TY - GEN
T1 - "You might also like:" Privacy risks of collaborative filtering
AU - Calandrino, Joseph A.
AU - Kilzer, Ann
AU - Narayanan, Arvind
AU - Felten, Edward W.
AU - Shmatikov, Vitaly
PY - 2011
Y1 - 2011
N2 - Many commercial websites use recommender systems to help customers locate products and content. Modern recommenders are based on collaborative filtering: they use patterns learned from users' behavior to make recommendations, usually in the form of related-items lists. The scale and complexity of these systems, along with the fact that their outputs reveal only relationships between items (as opposed to information about users), may suggest that they pose no meaningful privacy risk. In this paper, we develop algorithms which take a moderate amount of auxiliary information about a customer and infer this customer's transactions from temporal changes in the public outputs of a recommender system. Our inference attacks are passive and can be carried out by any Internet user. We evaluate their feasibility using public data from popular websites Hunch, Last.fm, LibraryThing, and Amazon.
AB - Many commercial websites use recommender systems to help customers locate products and content. Modern recommenders are based on collaborative filtering: they use patterns learned from users' behavior to make recommendations, usually in the form of related-items lists. The scale and complexity of these systems, along with the fact that their outputs reveal only relationships between items (as opposed to information about users), may suggest that they pose no meaningful privacy risk. In this paper, we develop algorithms which take a moderate amount of auxiliary information about a customer and infer this customer's transactions from temporal changes in the public outputs of a recommender system. Our inference attacks are passive and can be carried out by any Internet user. We evaluate their feasibility using public data from popular websites Hunch, Last.fm, LibraryThing, and Amazon.
UR - http://www.scopus.com/inward/record.url?scp=80051990341&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=80051990341&partnerID=8YFLogxK
U2 - 10.1109/SP.2011.40
DO - 10.1109/SP.2011.40
M3 - Conference contribution
AN - SCOPUS:80051990341
SN - 9780769544021
T3 - Proceedings - IEEE Symposium on Security and Privacy
SP - 231
EP - 246
BT - Proceedings - 2011 IEEE Symposium on Security and Privacy, SP 2011
T2 - 2011 IEEE Symposium on Security and Privacy, SP 2011
Y2 - 22 May 2011 through 25 May 2011
ER -