Shibam Mukherjee,Roman Walch,Fredrik Meisingseth,Elisabeth Lex,Christian Rechberger

2024-05-31

Abstract:Recommender systems are an integral part of online platforms that recommend new content to users with similar interests. However, they demand a considerable amount of user activity data where, if the data is not adequately protected, constitute a critical threat to the user privacy. Privacy-aware recommender systems enable protection of such sensitive user data while still maintaining a similar recommendation accuracy compared to the traditional non-private recommender systems. However, at present, the current privacy-aware recommender systems suffer from a significant trade-off between privacy and computational efficiency. For instance, it is well known that architectures that rely purely on cryptographic primitives offer the most robust privacy guarantees, however, they suffer from substantial computational and network overhead. Thus, it is crucial to improve this trade-off for better performance. This paper presents a novel privacy-aware recommender system that combines privacy-aware machine learning algorithms for practical scalability and efficiency with cryptographic primitives like Homomorphic Encryption and Multi-Party Computation - without assumptions like trusted-party or secure hardware - for solid privacy guarantees. Experiments on standard benchmark datasets show that our approach results in time and memory gains by three orders of magnitude compared to using cryptographic primitives in a standalone for constructing a privacy-aware recommender system. Furthermore, for the first time our method makes it feasible to compute private recommendations for datasets containing 100 million entries, even on memory-constrained low-power SOC (System on Chip) devices.

Cryptography and Security

Junwei Luo,Xun Yi,Fengling Han,Xuechao Yang,Xu Yang

DOI: https://doi.org/10.1007/978-3-031-23020-2_22

2022-01-01

Abstract:Recommender systems help online services deliver personalised content and facilitate information overload. Collaborative Filtering is a commonly used technique for building recommender systems. It analyses data collected from users in order to predict their preferences, this causes concerns over the privacy and security of the data as conventional techniques do not prioritise data privacy. Incorporating cryptography into recommender systems resolves the privacy issues, and yet it is impractical in many cases due to the computational overhead imposed by the cryptography and the sheer amount of data needed for computations. In this paper, we propose an efficient clustering-based privacy-preserving recommender system. The system employs homomorphic encryption for protecting user data while retaining the ability to generate recommendations using Collaborative Filtering. To facilitate information overload, a secure clustering technique is adopted to partition data prior to generating recommendations. The proposed system is secure under the semi-honest adversary model. Experiments show that the proposed system is efficient, scalable and produces accurate recommendations.

Chaochao Chen,Ziqi Liu,Peilin Zhao,Jun Zhou,Xiaolong Li

DOI: https://doi.org/10.1609/aaai.v32i1.11244

2018-01-01

Proceedings of the AAAI Conference on Artificial Intelligence

Abstract:Points of interest (POI) recommendation has been drawn much attention recently due to the increasing popularity of location-based networks, e.g., Foursquare and Yelp. Among the existing approaches to POI recommendation, Matrix Factorization (MF) based techniques have proven to be effective. However, existing MF approaches suffer from two major problems: (1) Expensive computations and storages due to the centralized model training mechanism: the centralized learners have to maintain the whole user-item rating matrix, and potentially huge low rank matrices. (2) Privacy issues: the users' preferences are at risk of leaking to malicious attackers via the centralized learner. To solve these, we present a Decentralized MF (DMF) framework for POI recommendation. Specifically, instead of maintaining all the low rank matrices and sensitive rating data for training, we propose a random walk based decentralized training technique to train MF models on each user's end, e.g., cell phone and Pad. By doing so, the ratings of each user are still kept on one's own hand, and moreover, decentralized learning can be taken as distributed learning with multi-learners (users), and thus alleviates the computation and storage issue. Experimental results on two real-world datasets demonstrate that, comparing with the classic and state-of-the-art latent factor models, DMF significantly improvements the recommendation performance in terms of precision and recall.

Xiaohan Niu,Xing Zhang,Zhiguang Chu,Xiang Li

DOI: https://doi.org/10.1109/ICCCBDA56900.2023.10154763

2023-01-01

Abstract:Federated collaborative filtering trains models by uploading gradients to achieve privacy protection. Recent studies have shown that gradients have the risk of compromising user privacy. To address this problem, this paper proposes a general federal framework based on Paillier semi-homomorphic encryption for implicit feedback recommendation with privacy protection. First, a non-sampling matrix decomposition model based on the federation framework is designed, and alternating least squares (ALS) and stochastic gradient descent (SGD) are used to optimize the user factor and item factor, respectively, to achieve improved recommendation accuracy and recommendation efficiency while ensuring certain privacy protection. Then, the privacy protection is further enhanced by encrypting the gradients using Paillier semi-homomorphic encryption and transmitting the encrypted gradients via TLS/SSL secure channel. Since the encryption process does not need to obfuscate the data, the method is lossless and ensures the accuracy of recommendations. Finally, experimental analysis is performed on the publicly available MovieLens dataset. The experimental results show that the method is able to enhance privacy protection as well as improve recommendation performance with higher recommendation efficiency and lower time overhead.

Jun Wang,Afonso Arriaga,Qiang Tang,Peter Y.A. Ryan

DOI: https://doi.org/10.48550/arXiv.1802.02432

2018-05-13

Abstract:Recommender systems rely on large datasets of historical data and entail serious privacy risks. A server offering Recommendation as a Service to a client might leak more information than necessary regarding its recommendation model and dataset. At the same time, the disclosure of the client's preferences to the server is also a matter of concern. Devising privacy-preserving protocols using general cryptographic primitives (e.g., secure multi-party computation or homomorphic encryption), is a typical approach to overcome privacy concerns, but in conjunction with state-of-the-art recommender systems often yields far-from-practical solutions. In this paper, we tackle this problem from the direction of constructing crypto-friendly machine learning algorithms. In particular, we propose CryptoRec, a secure two-party computation protocol for Recommendation as a Service, which encompasses a novel recommender system. This model possesses two interesting properties: (1) It models user-item interactions in an item-only latent feature space in which personalized user representations are automatically captured by an aggregation of pre-learned item features. This means that a server with a pre-trained model can provide recommendations for a client whose data is not in its training set. Nevertheless, re-training the model with the client's data still improves accuracy. (2) It only uses addition and multiplication operations, making the model straightforwardly compatible with homomorphic encryption schemes. We demonstrate the efficiency and accuracy of CryptoRec on three real-world datasets. CryptoRec allows a server with thousands of items to privately answer a prediction query within a few seconds on a single PC, while its prediction accuracy is still competitive with state-of-the-art recommender systems computing over clear data.

Cryptography and Security

Yongjie Du,Deyun Zhou,Yu Xie,Jiao Shi,Maoguo Gong

DOI: https://doi.org/10.1016/j.asoc.2021.107700

IF: 8.7

2021-01-01

Applied Soft Computing

Abstract:Recommender systems recommend contents or services via collecting and analyzing numerous user data, which may raise serious privacy concerns when the recommender is untrusted. Inspired by federated learning, a user-level distributed matrix factorization framework has been proposed where the model can be learned via collecting gradient information from users (instead of the raw data). This approach focuses on protecting model-privacy and value-privacy from untrusted recommender but has limited consideration on existence-privacy. To address this issue, we enhance the aforementioned framework with Homomorphic Encryption and randomized response. Extensive experiments demonstrate that our method can provide more secure protection for users’ privacy with less performance degradation and smaller computational burden.

Enyue Yang,Weike Pan,Qiang Yang,Zhong Ming

DOI: https://doi.org/10.1145/3652853

IF: 4.657

2024-03-18

ACM Transactions on Information Systems

Abstract:Recently, federated recommendation has become a research hotspot mainly because of users’ awareness of privacy in data. As a recent and important recommendation problem, in heterogeneous one-class collaborative filtering (HOCCF), each user may involve of two different types of implicit feedback, i.e., examinations and purchases. So far, privacy-preserving HOCCF has received relatively little attention. Existing federated recommendation works often overlook the fact that some privacy sensitive behaviors such as purchases should be collected to ensure the basic business imperatives in e-commerce for example. Hence, the user privacy constraints can and should be relaxed while deploying a recommendation system in real scenarios. In this paper, we study the federated multi-behavior recommendation problem under the assumption that purchase behaviors can be collected. Moreover, there are two additional challenges that need to be addressed when deploying federated recommendation. One is the low storage capacity for users’ devices to store all the item vectors, and the other is the low computational power for users to participate in federated learning. To release the potential of privacy-preserving HOCCF, we propose a novel framework, named discrete federated multi-behavior recommendation (DFMR), which allows the collection of the business necessary behaviors (i.e., purchases) by the server. As to reduce the storage overhead, we use discrete hashing techniques, which can compress the parameters down to 1.56% of the real-valued parameters. To further improve the computation-efficiency, we design a memorization strategy in the cache updating module to accelerate the training process. Extensive experiments on four public datasets show the superiority of our DFMR in terms of both accuracy and efficiency.

computer science, information systems

Enyue Yang,Yunfeng Huang,Feng Liang,Weike Pan,Zhong Ming,Enyue Yang,Yunfeng Huang,Feng Liang,Weike Pan,Zhong Ming

DOI: https://doi.org/10.1016/j.knosys.2021.106946

2021-05-01

Abstract:<p>Protecting users' privacy has drawn tremendous attention from the community of recommender systems, i.e., both the original data and the learned model parameters should not be exposed. Federated learning is an emerging and promising paradigm, where a server collects gradients from multiple distributed parts and then updates the model parameters with the aggregated gradients. However, there are some security issues neglected in existing works. For example, the server may infer the users' rating behaviors on the items via the received gradients. In this paper, we focus on heterogeneous collaborative filtering (HCF) by exploiting users' different types of feedback such as 5-star numerical ratings and like/dislike binary ratings in a privacy-aware manner. Specifically, we design a novel and generic federated matrix factorization algorithm for HCF, i.e., federated collective matrix factorization (FCMF). The main goal of our FCMF is to leverage the heterogeneous feedback data to accurately estimate users' preferences on the premise of protecting users' private information. Therefore, we keep the original rating data and the users' latent feature vectors locally, and choose the low sensitive items' latent vectors as a bridge for joint training. Furthermore, we use homomorphic encryption and differential privacy to ensure the security of both participants in collective training. To study the effectiveness of our FCMF, we conduct extensive empirical studies on four real-world datasets and find that our FCMF is equivalent to the centralized method that aggregates the heterogeneous data in one single place. Moreover, the introduction of homomorphic encryption and differential privacy do not affect the recommendation accuracy much.</p>

computer science, artificial intelligence

Bin Xue,Qinghua Zheng,Weihu Zhao,Zhinan Li,Tianrun Cui,Xue Feng

DOI: https://doi.org/10.1109/ICAICA58456.2023.10405503

2023-01-01

Abstract:Federated relationship recommendation is a growing technology trend in future intelligent system. Over the recent years, federated recommendation has recorded an exponential growth, leading to millions of intelligent equipments, and still increasing. However, privacy-preserving is an intractable problem in modern digital systems. In this paper, a comprehensive review of privacy-preserving federated recommendation is presented. Particularly, three kinds of federated recommendation methods are reviewed based on matrix factorization, neural network and other algorithms. Moreover, five authoritative datasets and three general evaluation metrics are mainly described. Simultaneously, a serious of outstanding federated recommender systems with related research discussions are provided. Finally, some potential future works will be tried to improve the application performance.

Xu Yang,Yuchuan Luo,Shaojing Fu,Ming Xu,Yingwen Chen

DOI: https://doi.org/10.3390/app122111118

2022-01-01

Abstract:Collaborative filtering is a popular approach for building an efficient and scalable recommender system. However, it has not unleashed its full potential due to the following problems. (1) Serious privacy concerns: collaborative filtering relies on aggregated user data to make personalized predictions, which means that the centralized server can access and compromise user privacy. (2) Expensive resources required: conventional collaborative filtering techniques require a server with powerful computing capacity and large storage space, so that the server can train and maintain the model. (3) Considering only one form of user feedback: most existing works aim to model user preferences based on explicit feedback (e.g., ratings) or implicit feedback (e.g., purchase history, viewing history) due to their heterogeneous representation; however, these two forms of feedback are abundant in most collaborative filtering applications, can both affect the model, and very few works studied the simultaneous use thereof. To solve the above problems, in this study we focus on implementing decentralized probabilistic matrix factorization for privacy-preserving recommendations. First, we explore the existing collaborative filtering algorithms and propose a probabilistic matrix co-factorization model. By integrating explicit and implicit feedback into a shared probabilistic model, the model can cope with the heterogeneity between these two forms of feedback. Further, we devise a decentralized learning method that allows users to keep their private data on the end devices. A novel decomposing strategy is proposed for users to exchange only non-private information, in which stochastic gradient descent is used for updating the models. Complexity analysis proves that our method is highly efficient with linear computation and communication complexity. Experiments conducted on two real-world datasets FilmTrust and Epinions show that our model gains a guarantee of convergence as the RMSE decreases quickly within 100 rounds of iterations. Compared with the state-of-the-art models, our model achieves lower model loss in rating prediction task and higher precision in item recommendation task.

Ahmed M. Elmisery,Seungmin Rho,Dmitri Botvich

DOI: https://doi.org/10.13140/2.1.1714.5289

2014-11-14

Abstract:The current business model for existing recommender services is centered around the availability of users' personal data at their side whereas consumers have to trust that the recommender service providers will not use their data in a malicious way. With the increasing number of cases for privacy breaches, different countries and corporations have issued privacy laws and regulations to define the best practices for the protection of personal information. The data protection directive 95/46/EC and the privacy principles established by the Organization for Economic Cooperation and Development (OECD) are examples of such regulation frameworks. In this paper, we assert that utilizing third-party recommender services to generate accurate referrals are feasible, while preserving the privacy of the users' sensitive information which will be residing on a clear form only on his/her own device. As a result, each user who benefits from the third-party recommender service will have absolute control over what to release from his/her own preferences. We proposed a collaborative privacy middleware that executes a two stage concealment process within a distributed data collection protocol in order to attain this claim. Additionally, the proposed solution complies with one of the common privacy regulation frameworks for fair information practice in a natural and functional way -which is OECD privacy principles. The approach presented in this paper is easily integrated into the current business model as it is implemented using a middleware that runs at the end-users side and utilizes the social nature of content distribution services to implement a topological data collection protocol.

Cryptography and Security,Information Retrieval

Liu Yang,Junxue Zhang,Di Chai,Leye Wang,Kun Guo,Kai Chen,Qiang Yang

DOI: https://doi.org/10.1007/978-3-031-28996-5_3

2023-01-01

Abstract:Federated recommendation addresses the data silo and privacy problems altogether for recommender systems. Current federated recommender systems mainly utilize cryptographic or obfuscation methods to protect the original ratings from leakage. However, the former comes with extra communication and computation costs, and the latter damages model accuracy. Neither of them could simultaneously satisfy the real-time feedback and accurate personalization requirements of recommender systems. In this work, we proposed federated masked matrix factorization (FedMMF) to protect the data privacy in federated recommender systems without sacrificing efficiency and effectiveness. In more details, we introduce the new idea of personalized mask generated only from local data and apply it in FedMMF. On the one hand, personalized mask offers protection for participants' private data without effectiveness loss. On the other hand, combined with the adaptive secure aggregation protocol, personalized mask could further improve efficiency. Theoretically, we provide security analysis for personalized mask. Empirically, we also show the superiority of the designed model on different real-world data sets.

Mengwei Hou,Rong Wei,Tiangang Wang,Yu Cheng,Buyue Qian

DOI: https://doi.org/10.3970/cmc.2018.02438

2018-01-01

Abstract:Collaborative filtering (CF) methods are widely adopted by existing medical recommendation systems, which can help clinicians perform their work by seeking and recommending appropriate medical advice. However, privacy issue arises in this process as sensitive patient private data are collected by the recommendation server. Recently proposed privacy-preserving collaborative filtering methods, using computation-intensive cryptography techniques or data perturbation techniques are not appropriate in medical online service. The aim of this study is to address the privacy issues in the context of neighborhood-based CF methods by proposing a Privacy Preserving Medical Recommendation (PPMR) algorithm, which can protect patients' treatment information and demographic information during online recommendation process without compromising recommendation accuracy and efficiency. The proposed algorithm includes two privacy preserving operations: Private Neighbor Selection and Neighborhood-based Differential Privacy Recommendation. Private Neighbor Selection is conducted on the basis of the notion of k-anonymity method, meaning that neighbors are privately selected for the target user according to his/her similarities with others. Neighborhood-based Differential Privacy Recommendation and a differential privacy mechanism are introduced in this operation to enhance the performance of recommendation. Our algorithm is evaluated using the real-world hospital EMRs dataset. Experimental results demonstrate that the proposed method achieves stable recommendation accuracy while providing comprehensive privacy for individual patients.

Eric Appiah Mantey,Conghua Zhou,Joseph Henry Anajemba,John Kingsley Arthur,Yasir Hamid,Atif Chowhan,Obinna Ogbonnia Otuu

DOI: https://doi.org/10.1109/JBHI.2024.3350232

Abstract:The concept of Federated Learning (FL) is a distributed-based machine learning (ML) approach that trains its model using edge devices. Its focus is on maintaining privacy by transmitting gradient updates along with users' learning parameters to the global server in the process of training as well as preserving the integrity of data on the user-end of internet of medical things (IoMT) devices. Instead of a direct use of user data, the training which is performed on the global server is done on the parameters while the model modification is performed locally on IoMT devices. But the major drawback of this federated learning approach is its inability to preserve user privacy complete thereby resulting in gradients leakage. Thus, this study first presents a summary of the process of learning and further proposes a new approach for federated medical recommender system which employs the use of homomorphic cryptography to ensure a more privacy-preservation of user gradients during recommendations. The experimental results indicate an insignificant decrease with respect to the metrics of accuracy, however, a greater percentage of user-privacy is achieved. Further analysis also shows that performing computations on encrypted gradients at the global server scarcely has any impact on the output of the recommendation while guaranteeing a supplementary secure channel for transmitting user-based gradients back and forth the global server. The result of this analysis indicates that the performance of federated stochastic modification minimized gradient (FSMMG) algorithm is greatly increased at every given increase in the number of users and a good convergence is achieved as well. Also, experiments indicate that when compared against other existing techniques, the proposed FSMMG outperforms at 98.3% encryption accuracy.

Chongjing Sun,Yan Fu,Hui Gao,Junlin Zhou

DOI: https://doi.org/10.15866/irecos.v8i10.3501

2013-01-01

Abstract:At present, collaborative filtering has been wildly used in many fields such as e-commerce, search engineering, and etc. To produce a better recommendation, many data owners want to collaborative with each other to build a shared model. Considering the privacy problem, the data owner is reluctant to reveal its data to others. To solve this problem, we present a privacy-preserving approach using the secure set operations and encryption methods. In our method, firstly the private set intersection cardinality protocol is adopted to compute the user similarities. Then our method uses the homomorphic encryption to compute the predicted rating values for the unrated items. Finally, the model recommends the top-k unrated items to each user. We show that the distributed collaborative filtering based on our approach can provide zero loss of accuracy in the recommendation while preserving the privacy of different data owners.

Miao Hu,Di Wu,Run Wu,Zhenkai Shi,Min Chen,Yipeng Zhou

DOI: https://doi.org/10.1109/tsc.2021.3065035

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:In today's Internet, recommender systems play an indispensable role in helping users discover items of interests, such as products, books, movies and so on. However, a higher recommendation accuracy is commonly at the cost of more disclosure of user privacy. Thus, a wider adoption of recommender systems poses significant security and privacy concerns to users. In this article, we propose a light-weight privacy-preserving framework called RAP for recommender systems, which can protect user privacy while still ensuring a high recommendation accuracy. Instead of directly sending users’ private ratings to the recommender, users first conduct a local perturbation operation on private ratings, and then send the perturbed ratings to the recommender. The recommender can run recommendation algorithms directly over the perturbed ratings and return the results to users. Different from crypto-based methods, our perturbation and de-perturbation methods are linear operations. Thus, RAP is light-weight and highly efficient in privacy protection. To be more rigorous, we formally prove that the order of recommendation accuracy will not decrease when our RAP framework is applied to any MF (Matrix Factorization)-based recommender systems. We also derive the closed-form expression for the degree of privacy preservation of our framework. Finally, we conduct extensive evaluations using large-scale real-world datasets to verify the effectiveness of our RAP framework and compare with other baseline algorithms. The results show that our RAP framework can improve the degree of privacy preservation from zero to over 0.5 for the Movielens dataset and 4 for the Jester dataset, and still maintain the approaching level of recommendation accuracy.

Simin Yu,Hao Wang,Ye Su,Ziyu Niu,Zhi Li,Jianjun Liu,Jiwei Wang

DOI: https://doi.org/10.1016/j.jksuci.2024.101923

IF: 9.006

2024-01-15

Journal of King Saud University - Computer and Information Sciences

Abstract:In the era of internet-based data, recommendation systems are crucial for helping users access personalized content and facilitating business promotion and sales. Recommendation systems based on social relationships have gained popularity due to their ability to use social influence and enhance the impact and credibility of recommendations. However, building a successful recommendation system faces the challenge of protecting user data privacy, as it requires a significant amount of sensitive user data. For this challenge, we propose a privacy-preserving recommendation system based on social relationships in the dual-cloud model. To achieve the secure computation of this system, we also design and improve some underlying secure protocols such as secure equality protocol and secure comparison protocol. Our underlying protocol has the advantages of high efficiency and provable security. As a result, our recommendation system can provide excellent recommendations while ensuring privacy protection. Experiments show that our system can perform secure recommendation calculations on 128-bit data with semi-honest security in approximately 5.5 s.

computer science, information systems

Liu Yang,Junxue Zhang,Di Chai,Leye Wang,Kun Guo,Kai Chen,Qiang Yang

DOI: https://doi.org/10.48550/arXiv.2109.02464

2021-08-18

Information Retrieval

Abstract:Federated recommendation addresses the data silo and privacy problems altogether for recommender systems. Current federated recommender systems mainly utilize cryptographic or obfuscation methods to protect the original ratings from leakage. However, the former comes with extra communication and computation costs, and the latter damages model accuracy. Neither of them could simultaneously satisfy the real-time feedback and accurate personalization requirements of recommender systems. In this paper, we proposed federated masked matrix factorization (FedMMF) to protect the data privacy in federated recommender systems without sacrificing efficiency and effectiveness. In more details, we introduce the new idea of personalized mask generated only from local data and apply it in FedMMF. On the one hand, personalized mask offers protection for participants' private data without effectiveness loss. On the other hand, combined with the adaptive secure aggregation protocol, personalized mask could further improve efficiency. Theoretically, we provide security analysis for personalized mask. Empirically, we also show the superiority of the designed model on different real-world data sets.

Fei Gao,Hanlin Zhang,Jie Lin,Hansong Xu,Fanyu Kong,Guoqiang Yang

DOI: https://doi.org/10.1007/s12652-023-04531-x

2023-01-01

Abstract:The data such as features involved in recommendation systems often contain private information that can cause serious security problems if leaked to other participants in the system. At present, Federated Learning (FL) combined with encryption technology is a popular privacy preserving technology. However, the distributed computing of FL threatens the credibility of calculation results. Incorrect calculation results in the recommendation system can reduce the accuracy of the recommendation. In this paper, we design a verifiable and privacy-preserving framework for the federated recommendation system (VePriRec) to ensure the privacy of data and verifiability of calculation results. For three components involved in the system, we design three privacy-preserving protocols, including a secure similarity network construction protocol, a secure gradient descent protocol and a secure aggregation protocol. We conduct experiments on real-world datasets, the results demonstrate the effectiveness and efficiency of VePriRec.

Dongsheng Li,Chao Chen,Qin Lv,Li Shang,Yingying Zhao,Tun Lu,Ning Gu

DOI: https://doi.org/10.1016/j.future.2014.11.003

IF: 7.307

2016-01-01

Future Generation Computer Systems

Abstract:Collaborative filtering (CF) methods are widely adopted by existing recommender systems, which can analyze and predict user “ratings” or “preferences” of newly generated items based on user historical behaviors. However, privacy issue arises in this process as sensitive user private data are collected by the recommender server. Recently proposed privacy-preserving collaborative filtering (PPCF) methods, using computation-intensive cryptography techniques or data perturbation techniques are not appropriate in real online services. In this paper, an efficient privacy-preserving item-based collaborative filtering algorithm is proposed, which can protect user privacy during online recommendation process without compromising recommendation accuracy and efficiency. The proposed method is evaluated using the Netflix Prize dataset. Experimental results demonstrate that the proposed method outperforms a randomized perturbation based PPCF solution and a homomorphic encryption based PPCF solution by over 14X and 386X, respectively, in recommendation efficiency while achieving similar or even better recommendation accuracy.