Developing a model of the dynamics of states of a recommendation system under conditions of profile injection attacks

Authors

DOI:

https://doi.org/10.15587/1729-4061.2020.209047

Keywords:

recommendation system, information security, bot-network, Markovian processes, semi-Markovian processes

Abstract

The recommendation systems used to form a news feed in social networks or to create recommendation lists on content websites or Internet stores are often exposed to information profile injection attacks. These attacks are aimed at changing ratings, and thus at changing the frequency of appearing in recommendations, certain objects of a system. This can lead to threats to users’ information security and losses of the system owners. There are methods to detect attacks in recommendation systems, but they require permanent repetitive checks of all users’ profiles, which is a rather resource-intensive operation. At the same time, these methods do not contain any proposals as for determining the optimal frequency of attack checks. However, a properly chosen frequency of such checks will not overload a system too much and, at the same time, will provide an adequate level of its operational security.

A mathematical model of the dynamics of states of a recommendation system under conditions of an information attack with the use of the mathematical apparatus of Markovian and semi-Markovian processes was developed. The developed model makes it possible to study the influence of profile injection attacks on recommendation systems, in particular, on their operation efficiency and amount of costs to ensure their information security. The practical application of the developed model enables calculating for recommendation systems the optimum frequency of information attack check, taking into consideration the damage from such attacks and costs of permanent inspections.

Based on the developed mathematical model, the method for determining total costs of a recommendation system as a result of monitoring its own information security, neutralization of bot-networks activity and as a result of information attacks was proposed.

A method for determining the optimal frequency of checking a recommendation system for information attacks to optimize the overall costs of a system was developed. The application of this method will enable the owners of websites with recommendation systems to minimize their financial costs to provide their information security

Author Biographies

Yelyzaveta Meleshko, Central Ukrainian National Technical University Universytetskyi ave., 8, Kropyvnytskyi, Ukraine, 25006

PhD, Associate Professor

Department of Cybersecurity and Software

Oleksandr Drieiev, Central Ukrainian National Technical University Universytetskyi ave., 8, Kropyvnytskyi, Ukraine, 25006

PhD, Associate Professor

Department of Cybersecurity and Software

Mykola Yakymenko, Central Ukrainian National Technical University Universytetskyi ave., 8, Kropyvnytskyi, Ukraine, 25006

PhD, Associate Professor

Department of Cybersecurity and Software

Dmytro Lysytsia, National Technical University "Kharkiv Polytechnic Institute" Kyrpychova str., 2, Kharkiv, Ukraine, 61002

PhD

Department of Computer Engineering and Programming

References

  1. Ricci, F., Rokach, L., Shapira, B., Kantor, P. B. (Eds.) (2011). Recommender Systems Handbook. Springer, 842. doi: https://doi.org/10.1007/978-0-387-85820-3
  2. Valois, C., Armada, M. (2011). Recommender Systems In Social Networks. JISTEM Journal of Information Systems and Technology Management, 8 (3), 681–716. doi: https://doi.org/10.4301/s1807-17752011000300009
  3. Social networking and recommendation systems. Available at: https://courses.cs.washington.edu/courses/cse140/13wi/homework/hw4/homework4.html
  4. He, J., Chu, W. W. (2010). A Social Network-Based Recommender System (SNRS). Annals of Information Systems, 47–74. doi: https://doi.org/10.1007/978-1-4419-6287-4_4
  5. Kurban, A. (2016). Researches of modern information wars in online social networks. Informatsiyne suspilstvo, 23, 85–90. Available at: http://nbuv.gov.ua/UJRN/is_2016_23_15
  6. Ulichev, O. S., Meleshko, Y. V., Sawicki, D., Smailova, S. (2019). Computer modeling of dissemination of informational influences in social networks with different strategies of information distributors. Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments 2019. doi: https://doi.org/10.1117/12.2536480
  7. Lam, S. K., Riedl, J. (2004). Shilling recommender systems for fun and profit. Proceedings of the 13th Conference on World Wide Web - WWW ’04. doi: https://doi.org/10.1145/988672.988726
  8. O’Mahony, M. P., Hurley, N. J., Silvestre, G. C. M. (2002). Promoting Recommendations: An Attack on Collaborative Filtering. Database and Expert Systems Applications, 494–503. doi: https://doi.org/10.1007/3-540-46146-9_49
  9. Kumari, T., Bedi, P. (2017). A Comprehensive Study of Shilling Attacks in Recommender Systems. International Journal of Computer Science Issues, 14 (4), 44–50. doi: https://doi.org/10.20943/01201704.4450
  10. Zhou, W., Wen, J., Qu, Q., Zeng, J., Cheng, T. (2018). Shilling attack detection for recommender systems based on credibility of group users and rating time series. PLOS ONE, 13 (5), e0196533. doi: https://doi.org/10.1371/journal.pone.0196533
  11. Chirita, P.-A., Nejdl, W., Zamfir, C. (2005). Preventing shilling attacks in online recommender systems. Proceedings of the Seventh ACM International Workshop on Web Information and Data Management - WIDM ’05. doi: https://doi.org/10.1145/1097047.1097061
  12. Zhou, W., Wen, J., Koh, Y. S., Alam, S., Dobbie, G. (2014). Attack detection in recommender systems based on target item analysis. 2014 International Joint Conference on Neural Networks (IJCNN). doi: https://doi.org/10.1109/ijcnn.2014.6889419
  13. Williams, C. A., Mobasher, B., Burke, R. (2007). Defending recommender systems: detection of profile injection attacks. Service Oriented Computing and Applications, 1 (3), 157–170. doi: https://doi.org/10.1007/s11761-007-0013-0
  14. Mobasher, B., Burke, R., Bhaumik, R., Williams, C. (2007). Toward trustworthy recommender systems. ACM Transactions on Internet Technology, 7 (4), 23. doi: https://doi.org/10.1145/1278366.1278372
  15. Mobasher, B., Burke, R., Bhaumik, R., Williams, C. (2005). Effective attack models for shilling item-based collaborative filtering systems. In Proceedings of the WebKDD Workshop.
  16. Kaur, P., Goel, S. (2016). Shilling attack models in recommender system. 2016 International Conference on Inventive Computation Technologies (ICICT). doi: https://doi.org/10.1109/inventive.2016.7824865
  17. Gunes, I., Kaleli, C., Bilge, A., Polat, H. (2012). Shilling attacks against recommender systems: a comprehensive survey. Artificial Intelligence Review, 42 (4), 767–799. doi: https://doi.org/10.1007/s10462-012-9364-9
  18. Mohammed, A. S., Meleshko, Y., Balaji B, S., Serhii, S. (2019). Collaborative Filtering Method with the use of Production Rules. 2019 International Conference on Computational Intelligence and Knowledge Economy (ICCIKE). doi: https://doi.org/10.1109/iccike47802.2019.9004257
  19. Su, X., Khoshgoftaar, T. M. (2009). A Survey of Collaborative Filtering Techniques. Advances in Artificial Intelligence, 2009, 1–19. doi: https://doi.org/10.1155/2009/421425
  20. Jones, M. (2013). Recommender systems, Part 1. Introduction to approaches and algorithms. Learn about the concepts that underlie web recommendation engines. IBM. Available at: https://www.ibm.com/developerworks/opensource/library/os-recommender1/os-recommender1-pdf.pdf
  21. Jia, Y., Zhang, C., Lu, Q., Wang, P. (2014). Users' brands preference based on SVD++ in recommender systems. 2014 IEEE Workshop on Advanced Research and Technology in Industry Applications (WARTIA). doi: https://doi.org/10.1109/wartia.2014.6976489
  22. Çano, E., Morisio, M. (2017). Hybrid recommender systems: A systematic literature review. Intelligent Data Analysis, 21 (6), 1487–1524. doi: https://doi.org/10.3233/ida-163209
  23. Koren, Y. (2009). Collaborative filtering with temporal dynamics. Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining - KDD ’09. doi: https://doi.org/10.1145/1557019.1557072
  24. Meleshko, Y., Raskin, L., Semenov, S., Sira, O. (2019). Methodology of probabilistic analysis of state dynamics of multi­dimensional semi­Markov dynamic systems. Eastern-European Journal of Enterprise Technologies, 6 (4 (102)), 6–13. doi: https://doi.org/10.15587/1729-4061.2019.184637

Downloads

Published

2020-08-31

How to Cite

Meleshko, Y., Drieiev, O., Yakymenko, M., & Lysytsia, D. (2020). Developing a model of the dynamics of states of a recommendation system under conditions of profile injection attacks. Eastern-European Journal of Enterprise Technologies, 4(2 (106), 14–24. https://doi.org/10.15587/1729-4061.2020.209047

Issue

Vol. 4 No. 2 (106) (2020): Information technology. Industry control systems

Section

Information technology

License

Copyright (c) 2020 Yelyzaveta Meleshko, Oleksandr Drieiev, Mykola Yakymenko, Dmytro Lysytsia

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.

A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.