Cargando…
Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems
Adversarial attacks, e.g., adversarial perturbations of the input and adversarial samples, pose significant challenges to machine learning and deep learning techniques, including interactive recommendation systems. The latent embedding space of those techniques makes adversarial attacks challenging...
Autores principales: | , , , , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
Frontiers Media S.A.
2022
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9110778/ https://www.ncbi.nlm.nih.gov/pubmed/35592793 http://dx.doi.org/10.3389/fdata.2022.822783 |
_version_ | 1784709176638832640 |
---|---|
author | Wang, Siyu Cao, Yuanjiang Chen, Xiaocong Yao, Lina Wang, Xianzhi Sheng, Quan Z. |
author_facet | Wang, Siyu Cao, Yuanjiang Chen, Xiaocong Yao, Lina Wang, Xianzhi Sheng, Quan Z. |
author_sort | Wang, Siyu |
collection | PubMed |
description | Adversarial attacks, e.g., adversarial perturbations of the input and adversarial samples, pose significant challenges to machine learning and deep learning techniques, including interactive recommendation systems. The latent embedding space of those techniques makes adversarial attacks challenging to detect at an early stage. Recent advance in causality shows that counterfactual can also be considered one of the ways to generate the adversarial samples drawn from different distribution as the training samples. We propose to explore adversarial examples and attack agnostic detection on reinforcement learning (RL)-based interactive recommendation systems. We first craft different types of adversarial examples by adding perturbations to the input and intervening on the casual factors. Then, we augment recommendation systems by detecting potential attacks with a deep learning-based classifier based on the crafted data. Finally, we study the attack strength and frequency of adversarial examples and evaluate our model on standard datasets with multiple crafting methods. Our extensive experiments show that most adversarial attacks are effective, and both attack strength and attack frequency impact the attack performance. The strategically-timed attack achieves comparative attack performance with only 1/3 to 1/2 attack frequency. Besides, our white-box detector trained with one crafting method has the generalization ability over several other crafting methods. |
format | Online Article Text |
id | pubmed-9110778 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2022 |
publisher | Frontiers Media S.A. |
record_format | MEDLINE/PubMed |
spelling | pubmed-91107782022-05-18 Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems Wang, Siyu Cao, Yuanjiang Chen, Xiaocong Yao, Lina Wang, Xianzhi Sheng, Quan Z. Front Big Data Big Data Adversarial attacks, e.g., adversarial perturbations of the input and adversarial samples, pose significant challenges to machine learning and deep learning techniques, including interactive recommendation systems. The latent embedding space of those techniques makes adversarial attacks challenging to detect at an early stage. Recent advance in causality shows that counterfactual can also be considered one of the ways to generate the adversarial samples drawn from different distribution as the training samples. We propose to explore adversarial examples and attack agnostic detection on reinforcement learning (RL)-based interactive recommendation systems. We first craft different types of adversarial examples by adding perturbations to the input and intervening on the casual factors. Then, we augment recommendation systems by detecting potential attacks with a deep learning-based classifier based on the crafted data. Finally, we study the attack strength and frequency of adversarial examples and evaluate our model on standard datasets with multiple crafting methods. Our extensive experiments show that most adversarial attacks are effective, and both attack strength and attack frequency impact the attack performance. The strategically-timed attack achieves comparative attack performance with only 1/3 to 1/2 attack frequency. Besides, our white-box detector trained with one crafting method has the generalization ability over several other crafting methods. Frontiers Media S.A. 2022-05-03 /pmc/articles/PMC9110778/ /pubmed/35592793 http://dx.doi.org/10.3389/fdata.2022.822783 Text en Copyright © 2022 Wang, Cao, Chen, Yao, Wang and Sheng. https://creativecommons.org/licenses/by/4.0/This is an open-access article distributed under the terms of the Creative Commons Attribution License (CC BY). The use, distribution or reproduction in other forums is permitted, provided the original author(s) and the copyright owner(s) are credited and that the original publication in this journal is cited, in accordance with accepted academic practice. No use, distribution or reproduction is permitted which does not comply with these terms. |
spellingShingle | Big Data Wang, Siyu Cao, Yuanjiang Chen, Xiaocong Yao, Lina Wang, Xianzhi Sheng, Quan Z. Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems |
title | Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems |
title_full | Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems |
title_fullStr | Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems |
title_full_unstemmed | Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems |
title_short | Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems |
title_sort | adversarial robustness of deep reinforcement learning based dynamic recommender systems |
topic | Big Data |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9110778/ https://www.ncbi.nlm.nih.gov/pubmed/35592793 http://dx.doi.org/10.3389/fdata.2022.822783 |
work_keys_str_mv | AT wangsiyu adversarialrobustnessofdeepreinforcementlearningbaseddynamicrecommendersystems AT caoyuanjiang adversarialrobustnessofdeepreinforcementlearningbaseddynamicrecommendersystems AT chenxiaocong adversarialrobustnessofdeepreinforcementlearningbaseddynamicrecommendersystems AT yaolina adversarialrobustnessofdeepreinforcementlearningbaseddynamicrecommendersystems AT wangxianzhi adversarialrobustnessofdeepreinforcementlearningbaseddynamicrecommendersystems AT shengquanz adversarialrobustnessofdeepreinforcementlearningbaseddynamicrecommendersystems |