Example User1 Ta User2 User4 254 45344 5
Tutorial on Robustness of Recommender Systems What is Robustness? Profile Injection Attacks Example RecSys 2011: Tutorial on Recommender Robustness
Example User1 User3 0 User Attacker
Tutorial on Robustness of Recommender Systems What is Robustness? Profile Injection Attacks Example RecSys 2011: Tutorial on Recommender Robustness
Threats to Reputation Systems I It is interesting to compare the scenario studied in RS research with the threats identified for reputation systems in the 2007 ENISA report( Carrara and Hogben 2007) 1 Whitewashing attack: reseting a poor reputation by rejoining the system with a new identity 2 Sybil attack or pseudospoofing: the attacker uses multiple identities(sybils) in order to manipulate a reputation score 3 Impersonation and reputation theft: acquiring the identity of another and stealing her reputation 4 Bootstrap issues and related threats: the initial reputation of a newcomer may be particularly vulnerable to attack
Tutorial on Robustness of Recommender Systems What is Robustness? Profile Injection Attacks Threats to Reputation Systems I It is interesting to compare the scenario studied in RS research with the threats identified for reputation systems in the 2007 ENISA report (Carrara and Hogben 2007): 1 Whitewashing attack: reseting a poor reputation by rejoining the system with a new identity. 2 Sybil attack or pseudospoofing: the attacker uses multiple identities (sybils) in order to manipulate a reputation score. 3 Impersonation and reputation theft: acquiring the identity of another and stealing her reputation. 4 Bootstrap issues and related threats: the initial reputation of a newcomer may be particularly vulnerable to attack. RecSys 2011: Tutorial on Recommender Robustness
Threats to Reputation Systems Il 5 Extortion: co-ordinated campaigns aimed at blackmail by damaging an individual's reputation for malicious motives 6 Denial-of-reputation: attack designed to damage reputation and create an opportunity for blackmail in order to have the 7 Ballot stuffing and bad mouthing: reporting of a false reputation score; the attackers collude to give positive/ negative lower a reputatio 8 Collusion: multiple users conspire to influence a given reputation g Repudiation of data and transaction: denial that a transaction occurred or denial of the existence of data for which individual is responsible
Tutorial on Robustness of Recommender Systems What is Robustness? Profile Injection Attacks Threats to Reputation Systems II 5 Extortion: co-ordinated campaigns aimed at blackmail by damaging an individual’s reputation for malicious motives. 6 Denial-of-reputation: attack designed to damage reputation and create an opportunity for blackmail in order to have the reputation cleaned. 7 Ballot stuffing and bad mouthing: reporting of a false reputation score; the attackers collude to give positive/negative feedback, to increase or lower a reputation. 8 Collusion: multiple users conspire to influence a given reputation. 9 Repudiation of data and transaction: denial that a transaction occurred, or denial of the existence of data for which individual is responsible. RecSys 2011: Tutorial on Recommender Robustness
Threats to Reputation Systems Ill 10 Recommender dishonesty: dishonest reputation scoring ll Privacy threats for voters and reputation owners: for example anonymity improves the accuracy of votes 12 Social threats: Discriminatory behaviour, herd behaviour penalisation of innovative, controversial opinions, vocal minority effect etc 13 Threats to the underlying networks: e. g. denial of service attack 14 Trust topology threats: e.g. targeting most highly influential nodes 15 Threats to ratings: exploiting features of metrics used by the system to calculate the aggregate reputation rating
Tutorial on Robustness of Recommender Systems What is Robustness? Profile Injection Attacks Threats to Reputation Systems III 10 Recommender dishonesty: dishonest reputation scoring. 11 Privacy threats for voters and reputation owners: for example, anonymity improves the accuracy of votes. 12 Social threats: Discriminatory behaviour, herd behaviour, penalisation of innovative, controversial opinions, vocal minority effect etc. 13 Threats to the underlying networks: e.g. denial of service attack. 14 Trust topology threats: e.g.targeting most highly influential nodes. 15 Threats to ratings: exploiting features of metrics used by the system to calculate the aggregate reputation rating RecSys 2011: Tutorial on Recommender Robustness