Skip to Main Content
Significant vulnerabilities have recently been identified in collaborative filtering recommender systems. Researchers have shown that attackers can manipulate a system's recommendations by injecting biased profiles into it. In this paper, we examine attacks that concentrate on a targeted set of users with similar tastes, biasing the system's responses to these users. We show that such attacks are both pragmatically reasonable and also highly effective against both user-based and item-based algorithms. As a result, an attacker can mount such a "segmented" attack with little knowledge of the specific system being targeted and with strong likelihood of success.