research-article

Privacy-Aware Recommendation with Private-Attribute Protection using Adversarial Learning

Authors:

Ghazaleh Beigi,

Ahmadreza Mosallanezhad,

Hamidreza Alvari,

Huan LiuAuthors Info & Claims

WSDM '20: Proceedings of the 13th International Conference on Web Search and Data Mining

Pages 34 - 42

https://doi.org/10.1145/3336191.3371832

Published: 22 January 2020 Publication History

Abstract

Recommendation is one of the critical applications that helps users find information relevant to their interests. However, a malicious attacker can infer users' private information via recommendations. Prior work obfuscates user-item data before sharing it with recommendation system. This approach does not explicitly address the quality of recommendation while performing data obfuscation. Moreover, it cannot protect users against private-attribute inference attacks based on recommendations. This work is the first attempt to build a Recommendation with Attribute Protection (RAP) model which simultaneously recommends relevant items and counters private-attribute inference attacks. The key idea of our approach is to formulate this problem as an adversarial learning problem with two main components: the private attribute inference attacker, and the Bayesian personalized recommender. The attacker seeks to infer users' private-attribute information according to their items list and recommendations. The recommender aims to extract users' interests while employing the attacker to regularize the recommendation process. Experiments show that the proposed model both preserves the quality of recommendation service and protects users against private-attribute inference attacks.

References

[1]

Hamidreza Alvari, Soumajyoti Sarkar, and Paulo Shakarian. 2019a. Detection of Violent Extremists in Social Media. In 2019 2nd International Conference on Data Intelligence and Security (ICDIS). 43--47.

[2]

Hamidreza Alvari, Elham Shaabani, Soumajyoti Sarkar, Ghazaleh Beigi, and Paulo Shakarian. 2019b. Less is More: Semi-Supervised Causal Inference for Detecting Pathogenic Users in Social Media. In Companion Proceedings of The 2019 World Wide Web Conference. ACM, 154--161.

Digital Library

[3]

Hamidreza Alvari, Elham Shaabani, and Paulo Shakarian. 2018. Early identification of pathogenic social media accounts. In 2018 IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, 169--174.

[4]

Hamidreza Alvari and Paulo Shakarian. 2019. Hawkes Process for Understanding the Influence of Pathogenic Social Media Accounts. In 2019 2nd International Conference on Data Intelligence and Security (ICDIS). 36--42.

[5]

Raef Bassily and Adam Smith. 2015. Local, private, efficient protocols for succinct histograms. In Proceedings of the forty-seventh annual ACM symposium on Theory of computing. ACM, 127--135.

Digital Library

[6]

Ghazaleh Beigi, Ruocheng Guo, Alexander Nou, Yanchao Zhang, and Huan Liu. 2019a. Protecting user privacy: An approach for untraceable web browsing history and unambiguous user profiles. In Proceedings of the Twelfth ACM International Conference on Web Search and Data Mining. ACM, 213--221.

Digital Library

[7]

Ghazaleh Beigi and Huan Liu. 2018a. Privacy in social media: Identification, mitigation and applications. arXiv preprint arXiv:1808.02191 (2018).

[8]

Ghazaleh Beigi and Huan Liu. 2018b. Similar but different: Exploiting users' congruity for recommendation systems. In International Conference on Social Computing, Behavioral-Cultural Modeling and Prediction and Behavior Representation in Modeling and Simulation. Springer, 129--140.

[9]

Ghazaleh Beigi and Huan Liu. 2019. Identifying novel privacy issues of online users on social media platforms by Ghazaleh Beigi and Huan Liu with Martin Vesely as coordinator. ACM SIGWEB Newsletter Winter (2019), 4.

[10]

Ghazaleh Beigi, Kai Shu, Ruocheng Guo, Suhang Wang, and Huan Liu. 2019b. I Am Not What I Write: Privacy Preserving Text Representation Learning. arXiv preprint arXiv:1907.03189 (2019).

[11]

Ghazaleh Beigi, Kai Shu, Ruocheng Guo, Suhang Wang, and Huan Liu. 2019 c. Privacy Preserving Text Representation Learning. In Proceedings of the 30th ACM Conference on Hypertext and Social Media. ACM, 275--276.

Digital Library

[12]

Joseph A Calandrino, Ann Kilzer, Arvind Narayanan, Edward W Felten, and Vitaly Shmatikov. 2011. " You Might Also Like:" Privacy Risks of Collaborative Filtering. In Security and Privacy (SP), 2011 IEEE Symposium on. IEEE, 231--246.

Digital Library

[13]

Daizong Ding, Mi Zhang, Shao-Yuan Li, Jie Tang, Xiaotie Chen, and Zhi-Hua Zhou. 2017. BayDNN: Friend Recommendation with Bayesian Personalized Ranking Deep Neural Network. In Proceedings of the ACM CIKM.

Digital Library

[14]

Cynthia Dwork. 2008. Differential privacy: A survey of results. In International Conference on Theory and Applications of Models of Computation. Springer, 1--19.

Digital Library

[15]

Tom Fawcett. 2006. An introduction to ROC analysis. Pattern recognition letters, Vol. 27, 8 (2006), 861--874.

[16]

Neil Zhenqiang Gong and Bin Liu. 2016. You Are Who You Know and How You Behave: Attribute Inference Attacks via Users' Social Friends and Behaviors. In USENIX Security Symposium. 979--995.

[17]

Neil Zhenqiang Gong and Bin Liu. 2018. Attribute Inference Attacks in Online Social Networks. ACM Transactions on Privacy and Security (TOPS), Vol. 21, 1 (2018).

[18]

Neil Zhenqiang Gong, Ameet Talwalkar, Lester Mackey, Ling Huang, Eui Chul Richard Shin, Emil Stefanov, Elaine Runting Shi, and Dawn Song. 2014. Joint link prediction and attribute inference using a social-attribute network. ACM Transactions on Intelligent Systems and Technology (TIST), Vol. 5, 2 (2014).

[19]

Ian Goodfellow, Jean Pouget-Abadie, Mehdi Mirza, Bing Xu, David Warde-Farley, Sherjil Ozair, Aaron Courville, and Yoshua Bengio. 2014. Generative adversarial nets. In Advances in neural information processing systems. 2672--2680.

[20]

F Maxwell Harper and Joseph A Konstan. 2016. The movielens datasets: History and context. Acm transactions on interactive intelligent systems (tiis), Vol. 5, 4 (2016).

[21]

Jianming He, Wesley W Chu, and Zhenyu Victor Liu. 2006. Inferring privacy information from social networks. In International Conference on Intelligence and Security Informatics. Springer, 154--165.

Digital Library

[22]

Dirk Hovy and Anders Søgaard. 2015. Tagging performance correlates with author age. In Proceedings of the 53rd Annual Meeting of the Association for Computational Linguistics, Vol. 2. 483--488.

[23]

Jingyu Hua, Chang Xia, and Sheng Zhong. 2015. Differentially Private Matrix Factorization. In IJCAI. 1763--1770.

[24]

J Jia and Gong NZhenqiang. 2018. AttriGuard: A Practical Defense Against Attribute Inference Attacks via Adversarial Machine Learning. In 27th $$USENIX$$ Security Symposium ($$USENIX$$ Security 18). USENIX Association.

[25]

Jinyuan Jia, Binghui Wang, Le Zhang, and Neil Zhenqiang Gong. 2017. AttriInfer: Inferring user attributes in online social networks using markov random fields. In Proceedings of the WWW. 1561--1569.

Digital Library

[26]

Zach Jorgensen and Ting Yu. 2014. A Privacy-Preserving Framework for Personalized, Social Recommendations. EDBT, Vol. 582.

[27]

Diederik P Kingma and Jimmy Ba. 2014. Adam: A method for stochastic optimization. arXiv preprint arXiv:1412.6980 (2014).

[28]

Joseph A Konstan and John Riedl. 2012. Recommender systems: from algorithms to user experience. User modeling and user-adapted interaction, Vol. 22, 1--2 (2012).

[29]

Yehuda Koren. 2009. Collaborative filtering with temporal dynamics. In Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining. ACM, 447--456.

Digital Library

[30]

Michal Kosinski, David Stillwell, and Thore Graepel. 2013. Private traits and attributes are predictable from digital records of human behavior. Proceedings of the National Academy of Sciences, Vol. 110, 15 (2013), 5802--5805.

[31]

Jack Lindamood, Raymond Heatherly, Murat Kantarcioglu, and Bhavani Thuraisingham. 2009. Inferring private information using social network data. In Proceedings of WWW. ACM, 1145--1146.

Digital Library

[32]

Zhifeng Luo and Zhanli Chen. 2014. A privacy preserving group recommender based on cooperative perturbation. In International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery. IEEE.

Digital Library

[33]

Frank McSherry and Ilya Mironov. 2009. Differentially private recommender systems: building privacy into the net. In Proceedings of SIGKDD. ACM.

Digital Library

[34]

Alan Mislove, Bimal Viswanath, Krishna P Gummadi, and Peter Druschel. 2010. You are who you know: inferring user profiles in online social networks. In Proceedings of WSDM. ACM, 251--260.

Digital Library

[35]

Wei Niu, James Caverlee, and Haokai Lu. 2018. Neural Personalized Ranking for Image Recommendation. In Proceedings of the 11th ACM WSDM.

Digital Library

[36]

Gong NZhenqiang and B Liu. 2016. You Are Who You Know and How You Behave: Attribute Inference Attacks via Users' Social Friends and Behaviors. In 25th $$USENIX$$ Security Symposium ($$USENIX$$ Security 16). USENIX Association.

[37]

Javier Parra-Arnau, David Rebollo-Monedero, and Jordi Forné. 2014. Optimal forgery and suppression of ratings for privacy enhancement in recommendation systems. Entropy, Vol. 16, 3 (2014), 1586--1631.

[38]

Huseyin Polat and Wenliang Du. 2003. Privacy-preserving collaborative filtering using randomized perturbation techniques. In International Conference on Data Mining. IEEE.

[39]

Naren Ramakrishnan, Benjamin J Keller, Batul J Mirza, Ananth Y Grama, and George Karypis. 2001. Privacy risks in recommender systems. IEEE Internet Computing 6 (2001), 54--62.

Digital Library

[40]

Al Mamunur Rashid, Istvan Albert, Dan Cosley, Shyong K Lam, Sean M McNee, Joseph A Konstan, and John Riedl. 2002. Getting to know you: learning new user preferences in recommender systems. In Proceedings of the 7th international conference on Intelligent user interfaces. ACM, 127--134.

Digital Library

[41]

David Rebollo-Monedero, Javier Parra-Arnau, and Jordi Forné. 2011. An information-theoretic privacy criterion for query forgery in information retrieval. In International Conference on Security Technology. Springer, 146--154.

[42]

Steffen Rendle, Christoph Freudenthaler, Zeno Gantner, and Lars Schmidt-Thieme. 2009. BPR: Bayesian personalized ranking from implicit feedback. In Proceedings of the twenty-fifth conference on uncertainty in artificial intelligence. AUAI Press.

Digital Library

[43]

Udi Weinsberg, Smriti Bhagat, Stratis Ioannidis, and Nina Taft. 2012. BlurMe: Inferring and obfuscating user gender based on ratings. In Proceedings of the sixth ACM conference on Recommender systems. ACM, 195--202.

Digital Library

[44]

Elena Zheleva and Lise Getoor. 2009. To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles. In Proceedings of the 18th international conference on World wide web. ACM, 531--540.

Digital Library

[45]

Xue Zhu and Yuqing Sun. 2016. Differential privacy for collaborative filtering recommender algorithm. In Proceedings of the 2016 ACM on International Workshop on Security And Privacy Analytics. ACM, 9--16.

Digital Library

[46]

Cai-Nicolas Ziegler, Sean M McNee, Joseph A Konstan, and Georg Lausen. 2005. Improving recommendation lists through topic diversification. In Proceedings of the 14th international conference on World Wide Web. ACM, 22--32.

Digital Library

Cited By

Wang ZZou LLi CWang SChen XYin DLiu W(2024)Toward Bias-Agnostic Recommender Systems: A Universal Generative FrameworkACM Transactions on Information Systems10.1145/365561742:6(1-30)Online publication date: 25-Jun-2024
https://dl.acm.org/doi/10.1145/3655617
Ge YLiu SFu ZTan JLi ZXu SLi YXian YZhang Y(2024)A Survey on Trustworthy Recommender SystemsACM Transactions on Recommender Systems10.1145/36528913:2(1-68)Online publication date: 13-Apr-2024
https://dl.acm.org/doi/10.1145/3652891
Yang HWu XQiu ZZheng YChen X(2024)Distributional Fairness-aware RecommendationACM Transactions on Information Systems10.1145/365285442:5(1-28)Online publication date: 29-Apr-2024
https://dl.acm.org/doi/10.1145/3652854
Show More Cited By

Index Terms

Privacy-Aware Recommendation with Private-Attribute Protection using Adversarial Learning
1. Information systems
  1. Information retrieval
    1. Retrieval tasks and goals
      1. Recommender systems
2. Security and privacy
  1. Human and societal aspects of security and privacy
    1. Privacy protections
  2. Software and application security
    1. Social network security and privacy

Recommendations

Adversarial tensor factorization for context-aware recommendation
RecSys '19: Proceedings of the 13th ACM Conference on Recommender Systems

Contextual factors such as time, location, or tag, can affect user preferences for a particular item. Context-aware recommendations are thus critical to improve both quality and explainability of recommender systems, compared to traditional ...
User Similarity Adjustment for Improved Recommendations
MIKE 2015: Proceedings of the Third International Conference on Mining Intelligence and Knowledge Exploration - Volume 9468

Recommender systems are becoming more and more attractive in both research and commercial communities due to Information overload problem and the popularity of the Internet applications. Collaborative Filtering, a popular branch of recommendation ...
Gray-Box Shilling Attack: An Adversarial Learning Approach
Recommender systems are essential components of many information services, which aim to find relevant items that match user preferences. Several studies have shown that shilling attacks can significantly weaken the robustness of recommender systems by ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

WSDM '20: Proceedings of the 13th International Conference on Web Search and Data Mining

January 2020

950 pages

ISBN:9781450368223

DOI:10.1145/3336191

General Chairs:
James Caverlee
Texas A&M University
,
Xia "Ben" Hu
Texas A&M University
,
Program Chairs:
Mounia Lalmas
Spotify
,
Wei Wang
University of California, Los Angeles

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 January 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

WSDM '20

Sponsor:

WSDM '20: The Thirteenth ACM International Conference on Web Search and Data Mining

February 3 - 7, 2020

TX, Houston, USA

Acceptance Rates

Overall Acceptance Rate 498 of 2,863 submissions, 17%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

41
Total Citations
View Citations
1,022
Total Downloads

Downloads (Last 12 months)84
Downloads (Last 6 weeks)7

Reflects downloads up to 25 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wang ZZou LLi CWang SChen XYin DLiu W(2024)Toward Bias-Agnostic Recommender Systems: A Universal Generative FrameworkACM Transactions on Information Systems10.1145/365561742:6(1-30)Online publication date: 25-Jun-2024
https://dl.acm.org/doi/10.1145/3655617
Ge YLiu SFu ZTan JLi ZXu SLi YXian YZhang Y(2024)A Survey on Trustworthy Recommender SystemsACM Transactions on Recommender Systems10.1145/36528913:2(1-68)Online publication date: 13-Apr-2024
https://dl.acm.org/doi/10.1145/3652891
Yang HWu XQiu ZZheng YChen X(2024)Distributional Fairness-aware RecommendationACM Transactions on Information Systems10.1145/365285442:5(1-28)Online publication date: 29-Apr-2024
https://dl.acm.org/doi/10.1145/3652854
Hu WFang H(2024)Towards Differential Privacy in Sequential Recommendation: A Noisy Graph Neural Network ApproachACM Transactions on Knowledge Discovery from Data10.1145/3643821Online publication date: 30-Jan-2024
https://doi.org/10.1145/3643821
Wang XLi QYu DLi QXu G(2024)Counterfactual Explanation for Fairness in RecommendationACM Transactions on Information Systems10.1145/364367042:4(1-30)Online publication date: 29-Jan-2024
https://dl.acm.org/doi/10.1145/3643670
Zhang DZhang KWu LTian MHong RWang MBaeza-Yates RBonchi F(2024)Path-Specific Causal Reasoning for Fairness-aware Cognitive DiagnosisProceedings of the 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining10.1145/3637528.3672049(4143-4154)Online publication date: 25-Aug-2024
https://dl.acm.org/doi/10.1145/3637528.3672049
Hu QSong YAngélica LLattanzi SMuñoz Medina AAkoglu LGionis AVassilvitskii S(2024)User Consented Federated Recommender System Against Personalized Attribute Inference AttackProceedings of the 17th ACM International Conference on Web Search and Data Mining10.1145/3616855.3635830(276-285)Online publication date: 4-Mar-2024
https://dl.acm.org/doi/10.1145/3616855.3635830
Yoo HZeng ZKang JQiu RZhou DLiu ZWang FXu CChan ETong HChua TNgo CKa-Wei Lee RKumar RLauw H(2024)Ensuring User-side Fairness in Dynamic Recommender SystemsProceedings of the ACM Web Conference 202410.1145/3589334.3645536(3667-3678)Online publication date: 13-May-2024
https://dl.acm.org/doi/10.1145/3589334.3645536
Zhang ZLiu QHu ZZhan YHuang ZGao WMao QChua TNgo CKa-Wei Lee RKumar RLauw H(2024)Enhancing Fairness in Meta-learned User Modeling via Adaptive SamplingProceedings of the ACM Web Conference 202410.1145/3589334.3645369(3241-3252)Online publication date: 13-May-2024
https://dl.acm.org/doi/10.1145/3589334.3645369
Zhang SYuan WYin H(2024)Comprehensive Privacy Analysis on Federated Recommender System Against Attribute Inference AttacksIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2023.329560136:3(987-999)Online publication date: Mar-2024
https://doi.org/10.1109/TKDE.2023.3295601
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents