Attacking Pre-trained Recommendation

May 06, 2023 · Declared Dead · 🏛 Annual International ACM SIGIR Conference on Research and Development in Information Retrieval

"No code URL or promise found in abstract"

Evidence collected by the PWNC Scanner

Authors Yiqing Wu, Ruobing Xie, Zhao Zhang, Yongchun Zhu, FuZhen Zhuang, Jie Zhou, Yongjun Xu, Qing He arXiv ID 2305.03995 Category cs.IR: Information Retrieval Citations 7 Venue Annual International ACM SIGIR Conference on Research and Development in Information Retrieval Last Checked 4 months ago

Abstract

Recently, a series of pioneer studies have shown the potency of pre-trained models in sequential recommendation, illuminating the path of building an omniscient unified pre-trained recommendation model for different downstream recommendation tasks. Despite these advancements, the vulnerabilities of classical recommender systems also exist in pre-trained recommendation in a new form, while the security of pre-trained recommendation model is still unexplored, which may threaten its widely practical applications. In this study, we propose a novel framework for backdoor attacking in pre-trained recommendation. We demonstrate the provider of the pre-trained model can easily insert a backdoor in pre-training, thereby increasing the exposure rates of target items to target user groups. Specifically, we design two novel and effective backdoor attacks: basic replacement and prompt-enhanced, under various recommendation pre-training usage scenarios. Experimental results on real-world datasets show that our proposed attack strategies significantly improve the exposure rates of target items to target users by hundreds of times in comparison to the clean model.