Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Transcript of Cambridge
(ruin the party for everyone) targetted
(promote/demote: make money?) defending from (b) classification (a) social networks problem: where is your network? "honest" ratings sybil ratings problem: when to run your classifier?
when is your system under attack?
when do sybil ratings start damaging recs? monitor ratings over time (1) draw out attack (2) learn normal behaviour (3) monitor (4) force attackers to change items ratings "evaluating collaborative filtering
over time" RMSE -10% does similarity persist? accuracy over time? do recommendations change? are recommenders safe from abuse? recommender systems collaborative filtering users recommendations netflix prize questions how to predict ratings? does this reflect reality?
is accuracy enough? possible?
does RMSE reflect quality?
is this how systems work?
are winning solutions useful?
rather than appear, rate, disappear how? distrust newcomers force sybils to reappear (1b) examine attacks attacker determines dynamics of attack # sybils # ratings per sybil (many, many) *(few, many) (few, few) (many, few) precision, recall, impact (1) monitor with exponentially weighted moving average
(2) flag when incoming ratings > threshold
(3) update avg, threshold system user-level item-level monitor users:
(a) how many high-volume raters?
(b) how much are they rating? monitor items:
(a) how many people rating item?
(b) how extreme are the ratings?
(c) how much does mean shift? flag if all three are broken. . why?
(a) could be a popular item
(b) could have few extreme ratings
(c) a+b but not c = attack doesn't change anything attackers can defeat these defenses
with a ramp-up attack