Robust Graph Embedding Recommendation Against Data Poisoning Attack

Junyan Zhong, Chang Liu, Huibin Wang, Lele Tian, Han Zhu, Chan Tong Lam

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Citations (Scopus)


With the development of recommendation system technology, more and more Internet services are applied to recommendation systems. In recommendation systems, matrix factoring is the most widely used technique. However, matrix factoring algorithms are very susceptible to shilling attacks (trust or espionage). The former defends methods against data poisoning attacks focused on detecting individual attack behaviors. But there are few detection methods for group data poisoning attacks. Therefore, we propose a detection method based on Graph Neural Network (GNN) and adversarial learning. We train user-item nodes and edges through a semi-supervised learning approach, improving the robustness of the GNN recommendation system. Our work can be divided into the following parts: Firstly, we review the former recommendation systems and the graph representation learning recommendation systems. Secondly, we analyze the main vulnerabilities of the graph representation learning recommendation systems. Furthermore, the detection methods of data poisoning attacks are analyzed, and the difference between individual data poisoning attacks and group data poisoning attacks are discussed. Finally, we propose a per-process Robust-GNN semi-supervised detection model to conduct group detection on different types of attacks. In addition, we also analyze the sensitivity of the proposed methods. From the experiments results, it can be concluded that we should apply the attention mechanism to the proposed methods which makes it more generalized.

Original languageEnglish
Title of host publicationBig Data Intelligence and Computing - International Conference, DataCom 2022, Proceedings
EditorsChing-Hsien Hsu, Mengwei Xu, Hung Cao, Hojjat Baghban, A. B. Shawkat Ali
PublisherSpringer Science and Business Media Deutschland GmbH
Number of pages14
ISBN (Print)9789819922321
Publication statusPublished - 2023
EventInternational Conference on Big Data Intelligence and Computing, DataCom 2022 - Denarau, Fiji
Duration: 8 Dec 202210 Dec 2022

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume13864 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


ConferenceInternational Conference on Big Data Intelligence and Computing, DataCom 2022


  • Adversarial learning
  • Data poisoning attack
  • Graph neural network
  • Recommendation system


Dive into the research topics of 'Robust Graph Embedding Recommendation Against Data Poisoning Attack'. Together they form a unique fingerprint.

Cite this