Data poisoning attacks against differentially private recommender systems

25/07/2020

Data poisoning attacks against differentially private recommender systems

Soumya Wadhwa, Saurabh Agrawal, Harsh Chaudhari, Deepthi Sharma, Kannan Achan

Keywords: matrix factorization, data poisoning, shilling attacks, recommender system, differential privacy, collaborative filtering

Abstract Paper Similar Papers

Abstract: Recommender systems based on collaborative filtering are highly vulnerable to data poisoning attacks, where a determined attacker injects fake users with false user-item feedback, with an objective to either corrupt the recommender system or promote/demote a target set of items. Recently, differential privacy was explored as a defense technique against data poisoning attacks in the typical machine learning setting. In this paper, we study the effectiveness of differential privacy against such attacks on matrix factorization based collaborative filtering systems. Concretely, we conduct extensive experiments for evaluating robustness to injection of malicious user profiles by simulating common types of shilling attacks on real-world data and comparing the predictions of typical matrix factorization with differentially private matrix factorization.

The video of this talk cannot be embedded. You can watch it here:

https://dl.acm.org/doi/10.1145/3397271.3401301#sec-supp

(Link will open in new window)

0

0

0

0

Share

This is an embedded video. Talk and the respective paper are published at SIGIR 2020 virtual conference. If you are one of the authors of the paper and want to manage your upload, see the question "My papertalk has been externally embedded..." in the FAQ section.

Comments

Post Comment

no comments yet

Similar Papers

25/07/2020

How dataset characteristics affect the robustness of collaborative recommendation models

Yashar Deldjoo, Tommaso Di Noia, Eugenio Di Sciascio, Felice Antonio Merra

Keywords Paper

recommender systems, security of recommender systems

0

0

0

0

15:55

02/02/2021

DeHiB: Deep Hidden Backdoor Attack on Semi-supervised Learning via Adversarial Perturbation

Zhicong Yan, Gaolei Li, Yuan TIan and
Jun Wu, Shenghong Li, Mingzhe Chen, H. Vincent Poor

Keywords Paper

0

0

0

0

13:21

25/07/2020

GCN-based user representation learning for unifying robust recommendation and fraudster detection

Shijie Zhang, Hongzhi Yin, Tong Chen and
Quoc Viet Nguyen Hung, Zi Huang, Lizhen Cui

Keywords Paper

deep learning, robust recommender system, network embedding, shilling attack detection

0

0

0

0

16:09

22/09/2020

Global and local differential privacy for collaborative bandits

Huazheng Wang, Qian Zhao, Qingyun Wu and
Shubham Chopra, Abhinav Khaitan, Hongning Wang

Keywords Paper

contextual bandits, Differential privacy, collaborative learning

0

0

0

0

2:43

03/05/2021

Vulnerability-Aware Poisoning Mechanism for Online RL with Unknown Dynamics

Yanchao Sun, Da Huo, Furong Huang

Keywords Paper

deep RL, vulnerability of RL, poisoning attack, policy gradient

0

0

0

0

5:07

06/12/2021

Evaluating Gradient Inversion Attacks and Defenses in Federated Learning

Yangsibo Huang, Samyak Gupta, Zhao Song and
Kai Li, Sanjeev Arora

Keywords Paper

privacy, federated learning

0

0

0

0

19:26

14/09/2020

Poisoning Attacks on Algorithmic Fairness

David Solans, Carlos Castillo, Battista Biggio

Keywords Paper

algorithmic discrimination, algorithmic fairness, poisoning attacks, adversarial machine learning, machine learning security

0

0

0

0

12:06

03/05/2021

Private Image Reconstruction from System Side Channels Using Generative Models

Yuanyuan Yuan, Shuai Wang, Junping Zhang

Keywords Paper

side channel analysis

0

0

0

0

4:41

06/12/2021

Variational Model Inversion Attacks

Kuan-Chieh Wang, YAN FU, Ke Li and
Ashish Khisti, Richard Zemel, Alireza Makhzani

Keywords Paper

deep learning, generative model

0

0

0

0

8:15

02/02/2021

Exacerbating Algorithmic Bias through Fairness Attacks

Ninareh Mehrabi, Muhammad Naveed, Fred Morstatter, Aram Galstyan

Keywords Paper

0

0

0

0

17:04

02/06/2020

SAShA: Semantic-Aware Shilling Attacks on Recommender Systems Exploiting Knowledge Graphs

Vito Walter Anelli, Yashar Deldjoo, Tommaso Di Noia and
Eugenio Di Sciascio, Felice Antonio Merra

Keywords Paper

0

0

0

0

29:54

14/06/2020

Defending Against Model Stealing Attacks With Adaptive Misinformation

Sanjay Kariyappa, Moinuddin K. Qureshi

Keywords Paper

model stealing, security, machine learning, deep learning

0

0

0

0

1:01

03/05/2021

Witches' Brew: Industrial Scale Data Poisoning via Gradient Matching

Jonas Geiping, Liam H Fowl, Ronny Huang and
Wojciech Czaja, Gavin Taylor, Michael Moeller, Tom Goldstein

Keywords Paper

clean-label, from-scratch, Backdoor Attacks, Gradient Alignment, Large-scale, Data Poisoning, ImageNet, Security

0

0

0

0

4:40

06/12/2020

MetaPoison: Practical General-purpose Clean-label Data Poisoning

W. Ronny Huang, Jonas Geiping, Liam Fowl and
Gavin Taylor, Tom Goldstein

Keywords Paper

0

0

0

0

3:17

02/02/2021

Curse or Redemption? How Data Heterogeneity Affects the Robustness of Federated Learning

Syed Zawad, Ahsan Ali, Pin-Yu Chen and
Ali Anwar, Yi Zhou, Nathalie Baracaldo, Yuan Tian, Feng Yan

Keywords Paper

0

0

0

0

19:26

19/08/2021

Closing the BIG-LID: An Effective Local Intrinsic Dimensionality Defense for Nonlinear Regression Poisoning

Sandamal Weerasinghe, Tamas Abraham, Tansu Alpcan and
Sarah M. Erfani, Christopher Leckie, Benjamin I. P. Rubinstein

Keywords Paper

Machine Learning, Adversarial Machine Learning, Security and Privacy, Anomaly/Outlier Detection

0

0

0

0

17:05

22/09/2020

Revisiting adversarially learned injection attacks against recommender systems

Jiaxi Tang, Hongyi Wen, Ke Wang

Keywords Paper

Recommender System, Security and Privacy, Adversarial Machine Learning

0

0

0

0

2:13

07/06/2021

Network Inference from a Mixture of Diffusion Models for Fake News Mitigation

Karishma Sharma, Xinran He, Sungyong Seo, Yan Liu

Keywords Paper

Credibility of online content, Social network analysis, communities identification, expertise and authority discovery

0

0

0

0

8:57

22/09/2020

Exploring clustering of bandits for online recommendation system

Liu Yang, Bo Liu, Leyu Lin and
Feng Xia, Kai Chen, Qiang Yang

Keywords Paper

online learning, cluster-of-bandit, recommendation system

0

0

0

0

2:57

18/07/2021

CRFL: Certifiably Robust Federated Learning against Backdoor Attacks

Chulin Xie, Minghao Chen, Pin-Yu Chen, Bo Li

Keywords Paper

Social Aspects of Machine Learning, Privacy, Anonymity, and Security

0

0

0

0

5:13

06/12/2021

Adversarial Examples Make Strong Poisons

Liam Fowl, Micah Goldblum, Ping-yeh Chiang and
Jonas Geiping, Wojciech Czaja, Tom Goldstein

Keywords Paper

machine learning, robustness, adversarial robustness and security

0

0

0

0

14:05

02/02/2021

FedRec++: Lossless Federated Recommendation with Explicit Feedback

Feng Liang, Weike Pan, Zhong Ming

Keywords Paper

0

0

0

0

18:57

12/07/2020

Rank Aggregation from Pairwise Comparisons in the Presence of Adversarial Corruptions

Prathamesh Patil, Arpit Agarwal, Shivani Agarwal, Sanjeev Khanna

Keywords Paper

Supervised Learning

0

0

0

0

15:57

06/12/2021

A Gang of Adversarial Bandits

Mark Herbster, Stephen Pasteris, Fabio Vitale, Massimiliano Pontil

Keywords Paper

generative model, bandits, online learning

1

0

0

0

6:36

06/12/2020

AdvFlow: Inconspicuous Black-box Adversarial Attacks using Normalizing Flows

Hadi Mohaghegh Dolatabadi, Sarah Erfani, Christopher Leckie

Keywords Paper

0

0

0

0

3:59

18/07/2021

Learning Deep Neural Networks under Agnostic Corrupted Supervision

Boyang Liu, Mengying Sun, Ding Wang and
Pang-Ning Tan, Jiayu Zhou

Keywords Paper

Algorithms, Supervised Learning

0

0

0

0

4:59

12/07/2020

Dual-Path Distillation: A Unified Framework to Improve Black-Box Attacks

Yonggang Zhang, Ya Li, Tongliang Liu, Xinmei Tian

Keywords Paper

Adversarial Examples

0

0

0

0

11:33

07/06/2021

Machine Learning Explanations to Prevent Overtrust in Fake News Detection

Sina Mohseni, Fan Yang, Shiva Pentyala and
Mengnan Du, Yi Liu, Nic Lupfer, Xia Hu, Shuiwang Ji, Eric Ragan

Keywords Paper

Qualitative and quantitative studies of social media, Credibility of online content, Trust, reputation, recommendation systems, Human computer interaction, social media tools, navigation and visualization

0

0

0

0

8:01

14/06/2020

Enhancing Cross-Task Black-Box Transferability of Adversarial Examples With Dispersion Reduction

Yantao Lu, Yunhan Jia, Jianyu Wang and
Bai Li, Weiheng Chai, Lawrence Carin, Senem Velipasalar

Keywords Paper

adversarial example, black-box attack, cross tasks, transferability, deep neural network

0

0

0

0

1:01

12/08/2020

Cached and Confused: Web Cache Deception in the Wild

Seyed Ali Mirheidari, Sajjad Arshad, Kaan Onarlioglu and
Bruno Crispo, Engin Kirda, William Robertson

Keywords Paper

0

0

0

0

11:22

06/12/2021

Accumulative Poisoning Attacks on Real-time Data

Tianyu Pang, Xiao Yang, Yinpeng Dong and
Hang Su, Jun Zhu

Keywords Paper

machine learning, online learning, federated learning

0

0

0

0

5:55

13/04/2021

Learning user preferences in non-stationary environments

Wasim Huleihel, Soumyabrata Pal, Ofer Shayevitz

Keywords Paper

0

0

0

0

3:14

18/07/2021

Privacy-Preserving Feature Selection with Secure Multiparty Computation

Xiling Li, Rafael Dowsley, Martine De Cock

Keywords Paper

Social Aspects of Machine Learning, Privacy, Anonymity, and Security

0

0

0

0

5:12

07/06/2020

Modeling and Measuring Expressed (Dis)belief in (Mis)information

Shan Jiang, Miriam Metzger, Andrew Flanagin, Christo Wilson

Keywords Paper

claims, classifiers, large_scale, measures, misinformation, tweets

0

0

0

0

9:56

06/12/2020

Differentially-Private Federated Linear Bandits

Abhimanyu Dubey, Alex `Sandy' Pentland

Keywords Paper

0

0

0

0

2:47

02/02/2021

Deep Feature Space Trojan Attack of Neural Networks by Controlled Detoxification

Siyuan Cheng, Yingqi Liu, Shiqing Ma, Xiangyu Zhang

Keywords Paper

0

0

0

0

19:08

02/02/2021

Proactive Privacy-preserving Learning for Retrieval

Peng-Fei Zhang, Zi Huang, Xin-Shun Xu

Keywords Paper

0

0

0

0

17:14

14/06/2020

Evade Deep Image Retrieval by Stashing Private Images in the Hash Space

Yanru Xiao, Cong Wang, Xing Gao

Keywords Paper

deep learning to hash, adversarial learning, privacy preservation

0

0

0

0

1:01

19/08/2021

InverseNet: Augmenting Model Extraction Attacks with Training Data Inversion

Xueluan Gong, Yanjiao Chen, Wenbin Yang and
Guanghao Mei, Qian Wang

Keywords Paper

Machine Learning, Adversarial Machine Learning, Deep Learning, Security and Privacy

0

0

0

0

14:34

06/12/2021

Differentially Private Empirical Risk Minimization under the Fairness Lens

Cuong Tran, My Dinh, Ferdinando Fioretto

Keywords Paper

optimization, machine learning, fairness, privacy

0

0

0

0

15:03