Take this personally: pollution attacks on personalized services
作者: Dan Doozan , Nick Feamster , Alex C. Snoeren , Wenke Lee , Xinyu Xing
DOI:
关键词:
摘要: Modern Web services routinely personalize content to appeal the specific interests, viewpoints, and contexts of individual users. Ideally, personalization allows sites highlight information uniquely relevant each their users, thereby increasing user satisfaction--and, eventually, service's bottom line. Unfortunately, as we demonstrate in this paper, mechanisms currently employed by popular have not been hardened against attack. We show that third parties can manipulate them increase visibility arbitrary content--whether it be a new YouTube video, an unpopular product on Amazon, or low-ranking website Google search returns. In particular, attackers inject into users' profiles these services, perturbing results services' algorithms. While details our exploits are tailored service, general approach is likely apply quite broadly. By demonstrating attack three class vulnerability attacker affect user's experience with unbeknownst service provider.
elsevier.com
acm.org
rackcdn.com 参考文章(15)
Vitaly Shmatikov, George Danezis, Yan Chen, Proceedings of the 18th ACM conference on Computer and communications security computer and communications security. ,(2011)
Chenhao Tan, Evgeniy Gabrilovich, Bo Pang, To each his own Proceedings of the fifth ACM international conference on Web search and data mining - WSDM '12. pp. 233- 242 ,(2012) , 10.1145/2124295.2124325
Mariam Daoud, Lynda Tamine-Lechani, Mohand Boughanem, Bilal Chebaro, A session based personalized search using an ontological user profile acm symposium on applied computing. pp. 1732- 1736 ,(2009) , 10.1145/1529282.1529670
Smitha Sriram, Xuehua Shen, Chengxiang Zhai, A session-based search engine Proceedings of the 27th annual international conference on Research and development in information retrieval - SIGIR '04. pp. 492- 493 ,(2004) , 10.1145/1008992.1009086
James Davidson, Blake Livingston, Dasarathi Sampath, Benjamin Liebald, Junning Liu, Palash Nandy, Taylor Van Vleet, Ullas Gargi, Sujoy Gupta, Yu He, Mike Lambert, The YouTube video recommendation system Proceedings of the fourth ACM conference on Recommender systems - RecSys '10. pp. 293- 296 ,(2010) , 10.1145/1864708.1864770
Long Lu, Roberto Perdisci, Wenke Lee, SURF Proceedings of the 18th ACM conference on Computer and communications security - CCS '11. pp. 467- 476 ,(2011) , 10.1145/2046707.2046762
David Sontag, Kevyn Collins-Thompson, Paul N. Bennett, Ryen W. White, Susan Dumais, Bodo Billerbeck, Probabilistic models for personalizing web search Proceedings of the fifth ACM international conference on Web search and data mining - WSDM '12. pp. 433- 442 ,(2012) , 10.1145/2124295.2124348
Nicolaas Matthijs, Filip Radlinski, Personalizing web search using long term browsing history web search and data mining. pp. 25- 34 ,(2011) , 10.1145/1935826.1935840
Jaime Teevan, Susan T. Dumais, Eric Horvitz, Personalizing search via automated analysis of interests and activities international acm sigir conference on research and development in information retrieval. ,vol. 51, pp. 449- 456 ,(2005) , 10.1145/1076034.1076111
Paul N. Bennett, Filip Radlinski, Ryen W. White, Emine Yilmaz, Inferring and using location metadata to personalize web search international acm sigir conference on research and development in information retrieval. pp. 135- 144 ,(2011) , 10.1145/2009916.2009938