TY - GEN
T1 - Privacy-aware recommendation with private-attribute protection using adversarial learning
AU - Beigi, Ghazaleh
AU - Mosallanezhad, Ahmadreza
AU - Guo, Ruocheng
AU - Alvari, Hamidreza
AU - Nou, Alexander
AU - Liu, Huan
N1 - Funding Information: This material is based upon the work supported, in part, by NSF #1614576, ARO W911NF-15-1-0328 and ONR N00014-17-1-2605. Publisher Copyright: © 2020 Association for Computing Machinery.
PY - 2020/1/20
Y1 - 2020/1/20
N2 - Recommendation is one of the critical applications that helps users find information relevant to their interests. However, a malicious attacker can infer users’ private information via recommendations. Prior work obfuscates user-item data before sharing it with recommendation system. This approach does not explicitly address the quality of recommendation while performing data obfuscation. Moreover, it cannot protect users against private-attribute inference attacks based on recommendations. This work is the first attempt to build a Recommendation with Attribute Protection (RAP) model which simultaneously recommends relevant items and counters private-attribute inference attacks. The key idea of our approach is to formulate this problem as an adversarial learning problem with two main components: the private attribute inference attacker, and the Bayesian personalized recommender. The attacker seeks to infer users’ private-attribute information according to their items list and recommendations. The recommender aims to extract users’ interests while employing the attacker to regularize the recommendation process. Experiments show that the proposed model both preserves the quality of recommendation service and protects users against private-attribute inference attacks.
AB - Recommendation is one of the critical applications that helps users find information relevant to their interests. However, a malicious attacker can infer users’ private information via recommendations. Prior work obfuscates user-item data before sharing it with recommendation system. This approach does not explicitly address the quality of recommendation while performing data obfuscation. Moreover, it cannot protect users against private-attribute inference attacks based on recommendations. This work is the first attempt to build a Recommendation with Attribute Protection (RAP) model which simultaneously recommends relevant items and counters private-attribute inference attacks. The key idea of our approach is to formulate this problem as an adversarial learning problem with two main components: the private attribute inference attacker, and the Bayesian personalized recommender. The attacker seeks to infer users’ private-attribute information according to their items list and recommendations. The recommender aims to extract users’ interests while employing the attacker to regularize the recommendation process. Experiments show that the proposed model both preserves the quality of recommendation service and protects users against private-attribute inference attacks.
KW - Adversarial learning
KW - Privacy
KW - Privacy-aware recommendation
KW - Private-attribute protection
KW - Utility
UR - http://www.scopus.com/inward/record.url?scp=85079515718&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85079515718&partnerID=8YFLogxK
U2 - 10.1145/3336191.3371832
DO - 10.1145/3336191.3371832
M3 - Conference contribution
T3 - WSDM 2020 - Proceedings of the 13th International Conference on Web Search and Data Mining
SP - 34
EP - 42
BT - WSDM 2020 - Proceedings of the 13th International Conference on Web Search and Data Mining
PB - Association for Computing Machinery, Inc
T2 - 13th ACM International Conference on Web Search and Data Mining, WSDM 2020
Y2 - 3 February 2020 through 7 February 2020
ER -