Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.



NetOS Seminar

Neal Lathia

on 28 April 2010

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Cambridge

n.lathia@cs.ucl.ac.uk @neal_lathia sybil attacks ... when an attacker tries to subvert the system by creating a large number of sybils -- pseudonymous identities -- in order to gain a disproportionate amount of influence... recommender systems random: inject noise
(ruin the party for everyone) targetted
(promote/demote: make money?) defending from (b) classification (a) social networks problem: where is your network? "honest" ratings sybil ratings problem: when to run your classifier?
when is your system under attack?
when do sybil ratings start damaging recs? monitor ratings over time (1) draw out attack (2) learn normal behaviour (3) monitor (4) force attackers to change items ratings "evaluating collaborative filtering
over time" RMSE -10% does similarity persist? accuracy over time? do recommendations change? are recommenders safe from abuse? recommender systems collaborative filtering users recommendations netflix prize questions how to predict ratings? does this reflect reality?

is accuracy enough? possible?
does RMSE reflect quality?
is this how systems work?
are winning solutions useful?
rather than appear, rate, disappear how? distrust newcomers force sybils to reappear (1b) examine attacks attacker determines dynamics of attack # sybils # ratings per sybil (many, many) *(few, many) (few, few) (many, few) precision, recall, impact (1) monitor with exponentially weighted moving average
(2) flag when incoming ratings > threshold
(3) update avg, threshold system user-level item-level monitor users:
(a) how many high-volume raters?
(b) how much are they rating? monitor items:
(a) how many people rating item?
(b) how extreme are the ratings?
(c) how much does mean shift? flag if all three are broken. . why?
(a) could be a popular item
(b) could have few extreme ratings
(c) a+b but not c = attack doesn't change anything attackers can defeat these defenses
with a ramp-up attack
Full transcript