GGrantIndex
← Search

Collaborative Research: SaTC: CORE: Small: Securing Recommender Systems against Data Poisoning Attacks

$400,000FY2022CSENSF

Duke University, Durham NC

Investigators

Abstract

The goal of this project is to build secure recommender systems against data poisoning attacks. Recommender systems are common online, suggesting movies, products, news, and many other kinds of items in order to help people find things they are interested in and make decisions. The influence recommender systems have on people's behavior, however, makes them attractive targets: attackers can create fake users who rate items in ways that lead the system to recommend products that are more in the attackers' interests than the users'. These "data poisoning" attacks threaten the integrity of recommender systems, harming both the companies and people that use them. This proposal will develop methods to detect, limit, and recover from the damage of data poisoning attacks, making recommender systems more resistant to manipulation by bad actors and thus more trustable and useful; the methods will also be incorporated into students' coursework and research work, training a next generation of computer scientists to build more robust machine learning systems. The project is structured around three main aims. Task 1 involves systematically investigating the security vulnerabilities of recommender systems against data poisoning attacks where attackers have varying levels of knowledge about the algorithms and datasets. In task 2 the team will develop new recommendation algorithms that provably prevent data poisoning attacks, i.e., a bounded number of fake users provably cannot affect the system's performance no matter how the fake users craft their rating scores. Task 3 is to develop methods to detect the fake users in data poisoning attacks with provable guarantees and efficiently recover a recommender system from data poisoning attacks. The project will provide research opportunities for students with backgrounds that are traditionally underrepresented in computing, and the work will be incorporated into courses at Duke University and West Virginia University and disseminated widely. This project is jointly funded by Secure and Trustworthy Computing (SaTC) and the Established Program to Stimulate Competitive Research (EPSCoR). This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →