Detection of Shilling Attack Based on T-distribution on the Dynamic Time Intervals in Recommendation Systems

With the development of information technology and the Internet, recommendation systems have become an important means to solve the problem of information overload. However, recommendation system is greatly fragile as it relies heavily on behavior data of users, which makes it very easy for a host of malicious merchants to inject shilling attacks in order to manipulate the recommendation results. Some papers on shilling attack have proposed the detection methods, whether based on false user profiles or abnormal items, but their detection rate, false alarm rate, universality, and time overhead need to be further improved. In this paper, we propose a new item anomaly detection method, through T-distribution technology based on Dynamic Time Intervals. First of all, based on the characteristics of shilling attack quickness (Attackers inject a large number of fake profiles in a short period in order to save costs), we use dynamic time interval method to divide the rating history of item into multiple time windows. Then, we use the T-distribution to detect the exception windows. By conducting extensive experiments on a dataset that accords with real-life situations and comparing it to currently outstanding methods, our proposed approach has a higher detection rate, lower false alarm rate and smaller time overhead to the different attack models and filler sizes.