attack arXiv Sep 22, 2025 · Sep 2025
Yuanrong Wang, Yingpeng Du · Nanyang Technological University
Extends shilling attack framework to generate side-feature-aware fake user profiles that poison recommender systems into promoting target items
Data Poisoning Attack tabular
Recommender systems (RS) greatly influence users' consumption decisions, making them attractive targets for malicious shilling attacks that inject fake user profiles to manipulate recommendations. Existing shilling methods can generate effective and stealthy fake profiles when training data only contain rating matrix, but they lack comprehensive solutions for scenarios where side features are present and utilized by the recommender. To address this gap, we extend the Leg-UP framework by enhancing the generator architecture to incorporate side features, enabling the generation of side-feature-aware fake user profiles. Experiments on benchmarks show that our method achieves strong attack performance while maintaining stealthiness.
traditional_ml Nanyang Technological University
ML Security Papers