9.4 KiB
9.4 KiB
type:: REVIEWS tags:: year:: 2024 venue:: KARS-WS full-title:: Empowering shilling attacks with Katz and Exclusivity-based relatedness date-start:: 16-09-2024 - 10:37 date-submitted:: external-links:: status:: DONE deadline-submission:: 16-09-2024 file:: @recsys2024-workshops_paper_130 parent:: todoist:: https://app.todoist.com/app/task/ka-rs-2024-at-rec-sys-submission-assignment-deadline-september-15th-6W82vx98qq7VgfR8
- ### [[Highlights]]
- # Annotazioni
- (16/9/2024, 10:39:36)
- - “Empowering shilling attacks” (“recsys2024-workshops_paper_130”, p. 1) #5fb236
- - “Knowledge graphs (KGs).” (“recsys2024-workshops_paper_130”, p. 1) #5fb236
- - “A malicious agent can add fake user profiles into the platform, altering the genuine similarity values and the corresponding recommendation lists” (“recsys2024-workshops_paper_130”, p. 1) #a28ae5
- - “KGs relatedness measures, i.e., Katz and Exclusivity-based” (“recsys2024-workshops_paper_130”, p. 1) #5fb236
- - “Thanks to the appearance of wideranging Linked Datasets like DBpedia and Wikidata, we have witnessed the flourishing of novel techniques in several research fields, like Machine Learning, Information Retrieval, and Recommender Systems.” (“recsys2024-workshops_paper_130”, p. 1) #5fb236
- - “ocal solution to assist users’ decision-making process” (“recsys2024-workshops_paper_130”, p. 1) #5fb236
- - “RSs support and ease the decisional process.” (“recsys2024-workshops_paper_130”, p. 1) #5fb236
- - “heir rationale is to analyze products experienced by similar users to produce tailored recommendations.” (“recsys2024-workshops_paper_130”, p. 1) #5fb236
- - “malicious users may want to jeopardize the operation of the recommendation platform.” (“recsys2024-workshops_paper_130”, p. 1) #a28ae5
- - “Whatever they are motivated by, the problem is that these similarities are vulnerable to the insertion of fake profiles” (“recsys2024-workshops_paper_130”, p. 1) #a28ae5
- - “shilling attack” (“recsys2024-workshops_paper_130”, p. 1) #5fb236
- - “generate more influential fake profiles to threaten CF models’ performance” (“recsys2024-workshops_paper_130”, p. 1) #a28ae5
- - “semantics-aware shilling attack SAShA” (“recsys2024-workshops_paper_130”, p. 1) #e56eee
- - “Katz centrality and Exclusivity-based relatedness.” (“recsys2024-workshops_paper_130”, p. 2) #a28ae5
- - “ontological, categorical, and factual relations” (“recsys2024-workshops_paper_130”, p. 2) #a28ae5
- - “two novel graph topological and semantic approaches” (“recsys2024-workshops_paper_130”, p. 2) #a28ae5
- - “a novel semantic shilling attack strategy” (“recsys2024-workshops_paper_130”, p. 2) #a28ae5
- - “a deeper discussion of the experimental results involving several dimensions” (“recsys2024-workshops_paper_130”, p. 2) #a28ae5
- - “SAShA” (“recsys2024-workshops_paper_130”, p. 2) #5fb236
- - “Definition 1 (Recommendation Problem)” (“recsys2024-workshops_paper_130”, p. 2) #5fb236
- - “g : U × I → R” (“recsys2024-workshops_paper_130”, p. 2) #5fb236
- - “A KG is a heterogeneous network that encodes multiple relationships, edges, nodes, and links items at high-level relationships, making them a strong item representation technique.” (“recsys2024-workshops_paper_130”, p. 2) #a28ae5
- - “Knowledge-aware Recommender Systems (KaRS [22, 23]).” (“recsys2024-workshops_paper_130”, p. 2) #a28ae5
- - “Path-based methods” (“recsys2024-workshops_paper_130”, p. 3) #5fb236
- - “KG embedding-based techniques” (“recsys2024-workshops_paper_130”, p. 3) #5fb236
- - “fake profiles to poison the data and alter the recommendation behavior toward malicious goals” (“recsys2024-workshops_paper_130”, p. 3) #a28ae5
- - “shilling attack (injection of malicious profiles)” (“recsys2024-workshops_paper_130”, p. 3) #a28ae5
- - “proposing and investigating attack strategies” (“recsys2024-workshops_paper_130”, p. 3) #a28ae5
- - “exploring defensive mechanisms” (“recsys2024-workshops_paper_130”, p. 3) #a28ae5
- - “adversary’s knowledge is related only to the recommender system’s user-item interaction matrix” (“recsys2024-workshops_paper_130”, p. 3) #a28ae5
- - “SAShA framework to verify the possible improvement of the adversary’s efficacy when processing the KG information with semantic similarity measures.” (“recsys2024-workshops_paper_130”, p. 3) #a28ae5
- - “shilling attacks, which are hand-engineered strategies to study recommender systems’ security.” (“recsys2024-workshops_paper_130”, p. 3) #a28ae5
- - “This research line is different from machine-learned data poisoning attack [70, 71, 72, 73, 74] and adversarial machine-learned attacks [75, 76, 61, 77? ] where adversaries adopt optimization techniques to create perturbations.” (“recsys2024-workshops_paper_130”, p. 3) #5fb236
- - “shilling attacks against targeted items integrating information obtained from a knowledge graph (KG).” (“recsys2024-workshops_paper_130”, p. 3) #a28ae5
- - “In general, the three metrics cover different aspects of the similarity between the resource a signal of the overlap of the descriptions and a semanticsaware signal that highlights the specificity of the relations between the resources.” (“recsys2024-workshops_paper_130”, p. 3) #ff6666
- *Does not parse, please, revise.*
- - “The smaller the angle, the higher is the cosine, and thus the similarity.” (“recsys2024-workshops_paper_130”, p. 4) #a28ae5
- - “/” (“recsys2024-workshops_paper_130”, p. 4) #ff6666
- - “Katz centrality” (“recsys2024-workshops_paper_130”, p. 4) #2ea8e5
- - “the probability of the path between two nodes can indicate the effectiveness of the link” (“recsys2024-workshops_paper_130”, p. 4) #a28ae5
- - “Given a constant probability for a single-hop path” (“recsys2024-workshops_paper_130”, p. 4) #ffd400
- *how is this calculated/assessed. Who provide it?*
- - “Katz relatedness” (“recsys2024-workshops_paper_130”, p. 4) #a28ae5
- - “accumulated score over the top-t shortest paths between them.” (“recsys2024-workshops_paper_130”, p. 4) #a28ae5
- - “where SP (t) ij is the set of the top-t shortest paths between items i and j. This is the first novel similarity metric tested in this work.” (“recsys2024-workshops_paper_130”, p. 4) #5fb236
- - “Exclusivity-based semantic relatedness” (“recsys2024-workshops_paper_130”, p. 4) #2ea8e5
- - “two concepts are strongly connected if the type of relations between them is different from the type of relations they have with other concepts.” (“recsys2024-workshops_paper_130”, p. 4) #a28ae5
- - “predicate ρ of type τ” (“recsys2024-workshops_paper_130”, p. 4) #ffd400
- *So predicates have also types?*
- - “IS denotes the selected item set containing items identified by the attacker to maximize the effectiveness of the attack” (“recsys2024-workshops_paper_130”, p. 4) #5fb236
- - “SP = IS + IF + Iφ + IT (6) where IS denotes the selected item set containing items identified by the attacker to maximize the effectiveness of the attack, IF is the filler item set, containing a set of randomly selected items to which rating scores are assigned to make them imperceptible. IT is the target item, for which the recommendation model will make a prediction, aimed to be maximal (for push attack) or minimum (for nuke attack). Finally, Iφ is the unrated item set, holding a number of items without any ratings.” (“recsys2024-workshops_paper_130”, p. 4) #ffd400
- *An illustrative example would help here.*
- ### [[Comments]]
- SUMMARY: The paper introduces and evaluates the use of graph-based metrics and different types of semantic information to improve the ability to attack a recommendation platform. The authors focused on the vulnerability of recommendation systems to semantics-aware shilling attacks (SAShA). In particular, the authors demonstrate that structured knowledge and graph-based metrics significantly improve the attacker's effectiveness, especially in sparse scenarios, while neural models remain more robust against such attacks.
- COMMENTS: The paper is overall well-written and structured. It addresses an important and timely topic related to the vulnerability of recommendation systems under semantics-aware shilling attacks (SAShA). The results are convincing and suggest further research opportunities, especially in improving semantics-aware attacks by exploring deep learning-based techniques. I do have only one minor suggestion for improvement. The formal definitions provided in the Method section (Section 3) could be made more accessible with illustrative examples. For instance, including a sample knowledge graph would make the formal definitions more concrete and easier to understand, especially for readers who may not be deeply familiar with the mathematical intricacies of these methods.
- ### [[REVIEWS/Notes]]
- ### YELLOW CONCERNS
background-color:: yellow
- {{query (and [[ffd400]] [[recsys2024-workshops_paper_130]] )}}
collapsed:: true
- ### ❓️Questions
- {{query (and [[question]] [[recsys2024-workshops_paper_130]] )[[question]]}}
query-table:: true
query-properties:: [:block]