Latent diffusion model-based data poisoning attack against QoS-aware cloud API recommender system

IF 4.4 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Networks Pub Date : 2025-02-14 DOI:10.1016/j.comnet.2025.111120

Zhen Chen , Jianqiang Yu , Shuang Fan , Jing Zhao , Dianlong You

{"title":"Latent diffusion model-based data poisoning attack against QoS-aware cloud API recommender system","authors":"Zhen Chen , Jianqiang Yu , Shuang Fan , Jing Zhao , Dianlong You","doi":"10.1016/j.comnet.2025.111120","DOIUrl":null,"url":null,"abstract":"<div><div>In the cloud era, cloud API, as one of the best carriers for data output, capability replication, and service delivery, has become one of the core elements of service-oriented software development and operation. However, with the significant challenge posed by a rapidly increasing number of cloud APIs, quality of service (QoS)-aware cloud API recommender system plays a crucial role in guiding users to select the most suitable APIs. Nevertheless, due to the profit-driven nature of cloud APIs and the openness of network environments, QoS-aware cloud API recommender systems are particularly susceptible to data poisoning attacks. These attacks manipulate recommendation outcomes to align with the attacker’s objectives, causing severe disruption to the cloud API ecosystem. Existing data poisoning methods for QoS-aware cloud API recommender systems have evolved from traditional heuristic-based approaches to generative adversarial network based methods. Although this evolution has improved attack performance, it remains challenging to strike an effective balance between attack effectiveness and invisibility. To address this issue, this paper proposes a data poisoning attack method based latent diffusion model. Firstly, real user-cloud API interaction data is compressed into latent feature space by multiple autoencoders to mitigate the limitation of data sparsity on model training. The diffusion model is then utilized to learn the distribution of real user interaction data with cloud APIs within this latent space. Furthermore, an attack loss is designed for model training in order to generate high-quality fake user data that is difficult to detect and aggressive in nature. Experimental results on the real-world dataset WS-DREAM demonstrate that the latent diffusion model-based data poisoning attack method outperforms baseline methods in terms of attack effectiveness, invisibility, and generalizability. This paper aims to raise awareness of cloud API recommendation security from an attack to defend perspective, providing a foundation for defenders to develop effective defense strategies and advancing the development of trustworthy QoS-aware cloud API recommender systems. The source code of the LDM implementation is publicly available at: <span><span>https://github.com/yjq012/LDM</span><svg><path></path></svg></span>.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"260 ","pages":"Article 111120"},"PeriodicalIF":4.4000,"publicationDate":"2025-02-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S138912862500088X","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

In the cloud era, cloud API, as one of the best carriers for data output, capability replication, and service delivery, has become one of the core elements of service-oriented software development and operation. However, with the significant challenge posed by a rapidly increasing number of cloud APIs, quality of service (QoS)-aware cloud API recommender system plays a crucial role in guiding users to select the most suitable APIs. Nevertheless, due to the profit-driven nature of cloud APIs and the openness of network environments, QoS-aware cloud API recommender systems are particularly susceptible to data poisoning attacks. These attacks manipulate recommendation outcomes to align with the attacker’s objectives, causing severe disruption to the cloud API ecosystem. Existing data poisoning methods for QoS-aware cloud API recommender systems have evolved from traditional heuristic-based approaches to generative adversarial network based methods. Although this evolution has improved attack performance, it remains challenging to strike an effective balance between attack effectiveness and invisibility. To address this issue, this paper proposes a data poisoning attack method based latent diffusion model. Firstly, real user-cloud API interaction data is compressed into latent feature space by multiple autoencoders to mitigate the limitation of data sparsity on model training. The diffusion model is then utilized to learn the distribution of real user interaction data with cloud APIs within this latent space. Furthermore, an attack loss is designed for model training in order to generate high-quality fake user data that is difficult to detect and aggressive in nature. Experimental results on the real-world dataset WS-DREAM demonstrate that the latent diffusion model-based data poisoning attack method outperforms baseline methods in terms of attack effectiveness, invisibility, and generalizability. This paper aims to raise awareness of cloud API recommendation security from an attack to defend perspective, providing a foundation for defenders to develop effective defense strategies and advancing the development of trustworthy QoS-aware cloud API recommender systems. The source code of the LDM implementation is publicly available at: https://github.com/yjq012/LDM.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Networks 工程技术-电信学

CiteScore

10.80

自引率

3.60%

发文量

434

审稿时长

8.6 months

期刊介绍： Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.