Detecting fake co-visitation attack in recommendation systems

Abstract

Recommendation systems are vulnerable to injection attacks by malicious users due to their fundamental openness. One of the vulnerabilities is the fake co-visitation injection attack, which significantly impacts recommendation systems since it modifies the system according to the attacker’s wishes. To date, the detection of co-visitation injection attacks are challenging as: (1) the choice of attribute representation of nodes is hard, (2) practical evidence for analyzing and detecting anomalies on real-world data is insufficient, (3) it is challenging to filter between the original and injected co-visitation data in terms of node behaviors. This paper investigates a detection framework that combines attribute and network structure information more synergistically to detect outlier nodes based on CUR decomposition and residual analysis. At first, co-visitation graphs are constructed using association rules, and their nodes attribute representations are developed. Then, both attributes and network structure information are blended in order to identify suspicious nodes. Extensive experiments on both synthetic and real-world data exhibit the efficacy of the proposed detection approach compared with other state-of-the-art approaches. The detection performance can improve by up to 50% for co-visitation injection attacks over the baselines in terms of false alarm rate (FAR) while keeping the highest detection rate (DR).