think of attacks that aim to simply destroy the accuracy of the system. RecSys 2011: Tutorial on Recommender Robustness
Robust rs research a The goal of robust recommendation is to prevent attackers from manipulating an rs through large-scale insertion of false user profiles: a profile injection attack An attack is a concerted effort to bias the results of a recommender system by the insertion of a large number of profiles using false identities or sybils
Tutorial on Robustness of Recommender Systems What is Robustness? Profile Injection Attacks Robust RS Research The goal of robust recommendation is to prevent attackers from manipulating an RS through large-scale insertion of false user profiles: a profile injection attack An attack is a concerted effort to bias the results of a recommender system by the insertion of a large number of profiles using false identities or sybils. Each identity is referred to as an attack profile. Research has concentrated on attacks designed to achieve a particular recommendation outcome A Product Push attack: attempt to secure positive recommendations for an item or items; A Product Nuke attack: attempt to secure negative recommendations for an item or items. We can also think of attacks that aim to simply destroy the accuracy of the system. RecSys 2011: Tutorial on Recommender Robustness
Robust rs research a The goal of robust recommendation is to prevent attackers from manipulating an rs through large-scale insertion of false user profiles: a profile injection attack An attack is a concerted effort to bias the results of a recommender system by the insertion of a large number of profiles using false identities or sybils a Each identity is referred to as an attack profile
Tutorial on Robustness of Recommender Systems What is Robustness? Profile Injection Attacks Robust RS Research The goal of robust recommendation is to prevent attackers from manipulating an RS through large-scale insertion of false user profiles: a profile injection attack An attack is a concerted effort to bias the results of a recommender system by the insertion of a large number of profiles using false identities or sybils. Each identity is referred to as an attack profile. Research has concentrated on attacks designed to achieve a particular recommendation outcome A Product Push attack: attempt to secure positive recommendations for an item or items; A Product Nuke attack: attempt to secure negative recommendations for an item or items. We can also think of attacks that aim to simply destroy the accuracy of the system. RecSys 2011: Tutorial on Recommender Robustness