Skip to main content

Advertisement

Log in

Deep recommendation with iteration directional adversarial training

  • Regular Paper
  • Published:
Computing Aims and scope Submit manuscript

Abstract

Deep neural networks are vulnerable to attacks, posing significant security concerns across various applications, particularly in computer vision. Adversarial training has demonstrated effectiveness in improving the robustness of deep learning models by incorporating perturbations into the input space during training. Recently, adversarial training has been successfully applied to deep recommender systems. In these systems, user and item embeddings are perturbed through a minimax game, with constraints on perturbation directions, to enhance the model’s robustness and generalization. However, they still fail to defend against iterative attacks, which have shown an over 60% increase in effectiveness in the computer vision domain. Deep recommender systems may therefore be more susceptible to iterative attacks, which might lead to generalization failures. In this paper, we adapt iterative examples for deep recommender systems. Specifically, we propose a Deep Recommender with Iteration Directional Adversarial Training (DRIDAT) that combines attention mechanism and directional adversarial training for recommendations. Firstly, we establish a consumer-product collaborative attention to convey consumers different preferences on their interested products and the distinct preferences of different consumers on the same product they like. Secondly, we train the DRIDAT objective function using adversarial learning to minimize the impact of iterative attack. In addition, the maximum direction attack could push the embedding vector of input attacks towards instances with distinct labels. We mitigate this problem by implementing suitable constraints on the direction of the attack. Finally, we perform a series of evaluations on two prominent datasets. The findings show that our methodology outperforms all other methods for all metrics.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Algorithm 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

Data availability

The data that support the findings of this study are available from the corresponding author upon reasonable request.

References

  1. Koren Y, Bell R, Volinsky C (2009) Matrix factorization techniques for recommender systems. Computer 42(8):30–37

    Article  Google Scholar 

  2. Ortega F, Rojo D, Valdiviezo-Diaz P, Raya L (2018) Hybrid collaborative filtering based on users rating behavior. IEEE Access, pp 69582–69591

  3. Ding J, Feng F, He X, Yu G, Li Y, Jin D (2018) An improved sampler for Bayesian personalized ranking by leveraging view data. In: Companion proceedings of the web conference, pp 13–14

  4. Liu H, Wu Z, Zhang X (2018) CPLR: collaborative pairwise learning to rank for personalized recommendation. Knowl-Based Syst, pp 31–40

  5. Rendle S, Freudenthaler C, Gantner Z, Schmidt-Thieme L (2012) BPR: Bayesian personalized ranking from implicit feedback. In: Proceedings of the 25th conference on uncertainty in artificial intelligence, pp 452–461

  6. Zhang W, Chen T, Wang J, Yu Y (2013) Optimizing top-N collaborative filtering via dynamic negative item sampling. In: Proceedings of the 36th international ACM SIGIR conference on research and development in information retrieval, pp 785–788

  7. Zhao T, McAuley J, King I (2014) Leveraging social connections to improve personalized ranking for collaborative filtering. In: Proceedings of the 23rd ACM international conference on information and knowledge management, pp 261–270

  8. Collobert R , Weston J (2008) A unified architecture for natural language processing: deep neural networks with multitask learning. In: Proceedings of the 25th international conference on machine learning (ICML), pp 160–167

  9. Graves A, Jaitly N (2014) Towards end-to-end speech recognition with recurrent neural networks. In: Proceedings of the 31st international conference on machine learning, pp 1764–1772

  10. Xue F, He X, Wang X, Xu J, Liu K, Hong R (2019) Deep item-based collaborative filtering for top-n recommendation. ACM Trans Inf Syst 37(3):3

    Article  Google Scholar 

  11. He X, He Z, Du X, Chua T.-S. (2018) Adversarial personalized ranking for recommendation. In: Proceedings of the 41st international ACM SIGIR conference on research and development in information retrieval, pp 355–364

  12. Goodfellow IJ, Shlens J, Szegedy C (2014) Explaining and harnessing adversarial examples. arXiv:1412.6572

  13. Szegedy C, Zaremba W, Sutskever I, Bruna J, Erhan D, Goodfellow IJ, Fergus R (2013) Intriguing properties of neural networks. arXiv:1312.6199

  14. Miyato T, Maeda S, Koyama M, Ishii S (2018) Virtual adversarial training: a regularization method for supervised and semi-supervised learning. IEEE Trans Pattern Anal Mach Intell 41(8):1979–1993

    Article  Google Scholar 

  15. Xu Y, Chen L, Xie F, Hu W, Zhu J, Chen C, Zheng Z (2020) Directional adversarial training for recommender systems. In: 24th European conference on artificial intelligence (ECAI), pp 553–560

  16. Kurakin A, Goodfellow IJ, Bengio S (2017) Adversarial examples in the physical world. https://openreview.net/forum?id=HJGU3Rodl

  17. Anelli VW, Bellogin A, Deldjoo Y, Di Noia T, Merra FA (2021) Msap: multi-step adversarial perturbations on recommender systems embeddings. In: Proceedings of the thirty-fourth international Florida artificial intelligence research society conference, pp 1–6

  18. Koren Y, Rendle S, Bell R (2021) Advances in collaborative filtering. In: Recommender systems handbook, pp 91–142

  19. Rendle S, Krichene W, Zhang L, Anderson J (2020) Neural collaborative filtering vs. matrix factorization revisited. In: Proceedingsof the 14th ACM conference on recommender systems, pp 240–248

  20. Qi L, Liu Y, Zhang Y, Xu X, Bilal M, Song H (2022) Privacy-aware point-of-interest category recommendation in internet of things. IEEE Internet Things J 9(21):21398–21408

    Article  Google Scholar 

  21. Liu Y, Zhou X, Kou H, Zhao Y, Xu X, Zhang X et al (2023) Privacy-preserving point-of-interest recommendation based on simplified graph convolutional network for geological traveling. In: AACM transactions on intelligent systems and technology

  22. Hu Y, Koren Y, Volinsky C (2008) Collaborative filtering for implicit feedback datasets. In: 2008 Eighth IEEE international conference on Data Mining, 263-272

  23. Pan W , Chen L (2013) GBPR: group preference based Bayesian personalized ranking for one-class collaborative filtering. In: Proceedings of the 23rd international joint conference on artificial intelligence, pp 2691–2697

  24. Pan W, Zhong H, Xu C, Ming Z (2015) Adaptive bayesian personalized ranking for heterogeneous implicit feedbacks. Knowl-Based Syst, 173-180

  25. Kim S, Lee J, Shim H (2019) Dual neural personalized ranking. In: Proceedings of the world wide web conference (WWW), pp 863–873

  26. Wang P, Li S, Pan R (2018) Incorporating GAN for negative sampling in knowledge representation learning. In: Proceedings of the 32nd AAAI conference on artificial intelligence, pp 2005–2012

  27. Ding J, Quan Y, He X, Li Y, Jin D (2019) Reinforced negative sampling for recommendation with exposure data. In: Proceedings of the 28th international joint conference on artificial intelligence (IJCAI), pp 2230–2236

  28. He X, Liao L, Zhang H, Nie L, Hu X, Chua T (2017) Neural collaborative filtering. In: Proceedings of the 26th international conference on world wide web, pp 173–182

  29. He X, He Z, Song J, Liu Z, Jiang YG, Chua TS (2018) Nais: Neural attentive item similarity model for recommendation. IEEE Trans Knowl Data Eng 30(12):2354–2366

    Article  Google Scholar 

  30. Wang X, He X, Wang M, Feng F, Chua T (2019) Neural graph collaborative filtering. In: Proceedings of the 42nd international ACM SIGIR conference on research and development in information retrieval, pp 165–174

  31. Sarwar B, Karypis G, Konstan J, Riedl J (2001) Item-based collaborative filtering recommendation algorithms. In: Proceedings of the 10th international world wide web conference (WWW), pp 285–295

  32. Koren Y (2008) Factorization meets the neighborhood: a multifaceted collaborative filtering model. In: Proceedings of the 14th ACM SIGKDD international conference on knowledge discovery and data mining, pp 426–434

  33. Christakopoulou E, Karypis G (2018) Local latent space models for top-n recommendation. In: Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 1235-1243

  34. Ning X, Karypis G (2011) Slim: sparse linear methods for top-n recommender systems. In: 2011 IEEE 11th international conference on data mining, pp 497–506

  35. Christakopoulou E, Karypis G (2016) Local item-item models for top-n recommendation. In: Proceedings of the 10th ACM conference on recommender systems, pp 67–74

  36. Kabbur S, Ning X, Karypis G (2013) Fism: factored item similarity models for top-n recommender systems. In: The 19th ACM SIGKDD international conference on knowledge discovery and data mining (KDD), pp 659–667

  37. Christakopoulou E, Karypis G (2014) Hoslim: Higher-order sparse linear method for top-n recommender systems. In: Pacific-Asia conference on knowledge discovery and data mining, pp 38–49

  38. Huang L, Joseph AD, Nelson B, Rubinstein BI, Tygar JD (2011) Adversarial machine learning. In: Proceedings of the 4th ACM workshop on security and artificial intelligence, pp 43–58

  39. Akhtar N, Mian AS (2018) Threat of adversarial attacks on deep learning in computer vision: a survey. IEEE Access 6:14410–14430

    Article  Google Scholar 

  40. Zhang W, Sheng Q, Alhazmi AA, Li C (2020) Adversarial attacks on deep-learning models in natural language processing: a survey. ACM Trans Intell Syst Technol 11(3):41

    Article  Google Scholar 

  41. Deldjoo Y, Noia TD, Merra FA (2020) Adversarial machine learning in recommender systems (aml-recsys). In: The thirteenth ACM international conference on web search and data mining, pp 869–872

  42. Madry A, et al (2018) Towards deep learning models resistant to adversarial attacks. In: Proceedings of the 35th international conference on machine learning, pp 297–306

  43. Carlini N, Wagner DA (2017) Towards evaluating the robustness of neural networks. In: IEEE symposium on security and privacy, pp 39–57

  44. Yuan X et al (2019) Adversarial examples: attacks and defenses for deep learning. IEEE Trans Neural Netw Learn Syst 30(9):2805–2824

    Article  MathSciNet  Google Scholar 

  45. Agyemang P, Wu Z, Luo K, Ma Y, Fang L (2023) Robust multimedia recommender system based on dynamic collaborative filtering and directed adversarial learning. Int J Mach Learn Cybern, pp 1–15. https://doi.org/10.1007/s13042-023-01868-9

  46. Agyemang P, Zhao X, Fang L, Wu Z (2022) Ownership recommendation via iterative adversarial training. Neural Process Lett 54(1):637–655

    Article  Google Scholar 

  47. Wang Q, Yin H, Hu Z, Lian D, Wang H, Huang Z (2018) Neural memory streaming recommender networks with adversarial training. In: Proceedings of the 24th ACM SIGKDD international conference on knowledge discovery and data mining, pp 2467–2475

  48. Chae DK, Kang JS, Kim SW, Choi J (2019) Rating augmentation with generative adversarial networks towards accurate collaborative filtering. In: The World wide web conference, pp 2616–2622

  49. Du Y, Fang M, Yi J, Xu C, Cheng J, Tao D (2018) Enhancing the robustness of neural collaborative filtering systems under malicious attacks. IEEE Trans Multimedia 21(3):555–565

    Article  Google Scholar 

  50. Sun Z, Wu B, Hu S, Zhang M, Ye Y (2023) Attentive adversarial collaborative filtering. IEEE Trans Syst Man Cybern: Syst 53(7):4064–4076

    Article  Google Scholar 

  51. Chae DK, Kang JS, Kim SW, Lee JT (2018) Cfgan: a generic collaborative filtering framework based on generative adversarial networks. In: Proceedings of the 27th ACM international conference on information and knowledge management, pp 137–146

Download references

Acknowledgements

This research was supported by Zhejiang Provincial Natural Science Foundation of China under Grant No. LZ22F010005.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Zhefu Wu.

Ethics declarations

Conflict of interest

The authors declare that they have no Conflict of interest.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Paul, A., Wan, Y., Wu, Z. et al. Deep recommendation with iteration directional adversarial training. Computing 106, 3151–3174 (2024). https://doi.org/10.1007/s00607-024-01326-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00607-024-01326-6

Keywords

Mathematics Subject Classification

Navigation