Detecting shilling attacks in recommender systems based on analysis of user rating behavior

Abstract The existing unsupervised methods for detecting shilling attacks are mostly based on the rating patterns of users, ignoring the rating behavior difference between genuine users and attack users, and these methods suffer from low accuracy in detecting various shilling attacks without a priori knowledge of the attacks. To address these limitations, we propose a novel unsupervised shilling attack detection model based on an analysis of user rating behavior. First, we identify the target item(s) and the corresponding intentions of the attack users by analyzing the deviation of rating tendencies on each item, and based on this analysis, a set of suspicious users is constructed. Second, we analyze the users’ rating behaviors from an interest preference and rating preference perspective. In particular, we measure the diversity and memory of users’ interest preferences by entropy and block entropy, respectively, and we analyze the memory of user rating preferences by a self-correlation analysis. Finally, we calculate the suspicious degree and spot attack users in the set of suspicious users based on measurements of user rating behavior. Experimental results on the Netflix dataset, the MovieLens 1M dataset and the sampled Amazon review dataset demonstrate the effectiveness of the proposed detection model.