{"id":"https://openalex.org/W4224942092","doi":"https://doi.org/10.24963/ijcai.2022/306","title":"Poisoning Deep Learning Based Recommender Model in Federated Learning Scenarios","display_name":"Poisoning Deep Learning Based Recommender Model in Federated Learning Scenarios","publication_year":2022,"publication_date":"2022-07-01","ids":{"openalex":"https://openalex.org/W4224942092","doi":"https://doi.org/10.24963/ijcai.2022/306"},"language":"en","primary_location":{"id":"doi:10.24963/ijcai.2022/306","is_oa":true,"landing_page_url":"https://doi.org/10.24963/ijcai.2022/306","pdf_url":"https://www.ijcai.org/proceedings/2022/0306.pdf","source":{"id":"https://openalex.org/S4363608755","display_name":"Proceedings of the Thirty-First International Joint Conference on Artificial Intelligence","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Thirty-First International Joint Conference on Artificial Intelligence","raw_type":"proceedings-article"},"type":"article","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://www.ijcai.org/proceedings/2022/0306.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5018076335","display_name":"Dazhong Rong","orcid":"https://orcid.org/0000-0001-6486-9707"},"institutions":[{"id":"https://openalex.org/I168879160","display_name":"Zhejiang University of Science and Technology","ror":"https://ror.org/05mx0wr29","country_code":"CN","type":"education","lineage":["https://openalex.org/I168879160"]},{"id":"https://openalex.org/I76130692","display_name":"Zhejiang University","ror":"https://ror.org/00a2xv884","country_code":"CN","type":"education","lineage":["https://openalex.org/I76130692"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Dazhong Rong","raw_affiliation_strings":["Zhejiang University","College of Computer Science and Technology, Zhejiang University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Zhejiang University","institution_ids":["https://openalex.org/I76130692"]},{"raw_affiliation_string":"College of Computer Science and Technology, Zhejiang University","institution_ids":["https://openalex.org/I168879160"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101438463","display_name":"Qinming He","orcid":"https://orcid.org/0000-0001-5147-7253"},"institutions":[{"id":"https://openalex.org/I168879160","display_name":"Zhejiang University of Science and Technology","ror":"https://ror.org/05mx0wr29","country_code":"CN","type":"education","lineage":["https://openalex.org/I168879160"]},{"id":"https://openalex.org/I76130692","display_name":"Zhejiang University","ror":"https://ror.org/00a2xv884","country_code":"CN","type":"education","lineage":["https://openalex.org/I76130692"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qinming He","raw_affiliation_strings":["Zhejiang University","College of Computer Science and Technology, Zhejiang University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Zhejiang University","institution_ids":["https://openalex.org/I76130692"]},{"raw_affiliation_string":"College of Computer Science and Technology, Zhejiang University","institution_ids":["https://openalex.org/I168879160"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101505891","display_name":"Jianhai Chen","orcid":"https://orcid.org/0000-0003-3524-3443"},"institutions":[{"id":"https://openalex.org/I168879160","display_name":"Zhejiang University of Science and Technology","ror":"https://ror.org/05mx0wr29","country_code":"CN","type":"education","lineage":["https://openalex.org/I168879160"]},{"id":"https://openalex.org/I76130692","display_name":"Zhejiang University","ror":"https://ror.org/00a2xv884","country_code":"CN","type":"education","lineage":["https://openalex.org/I76130692"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jianhai Chen","raw_affiliation_strings":["Zhejiang University","College of Computer Science and Technology, Zhejiang University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Zhejiang University","institution_ids":["https://openalex.org/I76130692"]},{"raw_affiliation_string":"College of Computer Science and Technology, Zhejiang University","institution_ids":["https://openalex.org/I168879160"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":3.9449,"has_fulltext":true,"cited_by_count":42,"citation_normalized_percentile":{"value":0.94937715,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"2204","last_page":"2210"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10203","display_name":"Recommender Systems and Techniques","score":0.9972000122070312,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11273","display_name":"Advanced Graph Neural Networks","score":0.994700014591217,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/recommender-system","display_name":"Recommender system","score":0.878121018409729},{"id":"https://openalex.org/keywords/upload","display_name":"Upload","score":0.867466390132904},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8460766077041626},{"id":"https://openalex.org/keywords/federated-learning","display_name":"Federated learning","score":0.610561192035675},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.4952813684940338},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.48643994331359863},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.441273033618927},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3219796419143677},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3079741597175598},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.3052406907081604}],"concepts":[{"id":"https://openalex.org/C557471498","wikidata":"https://www.wikidata.org/wiki/Q554950","display_name":"Recommender system","level":2,"score":0.878121018409729},{"id":"https://openalex.org/C71901391","wikidata":"https://www.wikidata.org/wiki/Q7126699","display_name":"Upload","level":2,"score":0.867466390132904},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8460766077041626},{"id":"https://openalex.org/C2992525071","wikidata":"https://www.wikidata.org/wiki/Q50818671","display_name":"Federated learning","level":2,"score":0.610561192035675},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.4952813684940338},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.48643994331359863},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.441273033618927},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3219796419143677},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3079741597175598},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3052406907081604},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.24963/ijcai.2022/306","is_oa":true,"landing_page_url":"https://doi.org/10.24963/ijcai.2022/306","pdf_url":"https://www.ijcai.org/proceedings/2022/0306.pdf","source":{"id":"https://openalex.org/S4363608755","display_name":"Proceedings of the Thirty-First International Joint Conference on Artificial Intelligence","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Thirty-First International Joint Conference on Artificial Intelligence","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2204.13594","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2204.13594","pdf_url":"https://arxiv.org/pdf/2204.13594","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"}],"best_oa_location":{"id":"doi:10.24963/ijcai.2022/306","is_oa":true,"landing_page_url":"https://doi.org/10.24963/ijcai.2022/306","pdf_url":"https://www.ijcai.org/proceedings/2022/0306.pdf","source":{"id":"https://openalex.org/S4363608755","display_name":"Proceedings of the Thirty-First International Joint Conference on Artificial Intelligence","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Thirty-First International Joint Conference on Artificial Intelligence","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4224942092.pdf","grobid_xml":"https://content.openalex.org/works/W4224942092.grobid-xml"},"referenced_works_count":30,"referenced_works":["https://openalex.org/W1977290284","https://openalex.org/W2140310134","https://openalex.org/W2341497066","https://openalex.org/W2509109313","https://openalex.org/W2541884796","https://openalex.org/W2605350416","https://openalex.org/W2748789698","https://openalex.org/W2750814160","https://openalex.org/W2767669124","https://openalex.org/W2807899908","https://openalex.org/W2810065831","https://openalex.org/W2892160417","https://openalex.org/W2913777072","https://openalex.org/W2962712142","https://openalex.org/W2963516811","https://openalex.org/W2990614164","https://openalex.org/W3048715803","https://openalex.org/W3064112253","https://openalex.org/W3093753441","https://openalex.org/W3094605801","https://openalex.org/W3119520312","https://openalex.org/W3153325943","https://openalex.org/W3174074918","https://openalex.org/W3208338073","https://openalex.org/W4226021524","https://openalex.org/W4226493408","https://openalex.org/W4318619660","https://openalex.org/W6791858558","https://openalex.org/W6803771590","https://openalex.org/W6863631769"],"related_works":["https://openalex.org/W2944823289","https://openalex.org/W3037018281","https://openalex.org/W4390273403","https://openalex.org/W2003209439","https://openalex.org/W4386781444","https://openalex.org/W4321854979","https://openalex.org/W2358319515","https://openalex.org/W2972592048","https://openalex.org/W2150182025","https://openalex.org/W4292794330"],"abstract_inverted_index":{"Various":[0],"attack":[1,87,137],"methods":[2],"against":[3],"recommender":[4,18,70,93],"systems":[5,19],"have":[6,20,64],"been":[7],"proposed":[8],"in":[9,80,95],"the":[10,14,40,45,132,136,140],"past":[11],"years,":[12],"and":[13,118,135],"security":[15],"issues":[16],"of":[17,47],"drawn":[21],"considerable":[22],"attention.":[23],"Traditional":[24],"attacks":[25,101,128],"attempt":[26],"to":[27,32,67,85,109],"make":[28],"target":[29,133],"items":[30],"recommended":[31],"as":[33,36],"many":[34],"users":[35,108],"possible":[37],"by":[38],"poisoning":[39],"training":[41],"data.":[42],"Benifiting":[43],"from":[44],"feature":[46],"protecting":[48],"users'":[49],"private":[50],"data,":[51],"federated":[52,69,75,96],"recommendation":[53,76],"can":[54,129],"effectively":[55,130],"defend":[56],"such":[57],"attacks.":[58],"Therefore,":[59],"quite":[60],"a":[61],"few":[62],"works":[63],"devoted":[65],"themselves":[66],"developing":[68],"systems.":[71],"For":[72],"proving":[73],"current":[74],"is":[77],"still":[78],"vulnerable,":[79],"this":[81],"work":[82],"we":[83],"probe":[84],"design":[86],"approaches":[88],"targeting":[89],"deep":[90],"learning":[91,97],"based":[92,111],"models":[94],"scenarios.":[98],"Specifically,":[99],"our":[100,126],"generate":[102],"poisoned":[103],"gradients":[104],"for":[105],"manipulated":[106],"malicious":[107],"upload":[110],"on":[112],"two":[113],"strategies":[114],"(i.e.,":[115],"random":[116],"approximation":[117],"hard":[119],"user":[120],"mining).":[121],"Extensive":[122],"experiments":[123],"show":[124],"that":[125],"well-designed":[127],"poison":[131],"models,":[134],"effectiveness":[138],"sets":[139],"state-of-the-art.":[141]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":11},{"year":2024,"cited_by_count":20},{"year":2023,"cited_by_count":7},{"year":2021,"cited_by_count":1}],"updated_date":"2026-06-12T08:23:45.883708","created_date":"2022-11-28T00:00:00"}