结合图卷积神经网络和集成方法的推荐系统恶意攻击检测  被引量：1

作　　者：刘慧[1,2] 纪科[1,2] 陈贞翔 孙润元[1,2] 马坤[1,2] 邬俊[3] LIU Hui;JI Ke;CHEN Zhenxiang;SUN Runyuan;MA Kun;WU Jun(School of Information Science and Engineering,University of Jinan,Jinan 250022,China;Shandong Provincial Key Laboratory of Network Based Intelligent Computing(University of Jinan),Jinan 250022,China;School of Computer and Information Technology,Beijing Jiaotong University,Beijing 100044,China)

机构地区：[1]济南大学信息科学与工程学院,济南250022 [2]山东省网络环境智能计算技术重点实验室(济南大学),济南250022 [3]北京交通大学计算机与信息技术学院,北京100044

出　　处：《计算机科学》2024年第S01期940-948,共9页Computer Science

基　　金：国家自然科学基金(61702216,61772231,61671048,61672262);山东省重大科技创新工程(2018CXGC0706)。

摘　　要：推荐系统已被广泛应用于电子商务、社交媒体、信息分享等大多数互联网平台中,有效解决了信息过载问题。然而,这些平台面向所有互联网用户开放,导致不法用户利用系统设计缺陷通过恶意干扰、蓄意攻击等行为非法操纵评分数据,进而影响推荐结果,严重危害推荐服务的安全性。现有的检测方法大多都是基于从评级数据中提取的人工构建特征进行的托攻击检测,难以适应更复杂的共同访问注入攻击,并且人工构建特征费时且区分能力不足,同时攻击行为规模远远小于正常行为,给传统检测方法带来了不平衡数据问题。因此,文中提出堆叠多层图卷积神经网络端到端学习用户和项目之间的多阶交互行为信息得到用户嵌入和项目嵌入,将其作为攻击检测特征,以卷积神经网络作为基分类器实现深度行为特征提取,结合集成方法检测攻击。在真实数据集上的实验结果表明,与流行的推荐系统恶意攻击检测方法相比,所提方法对共同访问注入攻击行为有较好的检测效果并在一定程度上克服了不平衡数据的难题。Recommendation systems have been widely used in most Internet platforms,such as e-commerce,social media,and information sharing,which effectively solve the problem of information overload.However,these platforms are open to all Internet users,leading to illegal manipulation of rating data through malicious interference and deliberate attacks by unscrupulous users using system design flaws,affecting the recommendation results and seriously jeopardizing the security of recommendation ser-vices.Most existing detection methods are based on manually constructed features extracted from rating data for shilling attack detection,which is challenging to adapt to more complex co-visitation injection attacks,and manually constructed features are time-consuming and need more differentiation capability.In contrast,the scale of attack behavior is much smaller than normal behavior,bringing imbalanced data problems to traditional detection methods.Therefore,the paper proposes stacked multilayer graph convolutional neural networks end-to-end to learn multi-order interaction behavior information between users and items to obtain user embeddings and item embeddings,which are used as attack detection features,and convolutional neural networks are used as base classifiers to achieve deep behavior feature extraction,combined with ensemble methods to detect attacks.Experimental results on real datasets show that the method better detects co-visitation injection attacks and overcomes the imbalanced data problem to a certain extent compared with popular malicious attack detection methods for recommendation systems.

关 键 词：攻击检测 共同访问注入攻击 推荐系统 图卷积神经网络 卷积神经网络 集成方法 

分 类 号：TP391[自动化与计算机技术—计算机应用技术]