Shilling Attack Detection in Recommender Systems

Abstract

Recommender systems help customers to select relevant products from millions of choices available on the internet. These systems can be based on various approaches: content based filtering, collaborative filtering, knowledge based approach and hybrid filtering. Recommender systems which are based on collaborative filtering are vulnerable to “shilling attacks” due to their open nature. Malicious users inject a few unscrupulous shilling profiles into the database of ratings for altering the system’s recommendation, due to which some inappropriate items are recommended by the system. As a result, the performance of the system may degrade. In this thesis, we simulated shilling attacks namely random, average, bandwagon and segment on Movie-Lens dataset, which focused on a set of users having similar interests. Biased ratings of the items are also introduced in the system. The results show that although segment attack has impact on item based collaborative filtering, still it has higher robustness than user based collaborative filtering approach. To preserve the trust of the recommender system, it is required to identify and remove the fictitious profiles from the system. Therefore, machine learning classifiers and detection attributes are used to distinguish the attacker’s profiles. Five classification algorithms are compared and a new model is proposed by integrating two models with high performances using majority voting method. The proposed model outperforms in most of the cases. In the experiments, it is proved that the combination of random forest and adaptive boosting algorithm is more accurate than simple random forest model.