The Copied Item Injection Attack
نویسندگان
چکیده
In many web communities, users are assigned a reputation based on ratings on their past contributions, and this reputation in turn influences the recommendation level of their future contributions. In this type of system, there is potentially an incentive for authors to copy highly-rated content in order to boost their reputation and influence within the system. We describe this strategy as a copied-item injection attack. We conduct an empirical study of this attack on the online news discussion forum Slashdot. We find evidence of its use and demonstrate its effectiveness in eliciting high ratings. We explore variants of this attack in other domains and discuss potential countermeasures..
منابع مشابه
Defending Grey Attacks by Exploiting Wavelet Analysis in Collaborative Filtering Recommender Systems
“Shilling” attacks or “profile injection” attacks have always major challenges in collaborative filtering recommender systems (CFRSs). Many efforts have been devoted to improve collaborative filtering techniques which can eliminate the “shilling” attacks. However, most of them focused on detecting push attack or nuke attack which is rated with the highest score or lowest score on the target ite...
متن کاملSide channel parameter characteristics of code injection attacks
Embedded systems are suggestive targets for code injection attacks in the recent years. Software protection mechanisms, and in general computers, are not usually applicable in embedded systems since they have limited resources like memory and process power. In this paper we investigate side channel characteristics of embedded systems and their applicability in code injection attack detection. T...
متن کاملAttacks on Android Clipboard
In this paper, we perform a thorough study on the risks imposed by the globally accessible Android Clipboard. Based on the risk assessment, we formulate a series of attacks and categorize them into two groups, i.e., manipulation and stealing. Clipboard data manipulation may lead to common code injection attacks, like JavaScript injection and command injection. Furthermore, it can also cause phi...
متن کاملDetecting measurement disturbance effects: the graphical display of item characteristics.
Traditional identification of misfitting items in Rasch measurement models have interpreted the Infit and Outfit z standardized statistic. A more recent approach made possible by Winsteps is to specify "group = 0" in the control file and subsequently view the item characteristic curve for each item against the true probability curve. The graphical display reveals whether an item follows the tru...
متن کاملCollaborative Recommendation Vulnerability To Focused Bias Injection Attacks∗
Significant vulnerabilities have recently been identified in collaborative recommender systems. Attackers who cannot be readily distinguished from ordinary users may inject biased data in an attempt to force the system to “adapt” in a manner advantageous to them. Researchers have studied simple attack models and their impact on a system’s population of users. In this paper, we examine attacks t...
متن کامل