Print Email Facebook Twitter On the feasibility of crawling-based attacks against recommender systems Title On the feasibility of crawling-based attacks against recommender systems Author Aiolli, Fabio (Università degli Studi di Padova) Conti, M. (Università degli Studi di Padova) Picek, S. (TU Delft Cyber Security) Polato, M. (Università degli Studi di Padova) Date 2022 Abstract Nowadays, online services, like e-commerce or streaming services, provide a personalized user experience through recommender systems. Recommender systems are built upon a vast amount of data about users/items acquired by the services. Such knowledge represents an invaluable resource. However, commonly, part of this knowledge is public and can be easily accessed via the Internet. Unfortunately, that same knowledge can be leveraged by competitors or malicious users. The literature offers a large number of works concerning attacks on recommender systems, but most of them assume that the attacker can easily access the full rating matrix. In practice, this is never the case. The only way to access the rating matrix is by gathering the ratings (e.g., reviews) by crawling the service's website. Crawling a website has a cost in terms of time and resources. What is more, the targeted website can employ defensive measures to detect automatic scraping. In this paper, we assess the impact of a series of attacks on recommender systems. Our analysis aims to set up the most realistic scenarios considering both the possibilities and the potential attacker's limitations. In particular, we assess the impact of different crawling approaches when attacking a recommendation service. From the collected information, we mount various profile injection attacks. We measure the value of the collected knowledge through the identification of the most similar user/item. Our empirical results show that while crawling can indeed bring knowledge to the attacker (up to 65% of neighborhood reconstruction on a mid-size dataset and up to 90% on a small-size dataset), this will not be enough to mount a successful shilling attack in practice. Subject collaborative filteringcrawlingRecommender systemssecurityshilling attack To reference this document use: http://resolver.tudelft.nl/uuid:18402415-8bfb-47dd-a279-93508299783c DOI https://doi.org/10.3233/JCS-210041 Embargo date 2023-07-01 ISSN 0926-227X Source Journal of Computer Security, 30 (4), 599-621 Bibliographical note Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public. Part of collection Institutional Repository Document type journal article Rights © 2022 Fabio Aiolli, M. Conti, S. Picek, M. Polato Files PDF jcs_2022_30_4_jcs_30_4_jc ... 210041.pdf 1.08 MB Close viewer /islandora/object/uuid:18402415-8bfb-47dd-a279-93508299783c/datastream/OBJ/view