Go to DBLP homepageAn Adversarial Model with Diffusion for Robust Recommendation against Shilling Attack
Abstract: Recommender systems (RSs) are extensively utilized in e-commerce to predict users' future preferences for unseen items based on historical user-item interactions. These systems, however, are vulnerable to manipulations by malicious actors, such as unsolicited users or vendors, through various shilling attacks. Such attacks intentionally skew recommendations by injecting biased data to promote or demote certain products or services. To address this issue, we propose a generative model called Diff-WassGAN, designed to mitigate the impact of shilling attacks within an adversarial learning framework. Diff-WassGAN uses a combination of Diffusion model (DiffRec) and a GAN framework (CFGAN) to leverage the adversarial advantages of GAN and the personalization advantages of DiffRec. We employ a diffusion model as the generator to process the inherently noisy and sparse historical user-item interactions. The discriminator is a multi-layer perceptron that employs Wasserstein distance as its loss function. We conducted preliminary experiments using four well-known evaluation datasets: MovieLens 100K, MovieLens 1M, Amazon-apps, and Yelp. By simulating various attack scenarios by integrating fake interactions in the dataset, we demonstrate that our Diff-WassGAN model outperforms baseline models across most datasets and attack types, showing better resistance against shilling attacks.
External IDs:dblp:conf/sac/LeSAHT25
Loading