1, Item to Item Similarity: The similarity between item pairs can be found in different ways.

One of the

most common methods is to use cosine similarityItem to Item Similarity: The similarity between item
pairs can be found in different ways. One of the

most common methods is to use cosine similarity

2, Cold Start: Memory-Based systems struggle when there are too few contacts with new users or things

to make reliable suggestions.

3, group attack are coordinated attacks carried out by groups or multiple actors.

• The basic principle here is that the attacks are often based on groups of related

profiles, which are very similar.

4, group attack group attack are coordinated attacks carried out by groups or multiple actors.

• The basic principle here is that the attacks are often based on groups of related

profiles, which are very similar.

Random Attack

A "random attack" in the context of recommender systems (RS) typically refers to a type of

attack where the attacker randomly interacts with items in the system to manipulate or disrupt

the recommendation process.

5a, Item-based collaborative filtering

• In item-based filtering, new recommendations are selected based on the old interactions of the target

user. First, all the items that the user has already liked are considered. Then, similar products are

computed and clusters are made (nearest neighbors). New items from these clusters are suggested to
the
user.

• Item-based CF algorithms recommend items to a user based on the similarity of items to items that

the user has interacted with in the past. The algorithm first identifies a set of similar items based

on their attributes or features. The similarity between items is typically measured using distance

metrics or similarity measures such as Jaccard similarity or cosine similarity. Once the similar

items are identified, the algorithm recommends to the active user items that are similar to items

that the user has liked in the past.

Item-based approaches, on the other hand, predict the rating of a user u for an item i based on

the ratings of u for items similar to i. In such approaches, two items are similar if several users

of the system have rated these items in a similar fashion. Item-based Collaborative Filtering

Predict a user's preference for an item by finding similar items based on how users have rated

them. An example of the item-based technique is Netflix’s “Because you watched...” feature, which

recommends movies or shows based on examples that users previously showed interest in.
Item-to-Item Based Collaborative Filtering

• Collaborative Filtering is a technique or a method to predict a user’s taste and find the items that a

user might prefer on the basis of information collected from various other users having similar tastes

or preferences.

• It takes into consideration the basic fact that if person X and person Y have a certain reaction for

some items then they might have the same opinion for other items too.

• The two most popular forms of collaborative filtering are:

• User Based: Here, we look for the users who have rated various items in the same way and then find

the rating of the missing item with the help of these users.

• Item Based: Here, we explore the relationship between the pair of items (the user who bought Y, also

bought Z). We find the missing rating with the help of the ratings given to the other items by the user.

• Item to Item Similarity: The similarity between item pairs can be found in different ways. One of the

most common methods is to use cosine similarity

Prediction Computation: The second stage involves executing a recommendation system. It uses the

items (already rated by the user) that are most similar to the missing item to generate rating.
• We hence try to generate predictions based on the ratings of similar products. We compute this using

a formula which computes rating for a particular item using weighted sum of the ratings of the other

similar product.

5b, Step 1: Calculating the similarity between Alice and all the other users At first we calculate the

averages of the ratings of all the user excluding I5 as it is not rated by Alice

Therefore, we calculate the average as

•

6a, TYPE OF ATTACKS IN RECOMMENDER SYSTEM

In the context of recommender systems, which are used to suggest items (such as movies,

products, or content) to users based on their preferences and behavior, various types of attacks

can be targeted towards manipulating or compromising the recommendation process. Here are

some common types of attacks on recommender systems:

Profile Injection:

Profile injection attacks involve manipulating user profiles or behavior data within the

recommender system. Attackers may create fake profiles, artificially inflate preferences or
ratings, or introduce biased interactions to skew recommendations in their favor.

Shilling Attacks:

Shilling attacks involve creating fake users (shills) or accounts to promote or demote specific

items. Attackers may strategically rate items positively or negatively to influence

recommendations, leading to biased or manipulated results.

Data Poisoning:

Data poisoning attacks involve injecting false or misleading data into the recommender

system's training dataset. By introducing biased or malicious data points, attackers can

manipulate the underlying algorithms to generate skewed recommendations.

Model Inversion:

Model inversion attacks exploit vulnerabilities in the recommender system's model to infer

sensitive information about users based on their personalized recommendations. Attackers may

reverse-engineer the model to extract insights or exploit privacy concerns.

Profile Interference:

lOMoARcPSD|24316195

UNIT IV ATTACK-RESISTANT RECOMMENDER SYSTEMS

Types of

attacks

Push Attack Nuke attack

Random Average Bandwagon Segment love Hate Reverse

Bandwagon

Profile interference attacks involve perturbing user profiles or interactions to disrupt the

accuracy of recommendations. For example, attackers may deliberately interact with items to

create noise or confusion in the user's profile, leading to suboptimal recommendations.

Manipulation of Item Features:

Attackers may manipulate the features or attributes of items (e.g., product descriptions,

metadata) to deceive the recommender system. By altering item characteristics, attackers can

influence how items are perceived and recommended to users.

Collaborative Attacks:

Collaborative attacks involve coordinated efforts by multiple malicious users or entities to

manipulate the recommendation process. This may include collusion among users to

collectively influence recommendations or exploit vulnerabilities in the system.

Adversarial Examples:

Adversarial examples are crafted inputs (e.g., ratings, interactions) designed to deceive the

recommender system's algorithms. By exploiting weaknesses in the model's decision

boundaries, attackers can generate misleading recommendations.

Privacy Violations:

Privacy attacks exploit vulnerabilities in the recommender system to compromise user privacy.

For example, attackers may leverage exposed user preferences or interactions to infer sensitive

information about individuals.

Cold-Start Attacks:

Cold-start attacks target recommender systems with limited or incomplete data about new users

or items. Attackers may exploit system weaknesses during the initial stages of user onboarding

or item introduction to bias recommendations.

Protecting recommender systems against these types of attacks requires robust security
measures, including data validation, anomaly detection, user authentication, and privacy-

preserving techniques. Regular monitoring and adaptation of algorithms to mitigate adversarial

behavior are also essential to maintain the integrity and effectiveness of recommendersystems.

6b, import numpy as np

import pandas as pd

from sklearn.metrics.pairwise import cosine_similarity

# Step 1: Original user-item rating data

data = {

'User': ['User1', 'User2', 'User3', 'User4'],

'Movie1': [5, 4, 3, 2],

'Movie2': [4, 5, 2, 3],

'Movie3': [2, 3, 5, 4],

}
# Creating a DataFrame for the ratings

df = pd.DataFrame(data)

df.set_index('User', inplace=True)

# Step 2: Function to simulate a Group Attack

def group_attack(target_movies, num_attack_users=2, high_rating=5):

# Multiple users are targeted for the group attack

for i in range(num_attack_users):

fake_user_id = f'FakeUser{i + 1}'

# Create ratings for the fake user

fake_ratings = np.random.randint(1, 6, df.shape[1]) # Random ratings for other items

for movie in target_movies:

fake_ratings[df.columns.get_loc(movie)] = high_rating # High rating for target movies

# Add the fake user to the DataFrame

df.loc[fake_user_id] = fake_ratings

# Execute the Group Attack to promote 'Movie1' and 'Movie3' with high ratings

group_attack(target_movies=['Movie1', 'Movie3'], num_attack_users=2)

# Step 3: Calculate user-user similarity after the attack

user_similarity = cosine_similarity(df)

np.fill_diagonal(user_similarity, 0) # Set diagonal elements to 0 to avoid self-similarity

# Create DataFrame for user similarity

user_similarity_df = pd.DataFrame(user_similarity, index=df.index, columns=df.index)

# Step 4: Function to predict ratings for a given user and item

def predict_rating(user, item):

numerator = np.sum(user_similarity_df[user] * df[item]) # Weighted ratings of similar users

denominator = np.sum(np.abs(user_similarity_df[user])) # Sum of absolute similarities

if denominator == 0:

return 0

return numerator / denominator

# Function to recommend items for a specific user

def recommend_items(user):

unrated_items = df.columns[df.loc[user] == 0] # Find items that the user has not rated

predictions = [predict_rating(user, item) for item in unrated_items] # Predict ratings for unrated
items

recommendations = pd.DataFrame({'Item': unrated_items, 'Prediction': predictions})

# Sort recommendations by predicted rating in descending order

return recommendations.sort_values(by='Prediction', ascending=False)

# Get recommendations for 'User1' after the Group Attack

user_to_recommend = 'User1'
recommendations = recommend_items(user_to_recommend)

# Display the recommendations

print(f"Recommendations for {user_to_recommend} after Group Attack:")

print(recommendations)

output :

Recommendations for User1 after Group Attack:

Empty DataFrame
Columns: [Item, Prediction]
Index: []

7a, Movie Recommendation System

Data:

• User Preferences: User ratings for movies.

• Movie Attributes: Genre, director, actors, release year, etc.

Hybrid Approach Components:

1. Collaborative Filtering (CF):

• Idea: Recommend movies based on user behavior and preferences.

• Implementation:

• Use matrix factorization (like Singular Value Decomposition or Matrix Factorization)

to learn latent factors from user-item interactions (ratings).

• Predict ratings for unseen movies based on similar users' preferences.

2. Content-Based Filtering (CBF):

• Idea: Recommend movies based on the attributes or content of the items.

• Implementation:

• Extract features from movies such as genre, director, actors, release year.

• Build a profile for each user based on their rated movies.

• Recommend movies that are similar in content to the ones a user has liked.

3. Hybridization:

• Combining CF and CBF:

• Weighted Approach: Combine scores from CF and CBF using a weighted sum or

other fusion techniques.

• Switching Strategy: Use CF for some users and CBF for others based on data

availability or performance metrics.

• Feature Combination: Include content-based features (e.g., movie genres, director)

as additional input to the collaborative filtering model.

Recommendation Process:

• For a New User:

• If the user has not rated any movies yet:

• Use CBF to recommend movies based on their provided preferences (e.g., preferred

genres).

• Once the user rates some movies:

• Incorporate these ratings into the CF model to provide personalized recommendations.

• For Existing Users:

• Use the hybrid approach to generate recommendations:

• Combine CF predictions (based on user-item interactions) with CBF recommendations

(based on movie attributes).

• Present the top-rated hybrid recommendations to the user.

Benefits of Hybrid Approach:

• Increased Accuracy: Combining multiple recommendation techniques can lead to more accurate

predictions.

• Improved Coverage: Content-based filtering can recommend items even when user-item interactions

are sparse (cold start problem).

• Enhanced Personalization: Incorporating user preferences (CBF) along with user-item interactions

(CF) leads to more personalized recommendations.

In this movie recommendation system example, the hybrid approach leverages both collaborative
filtering and

content-based filtering techniques to provide diverse and accurate movie recommendations tailored to

individual users' tastes and preferences. Hybridization allows for a more robust recommendation system
that

can handle various scenarios and user behaviours effectively.