ToDA: Target-oriented Diffusion Attacker against Recommendation System
arxiv(2024)
摘要
Recommendation systems (RS) have become indispensable tools for web services
to address information overload, thus enhancing user experiences and bolstering
platforms' revenues. However, with their increasing ubiquity, security concerns
have also emerged. As the public accessibility of RS, they are susceptible to
specific malicious attacks where adversaries can manipulate user profiles,
leading to biased recommendations. Recent research often integrates additional
modules using generative models to craft these deceptive user profiles,
ensuring them are imperceptible while causing the intended harm. Albeit their
efficacy, these models face challenges of unstable training and the
exploration-exploitation dilemma, which can lead to suboptimal results. In this
paper, we pioneer to investigate the potential of diffusion models (DMs), for
shilling attacks. Specifically, we propose a novel Target-oriented Diffusion
Attack model (ToDA). It incorporates a pre-trained autoencoder that transforms
user profiles into a high dimensional space, paired with a Latent Diffusion
Attacker (LDA)-the core component of ToDA. LDA introduces noise into the
profiles within this latent space, adeptly steering the approximation towards
targeted items through cross-attention mechanisms. The global horizon,
implemented by a bipartite graph, is involved in LDA and derived from the
encoded user profile feature. This makes LDA possible to extend the generation
outwards the on-processing user feature itself, and bridges the gap between
diffused user features and target item features. Extensive experiments compared
to several SOTA baselines demonstrate ToDA's effectiveness. Specific studies
exploit the elaborative design of ToDA and underscore the potency of advanced
generative models in such contexts.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要