IFM: Integrating and fine-tuning adversarial examples of recommendation system under multiple models to enhance their transferability

IF 7.2 1区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Knowledge-Based Systems Pub Date : 2025-02-06 DOI:10.1016/j.knosys.2025.113111

Fulan Qian , Yan Cui , Mengyao Xu , Hai Chen , Wenbin Chen , Qian Xu , Caihong Wu , Yuanting Yan , Shu Zhao

{"title":"IFM: Integrating and fine-tuning adversarial examples of recommendation system under multiple models to enhance their transferability","authors":"Fulan Qian , Yan Cui , Mengyao Xu , Hai Chen , Wenbin Chen , Qian Xu , Caihong Wu , Yuanting Yan , Shu Zhao","doi":"10.1016/j.knosys.2025.113111","DOIUrl":null,"url":null,"abstract":"<div><div>In black-box attack scenarios on recommendation systems, attackers typically rely on surrogate models to approximate the target model and use them to generate adversarial examples due to a lack of knowledge about the internal mechanisms of the target recommendation model. However, reliance on a single surrogate model often leads to adversarial examples that are prone to overfitting, making them vulnerable to local extremes and limiting their transferability across different models. Moreover, methods generating adversarial examples in flat minimum regions fail to consistently perform across diverse models. To address these limitations, this paper proposes a feature integration and fine-tuning framework, IFM, which aims to reduce the overfitting of adversarial examples and enhance their transferability. IFM captures a wider range of attack features by integrating the knowledge of multiple recommendation models and performs fine-tuning to further improve the transferability of the adversarial examples. Experimental results affirm that our approach markedly enhances the transferability of adversarial examples in recommendation systems over existing state-of-the-art techniques, enabling efficient attacks on recommendation models.</div></div>","PeriodicalId":49939,"journal":{"name":"Knowledge-Based Systems","volume":"311 ","pages":"Article 113111"},"PeriodicalIF":7.2000,"publicationDate":"2025-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Knowledge-Based Systems","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0950705125001583","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

In black-box attack scenarios on recommendation systems, attackers typically rely on surrogate models to approximate the target model and use them to generate adversarial examples due to a lack of knowledge about the internal mechanisms of the target recommendation model. However, reliance on a single surrogate model often leads to adversarial examples that are prone to overfitting, making them vulnerable to local extremes and limiting their transferability across different models. Moreover, methods generating adversarial examples in flat minimum regions fail to consistently perform across diverse models. To address these limitations, this paper proposes a feature integration and fine-tuning framework, IFM, which aims to reduce the overfitting of adversarial examples and enhance their transferability. IFM captures a wider range of attack features by integrating the knowledge of multiple recommendation models and performs fine-tuning to further improve the transferability of the adversarial examples. Experimental results affirm that our approach markedly enhances the transferability of adversarial examples in recommendation systems over existing state-of-the-art techniques, enabling efficient attacks on recommendation models.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Knowledge-Based Systems 工程技术-计算机：人工智能

CiteScore

14.80

自引率

12.50%

发文量

1245

审稿时长

7.8 months

期刊介绍： Knowledge-Based Systems, an international and interdisciplinary journal in artificial intelligence, publishes original, innovative, and creative research results in the field. It focuses on knowledge-based and other artificial intelligence techniques-based systems. The journal aims to support human prediction and decision-making through data science and computation techniques, provide a balanced coverage of theory and practical study, and encourage the development and implementation of knowledge-based intelligence models, methods, systems, and software tools. Applications in business, government, education, engineering, and healthcare are emphasized.