A Poisoning Attack Based on Variant Generative Adversarial Networks in Recommender Systems

The emergence of poisoning attacks brings significant security risks to recommender systems. Injecting a well-designed set of fake user profiles into these systems can severely impact the quality of recommendations. However, existing attack models against recommender systems struggle to balance the imperceptibility and harmfulness of the generated fake user profiles. In this paper, we propose a novel poisoning attack model based on variant GAN. Firstly, we construct a candidate item set and divide each user rating behavior sequence into multiple shorter sequences. By identifying high-impact short sequences and calculating the proportion of high-impact sequences in each user rating sequence, we can determine the template profiles. Secondly, we design two different generators to simulate the fake user profiles, and employ a discriminator to enhance the generation of higher-quality fake user profiles. Finally, experimental results on three real datasets demonstrate that the proposed method outperforms state-of-the-art attacks in terms of attack performance, and the generated fake profiles are more difficult to detect when compared to the baselines.