Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
153 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Fake Resume Attacks: Data Poisoning on Online Job Platforms (2402.14124v1)

Published 21 Feb 2024 in cs.CR

Abstract: While recent studies have exposed various vulnerabilities incurred from data poisoning attacks in many web services, little is known about the vulnerability on online professional job platforms (e.g., LinkedIn and Indeed). In this work, first time, we demonstrate the critical vulnerabilities found in the common Human Resources (HR) task of matching job seekers and companies on online job platforms. Capitalizing on the unrestricted format and contents of job seekers' resumes and easy creation of accounts on job platforms, we demonstrate three attack scenarios: (1) company promotion attack to increase the likelihood of target companies being recommended, (2) company demotion attack to decrease the likelihood of target companies being recommended, and (3) user promotion attack to increase the likelihood of certain users being matched to certain companies. To this end, we develop an end-to-end "fake resume" generation framework, titled FRANCIS, that induces systematic prediction errors via data poisoning. Our empirical evaluation on real-world datasets reveals that data poisoning attacks can markedly skew the results of matchmaking between job seekers and companies, regardless of underlying models, with vulnerability amplified in proportion to poisoning intensity. These findings suggest that the outputs of various services from job platforms can be potentially hacked by malicious users.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (46)
  1. Ibrahim M Ahmed and Manar Younis Kashmoola. 2021. Threats on machine learning technique by data poisoning attack: A survey. In Advances in Cyber Security: Third International Conference, ACeS 2021, Penang, Malaysia, August 24–25, 2021, Revised Selected Papers 3. Springer, 586–600.
  2. Adversarial attacks and defences: A survey. arXiv preprint arXiv:1810.00069 (2018).
  3. Targeted backdoor attacks on deep learning systems using data poisoning. arXiv preprint arXiv:1712.05526 (2017).
  4. Adversarial attack on graph structured data. In International conference on machine learning (ICML). PMLR, 1115–1124.
  5. Enterprise Cooperation and Competition Analysis with a Sign-Oriented Preference Network. In Proceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining (KDD). 774–782.
  6. A combined representation learning approach for better job and skill recommendation. In Proceedings of the 27th ACM International Conference on Information and Knowledge Management (CIKM). 1997–2005.
  7. Networking via LinkedIn: An examination of usage and career benefits. Journal of Vocational Behavior 118 (2020), 103396.
  8. ESCO: Towards a Semantic Web for the European Labor Market.. In LDOW@ WWW.
  9. Examining the use of online platforms for employment: A survey of US job seekers. In Proceedings of the 2021 CHI conference on human factors in computing Systems. 1–23.
  10. A Survey on Data Poisoning Attacks and Defenses. In 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC). IEEE, 48–55.
  11. Adversarial attacks and defenses on graphs. ACM SIGKDD Explorations Newsletter 22, 2 (2021), 19–34.
  12. A survey on adversarial attack in the age of artificial intelligence. Wireless Communications and Mobile Computing 2021 (2021), 1–22.
  13. Malcom: Generating malicious comments to attack neural fake news detection models. In 2020 IEEE International Conference on Data Mining (ICDM). IEEE, 282–291.
  14. Esco: Boosting job matching in europe with semantic interoperability. Computer 47, 10 (2014), 57–64.
  15. Prospecting the career development of talents: A survival analysis perspective. In Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery & Data Mining (KDD). 917–925.
  16. NEMO: Next career move prediction with contextual embedding. In Proceedings of the 26th International Conference on World Wide Web Companion (WWW). 505–513.
  17. Fortune teller: predicting your career path. In Proceedings of the AAAI conference on artificial intelligence (AAAI), Vol. 30.
  18. A hierarchical career-path-aware neural network for job mobility prediction. In Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD). 14–24.
  19. Attack under disguise: An intelligent data poisoning attack mechanism in crowdsourcing. In Proceedings of the 2018 World Wide Web Conference (WWW). 13–22.
  20. Playing atari with deep reinforcement learning. arXiv preprint arXiv:1312.5602 (2013).
  21. OpenAI. 2023. GPT-4 Technical Report. ArXiv abs/2303.08774 (2023).
  22. A Comprehensive Survey of Artificial Intelligence Techniques for Talent Analytics. arXiv preprint arXiv:2307.03195 (2023).
  23. Enhancing person-job fit for talent recruitment: An ability-aware neural network approach. In The 41st international ACM SIGIR conference on research & development in information retrieval (SIGIR). 25–34.
  24. Towards deep and representation learning for talent search at linkedin. In Proceedings of the 27th ACM International Conference on Information and Knowledge Management (CIKM). 2253–2261.
  25. The influence of online professional social media in human resource management: A systematic literature review. Technology in Society 63 (2020), 101335.
  26. Just how toxic is data poisoning? a unified benchmark for backdoor and data poisoning attacks. In International Conference on Machine Learning (ICML). PMLR, 9389–9398.
  27. Learning to Ask Screening Questions for Job Postings. In Proceedings of the 43rd International ACM SIGIR Conference on Research and Development in Information Retrieval (SIGIR). 549–558.
  28. Salience and Market-aware Skill Extraction for Job Targeting. In Proceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. 2871–2879.
  29. The impact of person-organization fit on talent management: A structure-aware convolutional neural network approach. In Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining (KDD). 1625–1633.
  30. Exploiting the contagious effect for employee turnover prediction. In Proceedings of the AAAI Conference on Artificial Intelligence (AAAI), Vol. 33. 1166–1173.
  31. On the vulnerability of large graphs. In 2010 IEEE International Conference on Data Mining. IEEE, 1091–1096.
  32. Variable interval time sequence modeling for career trajectory prediction: Deep collaborative perspective. In Proceedings of The ACM Web Conference (WWW). 612–623.
  33. Adversarial attacks and defenses in images, graphs and text: A review. International Journal of Automation and Computing 17 (2020), 151–178.
  34. Measuring the popularity of job skills in recruitment market: A multi-criteria approach. In Proceedings of the AAAI Conference on Artificial Intelligence (AAAI), Vol. 32.
  35. Looking further into the future: Career pathway prediction. In Proceedings of the International Workshop on Computational Jobs Marketplace.
  36. JAMES: Normalizing Job Titles with Multi-Aspect Graph Embeddings and Reasoning. In 2023 IEEE International Conference on Data Science and Advanced Analytics (DSAA). IEEE.
  37. Next career move prediction with contextual long short-term memory networks. US Patent App. 15/799,396.
  38. Manipulating Federated Recommender Systems: Poisoning with Synthetic Users and Its Countermeasures. arXiv preprint arXiv:2304.03054 (2023).
  39. Black-box attacks on sequential recommenders via data-free model extraction. In Proceedings of the 15th ACM Conference on Recommender Systems. 44–54.
  40. Job2Vec: Job title benchmarking with collective multi-view representation learning. In Proceedings of the 28th ACM International Conference on Information and Knowledge Management (CIKM). 2763–2771.
  41. Practical data poisoning attack against next-item recommendation. In Proceedings of The Web Conference 2020 (WWW). 2458–2464.
  42. Data poisoning attack against knowledge graph embedding. In Proceedings of the 28th International Joint Conference on Artificial Intelligence (IJCAI). 4853–4859.
  43. Large-scale talent flow embedding for company competitive analysis. In Proceedings of The Web Conference 2020 (WWW). 2354–2364.
  44. Attentive heterogeneous graph embedding for job mobility prediction. In Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD). 2192–2201.
  45. Online data poisoning attacks. In Learning for Dynamics and Control. PMLR, 201–210.
  46. Adversarial attacks on neural networks for graph data. In Proceedings of the 24th ACM SIGKDD international conference on knowledge discovery & data mining (KDD). 2847–2856.
Citations (4)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now