Thwarting Passive Privacy Attacks in Collaborative Filtering

  • Rui Chen
  • Min Xie
  • Laks V. S. Lakshmanan
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8422)


While recommender systems based on collaborative filtering have become an essential tool to help users access items of interest, it has been indicated that collaborative filtering enables an adversary to perform passive privacy attacks, a type of the most damaging and easy-to-perform privacy attacks. In a passive privacy attack, the dynamic nature of a recommender system allows an adversary with a moderate amount of background knowledge to infer a user’s transaction through temporal changes in the public related-item lists (RILs). Unlike the traditional solutions that manipulate the underlying user-item rating matrix, in this paper, we respond to passive privacy attacks by directly anonymizing the RILs, which are the real outputs rendered to an adversary. This fundamental switch allows us to provide a novel rigorous inference-proof privacy guarantee, known as δ-bound, with desirable data utility and scalability. We propose anonymization algorithms based on suppression and a novel mechanism, permutation, tailored to our problem. Experiments on real-life data demonstrate that our solutions are both effective and efficient.


Recommender System Target Item Target User Collaborative Filter Utility Loss 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Goldberg, D., Nichols, D., Oki, B.M., Terry, D.: Using collaborative filtering to weave an information tapestry. Communications of ACM 35(12), 61–70 (1992)CrossRefGoogle Scholar
  2. 2.
    Calandrino, J.A., Kilzer, A., Narayanan, A., Felten, E.W., Shmatikov, V.: “You might also like”: Privacy risks of collaborative filtering. In: S&P (2011)Google Scholar
  3. 3.
    Polat, H., Du, W.: Privacy-preserving collaborative filtering using randomized perturbation techniques. In: ICDM (2003)Google Scholar
  4. 4.
    McSherry, F., Mironov, I.: Differentially private recommender systems: building privacy into the Netflix prize contenders. In: SIGKDD (2009)Google Scholar
  5. 5.
    Canny, J.: Collaborative filtering with privacy. In: S&P (2002)Google Scholar
  6. 6.
    Canny, J.: Collaborative filtering with privacy via factor analysis. In: SIGIR (2002)Google Scholar
  7. 7.
    Zhang, S., Ford, J., Makedon, F.: A privacy-preserving collaborative filtering scheme with two-way communication. In: EC (2006)Google Scholar
  8. 8.
    Berkvosky, S., Eytani, Y., Kuflik, T., Ricci, F.: Enhancing privacy and preserving accuracy of a distributed collaborative filtering. In: RecSys (2007)Google Scholar
  9. 9.
    Aimeur, E., Brassard, G., Fernandez, J.M., Onana, F.S.M.: ALAMBIC: A privacy-preserving recommender system for electronic commerce. International Journal of Information Security 7(5), 307–334 (2008)CrossRefGoogle Scholar
  10. 10.
    Ahn, J.W., Amatriain, X.: Towards fully distributed and privacy-preserving recommendations via expert collaborative filtering and restful linked data. In: WI-IAT (2010)Google Scholar
  11. 11.
    Li, D., Lv, Q., Xia, H., Shang, L., Lu, T., Gu, N.: Pistis: A privacy-preserving content recommender system for online social communities. In: WI-IAT (2011)Google Scholar
  12. 12.
    Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  13. 13.
    Cormode, G.: Personal privacy vs population privacy: Learning to attack anonymization. In: SIGKDD (2011)Google Scholar
  14. 14.
    Machanavajjhala, A., Korolova, A., Sarma, A.D.: Personalized social recommendations: Accurate or private. PVLDB 4(7), 440–450 (2011)Google Scholar
  15. 15.
    Ghinita, G., Tao, Y., Kalnis, P.: On the anonymization of sparse high-dimensional data. In: ICDE (2008)Google Scholar
  16. 16.
    Su, X., Khoshgoftaar, T.M.: A survey of collaborative filtering techniques. Advances in Artificial Intelligence (2009)Google Scholar
  17. 17.
    Fung, B.C.M., Wang, K., Chen, R., Yu, P.S.: Privacy-preserving data publishing: A survey of recent developments. ACM Computing Surveys 42(4), 14:1–14:53 (2010)Google Scholar
  18. 18.
    Karypis, G.: Evaluation of item-based top-n recommendation algorithms. In: CIKM (2001)Google Scholar
  19. 19.
    Ausiello, G., D’Atri, A., Protasi, M.: Structure preserving reductions among convex optimization problems. Journal of Computer and System Sciences 21(1), 61–70 (1980)CrossRefMathSciNetGoogle Scholar
  20. 20.
    Jamali, M., Ester, M.: A matrix factorization technique with trust propagation for recommendation in social networks. In: RecSys (2010)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Rui Chen
    • 1
  • Min Xie
    • 2
  • Laks V. S. Lakshmanan
    • 2
  1. 1.Department of Computer ScienceHong Kong Baptist UniversityHong Kong
  2. 2.Department of Computer ScienceUniversity of British ColumbiaCanada

Personalised recommendations