ScienceGate Book Chapters
JOURNAL ARTICLE

Data Poisoning Attacks against Differentially Private Recommender Systems

Soumya WadhwaSaurabh AgrawalHarsh ChaudhariDeepthi SharmaKannan Achan

Year: 2020 Pages: 1617-1620
DOI: 10.1145/3397271.3401301
   Get Full-Text PDF    Get Analytical Report

Abstract

Recommender systems based on collaborative filtering are highly vulnerable to data poisoning attacks, where a determined attacker injects fake users with false user-item feedback, with an objective to either corrupt the recommender system or promote/demote a target set of items. Recently, differential privacy was explored as a defense technique against data poisoning attacks in the typical machine learning setting. In this paper, we study the effectiveness of differential privacy against such attacks on matrix factorization based collaborative filtering systems. Concretely, we conduct extensive experiments for evaluating robustness to injection of malicious user profiles by simulating common types of shilling attacks on real-world data and comparing the predictions of typical matrix factorization with differentially private matrix factorization.

Keywords:
Recommender system Computer science Computer security World Wide Web

Metrics

6
Cited By
0.44
FWCI (Field Weighted Citation Impact)
5
Refs
0.68
Citation Normalized Percentile
Is in top 1%
Is in top 10%

Citation History

Topics

Privacy-Preserving Technologies in Data
Physical Sciences →  Computer Science →  Artificial Intelligence
Cryptography and Data Security
Physical Sciences →  Computer Science →  Artificial Intelligence
Privacy, Security, and Data Protection
Social Sciences →  Social Sciences →  Sociology and Political Science

Related Documents

JOURNAL ARTICLE

Disguised as Privacy: Data Poisoning Attacks against Differentially Private Crowdsensing Systems

Zhetao LiZhirun ZhengSuiming GuoBin GuoFu XiaoKui Ren

Journal:   IEEE Transactions on Mobile Computing Year: 2022 Pages: 1-1
JOURNAL ARTICLE

Data Poisoning against Differentially-Private Learners: Attacks and Defenses

Yuzhe MaXiaojin ZhuJustin Hsu

Year: 2019 Pages: 4732-4738
JOURNAL ARTICLE

Assessing Wearable Human Activity Recognition Systems Against Data Poisoning Attacks in Differentially-Private Federated Learning

Abdur R. ShahidAhmed ImteajShahriar BadshaMd Zarif Hossain

Year: 2023
JOURNAL ARTICLE

Differentially private recommender systems

Frank McSherryIlya Mironov

Year: 2009 Pages: 627-636
JOURNAL ARTICLE

Data poisoning attacks on neighborhood‐based recommender systems

Liang ChenYangjun XuFenfang XieMin HuangZibin Zheng

Journal:   Transactions on Emerging Telecommunications Technologies Year: 2020 Vol: 32 (6)
© 2026 ScienceGate Book Chapters — All rights reserved.