Cargando…

Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems

Adversarial attacks, e.g., adversarial perturbations of the input and adversarial samples, pose significant challenges to machine learning and deep learning techniques, including interactive recommendation systems. The latent embedding space of those techniques makes adversarial attacks challenging...

Descripción completa

Detalles Bibliográficos
Autores principales: Wang, Siyu, Cao, Yuanjiang, Chen, Xiaocong, Yao, Lina, Wang, Xianzhi, Sheng, Quan Z.
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Frontiers Media S.A. 2022
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9110778/
https://www.ncbi.nlm.nih.gov/pubmed/35592793
http://dx.doi.org/10.3389/fdata.2022.822783
_version_ 1784709176638832640
author Wang, Siyu
Cao, Yuanjiang
Chen, Xiaocong
Yao, Lina
Wang, Xianzhi
Sheng, Quan Z.
author_facet Wang, Siyu
Cao, Yuanjiang
Chen, Xiaocong
Yao, Lina
Wang, Xianzhi
Sheng, Quan Z.
author_sort Wang, Siyu
collection PubMed
description Adversarial attacks, e.g., adversarial perturbations of the input and adversarial samples, pose significant challenges to machine learning and deep learning techniques, including interactive recommendation systems. The latent embedding space of those techniques makes adversarial attacks challenging to detect at an early stage. Recent advance in causality shows that counterfactual can also be considered one of the ways to generate the adversarial samples drawn from different distribution as the training samples. We propose to explore adversarial examples and attack agnostic detection on reinforcement learning (RL)-based interactive recommendation systems. We first craft different types of adversarial examples by adding perturbations to the input and intervening on the casual factors. Then, we augment recommendation systems by detecting potential attacks with a deep learning-based classifier based on the crafted data. Finally, we study the attack strength and frequency of adversarial examples and evaluate our model on standard datasets with multiple crafting methods. Our extensive experiments show that most adversarial attacks are effective, and both attack strength and attack frequency impact the attack performance. The strategically-timed attack achieves comparative attack performance with only 1/3 to 1/2 attack frequency. Besides, our white-box detector trained with one crafting method has the generalization ability over several other crafting methods.
format Online
Article
Text
id pubmed-9110778
institution National Center for Biotechnology Information
language English
publishDate 2022
publisher Frontiers Media S.A.
record_format MEDLINE/PubMed
spelling pubmed-91107782022-05-18 Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems Wang, Siyu Cao, Yuanjiang Chen, Xiaocong Yao, Lina Wang, Xianzhi Sheng, Quan Z. Front Big Data Big Data Adversarial attacks, e.g., adversarial perturbations of the input and adversarial samples, pose significant challenges to machine learning and deep learning techniques, including interactive recommendation systems. The latent embedding space of those techniques makes adversarial attacks challenging to detect at an early stage. Recent advance in causality shows that counterfactual can also be considered one of the ways to generate the adversarial samples drawn from different distribution as the training samples. We propose to explore adversarial examples and attack agnostic detection on reinforcement learning (RL)-based interactive recommendation systems. We first craft different types of adversarial examples by adding perturbations to the input and intervening on the casual factors. Then, we augment recommendation systems by detecting potential attacks with a deep learning-based classifier based on the crafted data. Finally, we study the attack strength and frequency of adversarial examples and evaluate our model on standard datasets with multiple crafting methods. Our extensive experiments show that most adversarial attacks are effective, and both attack strength and attack frequency impact the attack performance. The strategically-timed attack achieves comparative attack performance with only 1/3 to 1/2 attack frequency. Besides, our white-box detector trained with one crafting method has the generalization ability over several other crafting methods. Frontiers Media S.A. 2022-05-03 /pmc/articles/PMC9110778/ /pubmed/35592793 http://dx.doi.org/10.3389/fdata.2022.822783 Text en Copyright © 2022 Wang, Cao, Chen, Yao, Wang and Sheng. https://creativecommons.org/licenses/by/4.0/This is an open-access article distributed under the terms of the Creative Commons Attribution License (CC BY). The use, distribution or reproduction in other forums is permitted, provided the original author(s) and the copyright owner(s) are credited and that the original publication in this journal is cited, in accordance with accepted academic practice. No use, distribution or reproduction is permitted which does not comply with these terms.
spellingShingle Big Data
Wang, Siyu
Cao, Yuanjiang
Chen, Xiaocong
Yao, Lina
Wang, Xianzhi
Sheng, Quan Z.
Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems
title Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems
title_full Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems
title_fullStr Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems
title_full_unstemmed Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems
title_short Adversarial Robustness of Deep Reinforcement Learning Based Dynamic Recommender Systems
title_sort adversarial robustness of deep reinforcement learning based dynamic recommender systems
topic Big Data
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9110778/
https://www.ncbi.nlm.nih.gov/pubmed/35592793
http://dx.doi.org/10.3389/fdata.2022.822783
work_keys_str_mv AT wangsiyu adversarialrobustnessofdeepreinforcementlearningbaseddynamicrecommendersystems
AT caoyuanjiang adversarialrobustnessofdeepreinforcementlearningbaseddynamicrecommendersystems
AT chenxiaocong adversarialrobustnessofdeepreinforcementlearningbaseddynamicrecommendersystems
AT yaolina adversarialrobustnessofdeepreinforcementlearningbaseddynamicrecommendersystems
AT wangxianzhi adversarialrobustnessofdeepreinforcementlearningbaseddynamicrecommendersystems
AT shengquanz adversarialrobustnessofdeepreinforcementlearningbaseddynamicrecommendersystems