Skip to content

SlenderMongoose/RecGuard-DetectX

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

RecGuard-DetectX

A Unified Framework for Detecting Poisoning Attacks in Recommender Systems


RecGuard-DetectX is an extensible library designed to evaluate and defend against poisoning attacks in recommender systems. It provides standardized benchmarks, modular components, and realistic evaluation scenarios to support reproducible and scalable research.

🔍 Key Features

  • 17+ Detection Models Integrated: Includes implementations of leading detection methods from recent research for out-of-the-box comparison.

  • 11+ Poisoning Attack Models Integrated: Supports a wide range of attack strategies, enabling comprehensive testing of detector robustness.

  • Scenario-aligned Injection Pipeline: The generation of poisoned instances is driven by configurable environmental setups.

  • Modular & Extensible Design: Easy to integrate new attacks, detectors, and datasets with minimal code changes.

  • Open and Reproducible: All code and experiments are released to ensure transparency and replicability.

🧨 Supported Poisoning Attacks in RG-DX

No. RG-DX Name (alias) Original Name (from Paper) Paper Title (Source Website)
1 RAN RandomBot Shilling Recommender Systems for Fun and Profit
2 AVG Average Attack Shilling Attack Models in Recommender System
3 NEG Segment-Based Injection Attack Segment-Based Injection Attacks against Collaborative Filtering Recommender Systems
4 POP Bandwagon Attack Analysis of Bandwagon and Average Hybrid Attack Model against Trust-based Recommender Systems
5 PUS Power Users Attack (based on similarity) When Power Users Attack: Assessing Impacts in Collaborative Recommender Systems
6 PUI Co-visitation Injection Attacks (high knowledge) Fake Co-visitation Injection Attacks to Recommender Systems
7 COP Power Users Attack (random choose) When Power Users Attack: Assessing Impacts in Collaborative Recommender Systems
8 PGA N/A (PGA version) Data Poisoning Attacks on Factorization-Based Collaborative Filtering
9 AIA N/A Revisiting Adversarially Learned Injection Attacks Against Recommender Systems
10 AUS AUSH Attacking Recommender Systems with Augmented User Profiles
11 LUP Leg-UP Shilling Black-Box Recommender Systems by Learning to Generate Fake User Profiles

Note: N/A indicates that the original paper did not explicitly name the proposed attack algorithm.

🛡️ Supported Detection Models in RG-DX

No. RG-DX Name (alias) Original Name (from Paper) Paper Title (Source Website)
1 PSA N/A Preventing Shilling Attack in Online Recommender Systems
2 CFA N/A Classification Features for Attack Detection in Collaborative Recommender Systems
3 DRS N/A Defending recommender systems: detection of profile injection attacks
4 PCA PCASelectUser Unsupervised strategies for shilling detection and robust collaborative filtering
5 SAD Semi-SAD Semi-SAD: Applying Semi-supervised Learning to Shilling Attack Detection
6 FAP N/A Catch the Black Sheep: Unified Framework for Shilling Attack Detection Based on Fraudulent Action Propagation
7 PAD PopSAD Shilling Attack Detection in Recommender Systems via Selecting Patterns Analysis
8 DAD DegreeSAD SDLib Library
9 COD Codetector Collaborative Shilling Detection Bridging Factorization and User Embedding
10 GRF GraphRFI GCN-Based User Representation Learning for Unifying Robust Recommendation and Fraudster Detection
11 RSD N/A Data Poisoning Attacks to Deep Learning Based Recommender Systems
12 SPD SpDetector Fusing hypergraph spectral features for shilling attack detection
13 NFG NFGCN-TIA Detecting shilling groups in online recommender systems based on graph convolutional network
14 DHA DHAGCN A detection method for hybrid attacks in recommender systems
15 SUI N/A Single-User Injection for Invisible Shilling Attack against Recommender Systems
16 AFU Anti-FakeU Anti-FakeU: Defending Shilling Attacks on Graph Neural Network based Recommender Model
17 EDD E-Detector From evaluation to detection: Advancing poisoning attack defense in recommender systems (Ours😄)

Note: N/A indicates that the original paper did not explicitly name the proposed detection algorithm. Additionally, RSD and SUI are detection models proposed in papers that focus on poisoning attacks, and are included here due to their effectiveness.

🧩 Dependency

This library requires Python 3.10 and CUDA 12.4.
We recommend using pip for installation. Please install the following packages in order to ensure compatibility (especially for PyTorch Geometric):

# Install PyTorch (CUDA 12.4)
pip install torch==2.5.1 torchvision==0.20.1 torchaudio==2.5.1 --index-url https://download.pytorch.org/whl/cu124

# Install PyTorch Geometric and its dependencies
pip install pyg_lib torch_scatter torch_sparse torch_cluster torch_spline_conv -f https://data.pyg.org/whl/torch-2.5.1+cu124.html
pip install torch-geometric

# Other core dependencies
pip install scikit-learn pandas packaging pyyaml higher seaborn tabulate

⚠️ Warnings

  1. When generating optimization-based attacks, please ensure that all parameters are set according to the recommended configurations.
  2. The performance of the detection algorithm SpDetector is highly sensitive to hyperparameter settings.
  3. For the sake of fair comparison, some implementations in this repository may slightly differ from the original versions in the papers or official codebases.

📦 Dataset (Synthesized Dataset) Download

To support reproducible evaluation, we provide both:

  • Synthesized datasets that have already been injected with poisoning attacks under various experimental settings;
  • Original recommender datasets used as the foundation for injection and evaluation.
Source Link Notes
Google Drive Download All (Google Drive) Recommended
Baidu Netdisk Download All (Baidu Netdisk) Access code: 6666

After downloading, please extract the folders data/ and save/ into the root directory of the project. The framework will automatically locate and load them.

Directory Structure (after extraction)

  • /config: YAML Files

  • /data: Raw Data

  • /dataloader: Data Handlers

  • /models: Models

  • /save: Stores all essential files for evaluation scenarios.

  • /utils: Utils

  • main.py: Main.py

  • pipeline.py: Pipeline.py

🚀 Launch RecGuard-DetectX (An Example)

Run the following command to execute the detection task with scenario="STD" on GPU 3, and tmp models are saved in ./tmp_3/:

# an example
python main.py --scenario STD --cuda 3 --tmp_dir ./tmp_3/ --Flag_injection true --Flag_detection true --Flag_assess true --Flag_evaluation true

The last four flags can be turned on or off depending on which stages (injection, detection, assessment, evaluation) you want to execute.

About

AN A/D LIBRARY FOR RECOMMENDER SYSTEMS

Resources

Stars

4 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages