A novel classification‐based shilling attack detection approach for multi‐criteria recommender systems

Abstract

Recommender systems are emerging techniques guiding individuals with provided referrals by considering their past rating behaviors. By collecting multi-criteria preferences concentrating on distinguishing perspectives of the items, a new extension of traditional recommenders, multi-criteria recommender systems reveal how much a user likes an item and why user likes it; thus, they can improve predictive accuracy. However, these systems might be more vulnerable to malicious attacks than traditional ones, as they expose multiple dimensions of user opinions on items. Attackers might try to inject fake profiles into these systems to skew the recommendation results in favor of some particular items or to bring the system into discredit. Although several methods exist to defend systems against such attacks for traditional recommenders, achieving robust systems by capturing shill profiles remains elusive for multi-criteria rating-based ones. Therefore, in this study, we first consider a prominent and novel attack type, that is, the power-item attack model, and introduce its four distinct variants adapted for multi-criteria data collections. Then, we propose a classification method detecting shill profiles based on various generic and model-based user attributes, most of which are new features usually related to item popularity and distribution of rating values. The experiments conducted on three benchmark datasets conclude that the proposed method successfully detects attack profiles from genuine users even with a small selected size and attack size. The empirical outcomes also demonstrate that item popularity and user characteristics based on their rating profiles are highly beneficial features in capturing shilling attack profiles.