The openness and anonymity of the Internet environment create many hazards for e-commerce. For collaborative recommender systems, it raises the possibility of that attackers will seek to bias the output recommendations through manipulation of the public inputs that the system permits. Fighting such manipulation is a constant battle for the owners and maintainers of such systems. In this talk, I will describe the known vulnerabilities of collaborative algorithms and examine a range of possible attack types that could be deployed against them. With these vulnerabilities in mind, I will discuss possible responses, including the deployment of alternate recommendation algorithms and the use of supervised and unsupervised techniques to detect attacks. Building on this research, I will examine what it might mean to build a robust collaborative recommender and consider the implications for other machine learning techniques deployed in public on-line environments.
Return to seminars