Qitao Qin, Yucong Luo, Mingyue Cheng, Qingyang Mao, Chenyi Lei
{"title":"DV-FSR:联合序列推荐的双视角目标攻击框架","authors":"Qitao Qin, Yucong Luo, Mingyue Cheng, Qingyang Mao, Chenyi Lei","doi":"arxiv-2409.07500","DOIUrl":null,"url":null,"abstract":"Federated recommendation (FedRec) preserves user privacy by enabling\ndecentralized training of personalized models, but this architecture is\ninherently vulnerable to adversarial attacks. Significant research has been\nconducted on targeted attacks in FedRec systems, motivated by commercial and\nsocial influence considerations. However, much of this work has largely\noverlooked the differential robustness of recommendation models. Moreover, our\nempirical findings indicate that existing targeted attack methods achieve only\nlimited effectiveness in Federated Sequential Recommendation (FSR) tasks.\nDriven by these observations, we focus on investigating targeted attacks in FSR\nand propose a novel dualview attack framework, named DV-FSR. This attack method\nuniquely combines a sampling-based explicit strategy with a contrastive\nlearning-based implicit gradient strategy to orchestrate a coordinated attack.\nAdditionally, we introduce a specific defense mechanism tailored for targeted\nattacks in FSR, aiming to evaluate the mitigation effects of the attack method\nwe proposed. Extensive experiments validate the effectiveness of our proposed\napproach on representative sequential models.","PeriodicalId":501281,"journal":{"name":"arXiv - CS - Information Retrieval","volume":"23 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"DV-FSR: A Dual-View Target Attack Framework for Federated Sequential Recommendation\",\"authors\":\"Qitao Qin, Yucong Luo, Mingyue Cheng, Qingyang Mao, Chenyi Lei\",\"doi\":\"arxiv-2409.07500\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Federated recommendation (FedRec) preserves user privacy by enabling\\ndecentralized training of personalized models, but this architecture is\\ninherently vulnerable to adversarial attacks. Significant research has been\\nconducted on targeted attacks in FedRec systems, motivated by commercial and\\nsocial influence considerations. However, much of this work has largely\\noverlooked the differential robustness of recommendation models. Moreover, our\\nempirical findings indicate that existing targeted attack methods achieve only\\nlimited effectiveness in Federated Sequential Recommendation (FSR) tasks.\\nDriven by these observations, we focus on investigating targeted attacks in FSR\\nand propose a novel dualview attack framework, named DV-FSR. This attack method\\nuniquely combines a sampling-based explicit strategy with a contrastive\\nlearning-based implicit gradient strategy to orchestrate a coordinated attack.\\nAdditionally, we introduce a specific defense mechanism tailored for targeted\\nattacks in FSR, aiming to evaluate the mitigation effects of the attack method\\nwe proposed. Extensive experiments validate the effectiveness of our proposed\\napproach on representative sequential models.\",\"PeriodicalId\":501281,\"journal\":{\"name\":\"arXiv - CS - Information Retrieval\",\"volume\":\"23 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-09-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Information Retrieval\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2409.07500\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Information Retrieval","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.07500","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
DV-FSR: A Dual-View Target Attack Framework for Federated Sequential Recommendation
Federated recommendation (FedRec) preserves user privacy by enabling
decentralized training of personalized models, but this architecture is
inherently vulnerable to adversarial attacks. Significant research has been
conducted on targeted attacks in FedRec systems, motivated by commercial and
social influence considerations. However, much of this work has largely
overlooked the differential robustness of recommendation models. Moreover, our
empirical findings indicate that existing targeted attack methods achieve only
limited effectiveness in Federated Sequential Recommendation (FSR) tasks.
Driven by these observations, we focus on investigating targeted attacks in FSR
and propose a novel dualview attack framework, named DV-FSR. This attack method
uniquely combines a sampling-based explicit strategy with a contrastive
learning-based implicit gradient strategy to orchestrate a coordinated attack.
Additionally, we introduce a specific defense mechanism tailored for targeted
attacks in FSR, aiming to evaluate the mitigation effects of the attack method
we proposed. Extensive experiments validate the effectiveness of our proposed
approach on representative sequential models.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
