Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
102 tokens/sec
GPT-4o
59 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
6 tokens/sec
GPT-4.1 Pro
50 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Robust Federated Contrastive Recommender System against Model Poisoning Attack (2403.20107v1)

Published 29 Mar 2024 in cs.IR

Abstract: Federated Recommender Systems (FedRecs) have garnered increasing attention recently, thanks to their privacy-preserving benefits. However, the decentralized and open characteristics of current FedRecs present two dilemmas. First, the performance of FedRecs is compromised due to highly sparse on-device data for each client. Second, the system's robustness is undermined by the vulnerability to model poisoning attacks launched by malicious users. In this paper, we introduce a novel contrastive learning framework designed to fully leverage the client's sparse data through embedding augmentation, referred to as CL4FedRec. Unlike previous contrastive learning approaches in FedRecs that necessitate clients to share their private parameters, our CL4FedRec aligns with the basic FedRec learning protocol, ensuring compatibility with most existing FedRec implementations. We then evaluate the robustness of FedRecs equipped with CL4FedRec by subjecting it to several state-of-the-art model poisoning attacks. Surprisingly, our observations reveal that contrastive learning tends to exacerbate the vulnerability of FedRecs to these attacks. This is attributed to the enhanced embedding uniformity, making the polluted target item embedding easily proximate to popular items. Based on this insight, we propose an enhanced and robust version of CL4FedRec (rCL4FedRec) by introducing a regularizer to maintain the distance among item embeddings with different popularity levels. Extensive experiments conducted on four commonly used recommendation datasets demonstrate that CL4FedRec significantly enhances both the model's performance and the robustness of FedRecs.

View on arXiv
Definition Search Book Streamline Icon: https://streamlinehq.com
References (60)
  1. Federated collaborative filtering for privacy-preserving personalized recommendation system. arXiv preprint arXiv:1901.09888 (2019).
  2. A neural collaborative filtering model with interaction-based neighborhood. In Proceedings of the 2017 ACM on Conference on Information and Knowledge Management. 1979–1982.
  3. Machine learning with adversaries: Byzantine tolerant gradient descent. Advances in neural information processing systems 30 (2017).
  4. Secure federated matrix factorization. IEEE Intelligent Systems 36, 5 (2020), 11–20.
  5. PREFER: Point-of-interest REcommendation with efficiency and privacy-preservation via Federated Edge leaRning. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 5, 1 (2021), 1–25.
  6. F Maxwell Harper and Joseph A Konstan. 2015. The movielens datasets: History and context. Acm transactions on interactive intelligent systems (tiis) 5, 4 (2015), 1–19.
  7. Outer product-based neural collaborative filtering. In Proceedings of the 27th International Joint Conference on Artificial Intelligence. 2227–2233.
  8. Neural collaborative filtering. In Proceedings of the 26th international conference on world wide web. 173–182.
  9. On feature decorrelation in self-supervised learning. In Proceedings of the IEEE/CVF International Conference on Computer Vision. 9598–9608.
  10. Contrastive Self-supervised Learning in Recommender Systems: A Survey. arXiv preprint arXiv:2303.09902 (2023).
  11. Advances and open problems in federated learning. Foundations and Trends® in Machine Learning 14, 1–2 (2021), 1–210.
  12. Diederik P Kingma and Jimmy Ba. 2014. Adam: A method for stochastic optimization. arXiv preprint arXiv:1412.6980 (2014).
  13. Shyong K“Tony” Lam, Dan Frankowski, and John Riedl. 2006. Do you trust your recommendations? An exploration of security and privacy issues in recommender systems. In International conference on emerging trends in information and communication security. Springer, 14–29.
  14. Fedrec++: Lossless federated recommendation with explicit feedback. In Proceedings of the AAAI conference on artificial intelligence, Vol. 35. 4224–4231.
  15. Federated social recommendation with graph neural network. ACM Transactions on Intelligent Systems and Technology (TIST) 13, 4 (2022), 1–24.
  16. Decentralized collaborative learning framework for next POI recommendation. ACM Transactions on Information Systems 41, 3 (2023), 1–25.
  17. Physical Trajectory Inference Attack and Defense in Decentralized POI Recommendation. arXiv preprint arXiv:2401.14583 (2024).
  18. Linze Luo and Baisong Liu. 2022. Dual-Contrastive for Federated Social Recommendation. In 2022 International Joint Conference on Neural Networks (IJCNN). IEEE, 1–8.
  19. PerFedRec++: Enhancing Personalized Federated Recommendation with Self-Supervised Pre-Training. arXiv preprint arXiv:2305.06622 (2023).
  20. Image-based recommendations on styles and substitutes. In Proceedings of the 38th international ACM SIGIR conference on research and development in information retrieval. 43–52.
  21. Communication-efficient learning of deep networks from decentralized data. In Artificial intelligence and statistics. PMLR, 1273–1282.
  22. Privacy-Preserving News Recommendation Model Learning. In Findings of the Association for Computational Linguistics: EMNLP 2020. 1423–1432.
  23. Semi-decentralized federated ego graph learning for recommendation. In Proceedings of the ACM Web Conference 2023. 339–348.
  24. Towards Personalized Privacy: User-Governed Data Contribution for Federated Recommendation. arXiv preprint arXiv:2401.17630 (2024).
  25. Poisoning deep learning based recommender model in federated learning scenarios. arXiv preprint arXiv:2204.13594 (2022).
  26. FedRecAttack: model poisoning attack to federated recommendation. In 2022 IEEE 38th International Conference on Data Engineering (ICDE). IEEE, 2643–2655.
  27. The graph neural network model. IEEE transactions on neural networks 20, 1 (2008), 61–80.
  28. Towards Understanding and Mitigating Dimensional Collapse in Heterogeneous Federated Learning. In The Eleventh International Conference on Learning Representations.
  29. A Survey on Federated Recommendation Systems. arXiv preprint arXiv:2301.00767 (2022).
  30. A location-sentiment-aware recommender system for both home-town and out-of-town users. In Proceedings of the 23rd ACM SIGKDD international conference on knowledge discovery and data mining. 1135–1143.
  31. Fast-adapting and privacy-preserving federated recommender system. The VLDB Journal (2021), 1–20.
  32. Tongzhou Wang and Phillip Isola. 2020. Understanding contrastive representation learning through alignment and uniformity on the hypersphere. In International Conference on Machine Learning. PMLR, 9929–9939.
  33. A survey of e-commerce recommender systems. In 2007 international conference on service systems and service management. IEEE, 1–5.
  34. Contrastive learning for cold-start recommendation. In Proceedings of the 29th ACM International Conference on Multimedia. 5382–5390.
  35. A federated graph neural network framework for privacy-preserving personalization. Nature Communications 13, 1 (2022), 3091.
  36. FedAttack: Effective and covert poisoning attack on federated recommendation via hard sampling. In Proceedings of the 28th ACM SIGKDD Conference on Knowledge Discovery and Data Mining. 4164–4172.
  37. Fedcl: Federated contrastive learning for privacy-preserving recommendation. arXiv preprint arXiv:2204.09850 (2022).
  38. Mind: A large-scale dataset for news recommendation. In Proceedings of the 58th Annual Meeting of the Association for Computational Linguistics. 3597–3606.
  39. Self-supervised graph learning for recommendation. In Proceedings of the 44th international ACM SIGIR conference on research and development in information retrieval. 726–735.
  40. Self-supervised hypergraph convolutional networks for session-based recommendation. In Proceedings of the AAAI conference on artificial intelligence, Vol. 35. 4503–4511.
  41. Contrastive learning for sequential recommendation. In 2022 IEEE 38th international conference on data engineering (ICDE). IEEE, 1259–1273.
  42. Federated recommendation systems. Federated Learning: Privacy and Incentive (2020), 225–239.
  43. Byzantine-robust distributed learning: Towards optimal statistical rates. In International Conference on Machine Learning. PMLR, 5650–5659.
  44. Dynamic user modeling in social media systems. ACM Transactions on Information Systems (TOIS) 33, 3 (2015), 1–44.
  45. On-Device Recommender Systems: A Comprehensive Survey. arXiv preprint arXiv:2401.11441 (2024).
  46. Overcoming data sparsity in group recommendation. IEEE Transactions on Knowledge and Data Engineering 34, 7 (2020), 3447–3460.
  47. Self-supervised multi-channel hypergraph convolutional network for social recommendation. In Proceedings of the web conference 2021. 413–424.
  48. Are graph augmentations necessary? simple graph contrastive learning for recommendation. In Proceedings of the 45th international ACM SIGIR conference on research and development in information retrieval. 1294–1303.
  49. Self-supervised learning for recommender systems: A survey. IEEE Transactions on Knowledge and Data Engineering (2023).
  50. Untargeted attack against federated recommendation systems via poisonous item embeddings and the defense. In Proceedings of the AAAI Conference on Artificial Intelligence, Vol. 37. 4854–4863.
  51. Tenrec: A Large-scale Multipurpose Benchmark Dataset for Recommender Systems. Advances in Neural Information Processing Systems 35 (2022), 11480–11493.
  52. Manipulating Federated Recommender Systems: Poisoning with Synthetic Users and Its Countermeasures. In Proceedings of the 46th International ACM SIGIR Conference on Research and Development in Information Retrieval. 1690–1699.
  53. HeteFedRec: Federated Recommender Systems with Model Heterogeneity. arXiv preprint arXiv:2307.12810 (2023).
  54. Interaction-level Membership Inference Attack Against Federated Recommender Systems. In Proceedings of the ACM Web Conference 2023. 1053–1062.
  55. Manipulating Visually-aware Federated Recommender Systems and Its Countermeasures. ACM Transactions on Information Systems (2023).
  56. Double-scale self-supervised hypergraph learning for group recommendation. In Proceedings of the 30th ACM international conference on information & knowledge management. 2557–2567.
  57. Deep learning based recommender system: A survey and new perspectives. ACM computing surveys (CSUR) 52, 1 (2019), 1–38.
  58. Pipattack: Poisoning federated recommender systems for manipulating item promotion. In Proceedings of the Fifteenth ACM International Conference on Web Search and Data Mining. 1415–1423.
  59. Comprehensive privacy analysis on federated recommender system against attribute inference attacks. IEEE Transactions on Knowledge and Data Engineering (2023).
  60. S3-rec: Self-supervised learning for sequential recommendation with mutual information maximization. In Proceedings of the 29th ACM international conference on information & knowledge management. 1893–1902.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (6)
  1. Wei Yuan (110 papers)
  2. Chaoqun Yang (15 papers)
  3. Liang Qu (22 papers)
  4. Guanhua Ye (26 papers)
  5. Quoc Viet Hung Nguyen (57 papers)
  6. Hongzhi Yin (210 papers)
Citations (4)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now