Ownership Recommendation via Iterative Adversarial Training

摘要

Machine learning classifiers are vulnerable to adversarial perturbation, and their presence raises security concerns, especially in recommendation systems. While attacks and defense mechanisms in recommendation systems have received significant attention, Basic Iterative Method (BIM), which has been shown in Computer Vision to increase attack effectiveness by more than 60%, has received little attention in ownership recommendation. As a result, ownership recommender systems may be more sensitive to iterative perturbations, resulting in significant generalization errors. Adversarial Training, a regularization strategy that can withstand worst-case iterative perturbations, could be a viable option for improving model robustness and generalization. In this paper, we implement BIM for ownership recommendations. Through adversarial training, we propose the Adversarial Consumer and Producer Recommendation (ACPR) approach that integrates ownership features into a multi-objective pairwise ranking to capture the user’s preferences. The ACPR method learns a core embedding for each user and two transformation matrices that project the user’s core embedding into two role embeddings (i.e., a producer and consumer role) using an extension of matrix factorization. To minimize the impact of iterative perturbation, we train a consumer and producer recommender objective function using minimax adversarial training. Empirical studies on two Large-scale applications show that our method outperforms standard recommendation methods and recent methods that model ownership information.