In shilling attacks, an adversarial party injects a few fake user profiles into a Recommender System (RS) so that the target item can be promoted or demoted. Although much effort has been devoted to developing shilling attack methods, we find that existing approaches are still far from practical. In this paper, we analyze the properties a practical shilling attack method should have and propose a new concept of Cross-system Attack. With the idea of Cross-system Attack, we design a Practical Cross-system Shilling Attack (PC-Attack) framework that requires little information about the victim RS model and the target RS data for conducting attacks. PC-Attack is trained to capture graph topology knowledge from public RS data in a self-supervised manner. Then, it is fine-tuned on a small portion of target data that is easy to access to construct fake profiles. Extensive experiments have demonstrated the superiority of PC-Attack over state-of-the-art baselines. Our implementation of PC-Attack is available at https://github.com/KDEGroup/PC-Attack.
翻译:在舞弊攻击中,对手将一些假用户个人资料注入到推荐系统(RS)中,以便推广或降低目标项目的评分。虽然已经投入了大量的努力来开发舞弊攻击方法,但我们发现现有方法仍然远未实用。在本文中,我们分析了一个实用舞弊攻击方法应该具有的属性,并提出了跨系统攻击的新概念。根据跨系统攻击的思想,我们设计了一个实用的跨系统舞弊攻击(PC-Attack)框架,该框架需要很少关于受害RS模型和目标RS数据的信息来进行攻击。PC-Attack通过自我监督的方式从公共RS数据中捕获图拓扑知识。然后,它经过微调,使用易于访问的目标数据的一小部分来构建假档案。大量实验已经证明,PC-Attack比最先进的基线方法更加优越。我们的PC-Attack实现可以在 https://github.com/KDEGroup/PC-Attack 上获得。