Abstract
Privacy preserving is an essential aspect of modern recommender systems. However, the traditional approaches can hardly provide a rigid and provable privacy guarantee for recommender systems, especially for those systems based on collaborative filtering (CF) methods. Recent research revealed that by observing the public output of the CF, the adversary could infer the historical ratings of the particular user, which is known as the KNN attack and is considered a serious privacy violation for recommender systems. This paper addresses the privacy issue in CF by proposing a Private Neighbor Collaborative Filtering (PriCF) algorithm, which is constructed on the basis of the notion of differential privacy. PriCF contains an essential privacy operation, Private Neighbor Selection, in which the Laplace noise is added to hide the identity of neighbors and the ratings of each neighbor. To retain the utility, the Recommendation-Aware Sensitivity and a re-designed truncated similarity are introduced to enhance the performance of recommendations. A theoretical analysis shows that the proposed algorithm can resist the KNN attack while retaining the accuracy of recommendations. The experimental results on two real datasets show that the proposed PriCF algorithm retains most of the utility with a fixed privacy budget.
Similar content being viewed by others
References
Adomavicius G, Tuzhilin A (2005) Toward the next generation of recommender systems: a survey of the state-of-the-art and possible extensions. Proc IEEE Trans Knowl Data Eng 17(6):734–749
Banerjee S, Hegde N, Massoulié L (2012) The price of privacy in untrusted recommendation engines. In: 50th annual allerton conference on communication, control, and computing (allerton). Monticello, IL, pp 920–927
Berkovsky S, Eytani Y, Kuflik T, Ricci F (2007) Enhancing privacy and preserving accuracy of a distributed collaborative filtering. In: Proceedings of the 2007 ACM conference on recommender systems, RecSys ’07, ACM, New York, NY, USA, 2007, pp 9–16
Bhaskar R, Laxman S, Smith A, Thakurta A (2010) Discovering frequent patterns in sensitive data. In: Proceedings of the 16th ACM SIGKDD international conference on knowledge discovery and data mining, (KDD ’10), ACM, New York, NY, USA, 2010, pp. 503–512
Calandrino JA, Kilzer A, Narayanan A, Felten EW, Shmatikov V (2011) “you might also like: ” privacy risks of collaborative filtering. In: Proceedings of the 2011 IEEE symposium on security and privacy, SP ’11, IEEE Computer Society, Washington, DC, USA, 2011, pp 231–246
Canny J (2002) Collaborative filtering with privacy via factor analysis. In: Proceedings of the 25th annual international ACM SIGIR conference on research and development in information retrieval, SIGIR ’02, ACM, New York, NY, USA, 2002, pp 238–245
Chen R, Fung BC, Desai BC, Sossou NM (2012) Differentially private transit data publication: a case study on the montreal transportation system. In: Proceedings of the 18th ACM SIGKDD international conference on knowledge discovery and data mining, KDD ’12, ACM, New York, NY, USA, 2012, pp 213–221
Dwork C (2006) Differential privacy, In: Proceedings of the 33rd international conference on automata, languages and programming, ICALP’06, Springer, Berlin, pp 1–12
Dwork C (2008) Differential privacy: a survey of results. In: Proceedings of the 5th international conference on theory and applications of models of computation, TAMC’08, Springer, Berlin, pp 1–19
Dwork C, McSherry F, Nissim K, Smith A (2006) Calibrating noise to sensitivity in private data analysis. In: Proceedings of the third conference on theory of cryptography, TCC’06, Springer, Berlin, pp 265–284
Dwork C (2011) A firm foundation for private data analysis. Commun ACM 54(1):86–95
Götz M, Machanavajjhala A, Wang G, Xiao X, Gehrke J (2012) Publishing search logs: a comparative study of privacy guarantees. IEEE Trans Knowl Data Eng 24(3):520
Lu L, Medo M, Yeung CH, Zhang Y-C, Zhang Z-K, Zhou T (2012) Recommender systems. Phys Rep 519(1):1–49
Machanavajjhala A, Korolova A, Sarma A (2011) Personalized social recommendations: accurate or private. Proc VLDB Endow 4(7):440–450
McSherry F, Mironov I (2009) Differentially private recommender systems: building privacy into the net. In: Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining, KDD ’09, ACM, New York, NY, USA, 2009, pp 627–636
McSherry F, Talwar K (2007) Mechanism design via differential privacy. In: Proceedings of the 48th annual IEEE symposium on foundations of computer science, FOCS ’07, IEEE Computer Society, Washington, DC, USA, 2007, pp 94–103
McSherry F, Mahajan R (2010) Differentially-private network trace analysis, vol 40. ACM, New York
Narayanan A, Shmatikov V (2008) Robust de-anonymization of large sparse datasets. In: Proceedings of the 2008 IEEE symposium on security and privacy, SP ’08, IEEE Computer Society, Washington, DC, USA, 2008, pp 111–125
Nissim K, Raskhodnikova S, Smith A (2007) Smooth sensitivity and sampling in private data analysis. In: Proceedings of the thirty-ninth annual ACM symposium on theory of computing, STOC ’07, ACM, New York, NY, USA, 2007, pp 75–84
Parameswaran R, Blough D (2007) Privacy preserving collaborative filtering using data obfuscation. In: Proceedings of granular computing, GRC 2007, IEEE international conference on granular computing, 2007, p 380
Polat H, Du W (2006) Achieving private recommendations using randomized response techniques. In: Proceedings of the 10th Pacific–Asia conference on advances in knowledge discovery and data mining, PAKDD’06, Springer, Berlin, pp 637–646
Polat H, Du W (2003) Privacy-preserving collaborative filtering using randomized perturbation techniques. In: Proceedings of data mining, ICDM 2003, Third IEEE international conference on 2003, pp 625–628
Ramakrishnan N, Keller BJ, Mirza BJ, Grama AY, Karypis G (2001) Privacy risks in recommender systems. IEEE Internet Comput 5(6):54–62
Ren Y, Li G, Zhang J, Zhou W (2012) The efficient imputation method for neighborhood-based collaborative filtering. In: Proceedings of CIKM, 2012, pp 684–693
Ren Y, Li G, Zhou W (2013) A learning method for top-\(n\) recommendations with incomplete data. Soc Netw Anal Min 2013:1–14
Ren Y, Li G, Zhou W (2012) Learning rating patterns for top-\(n\) recommendations, In: Proceedings of ASONAM, 2012, pp 472–479
Zhan J, Hsieh C-L, Wang I-C, Sheng Hsu T, Liau C-J, Wang D-W (2010) Privacy-preserving collaborative recommender systems part C: applications and reviews. IEEE Trans Syst Man Cybern 40(4):472–476
Zhu T, Li G, Zhou W, Xiong P, Yuan C (2014) Deferentially private tagging recommendation based on topic model. In: Tseng VS, Ho TB, Zhou Z, Chen ALP, Kao H (eds) Advances in knowledge discovery and data mining, vol 8443. Springer International Publishing, Switzerland, pp 557–568
Zhu T, Li G, Ren Y, Zhou W, Xiong P (2013) Privacy preserving for tagging recommender systems, web intelligence (WI) and intelligent agent technologies (IAT), (2013) IEEE/WIC/ACM international joint conferences on (WI ’13) vol 2013, pp 81–88
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Zhu, T., Li, G., Pan, L. et al. Privacy preserving collaborative filtering for KNN attack resisting. Soc. Netw. Anal. Min. 4, 196 (2014). https://doi.org/10.1007/s13278-014-0196-2
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s13278-014-0196-2