Methods and apparatuses for defending against data poisoning attacks in recommender systems

Assignee

• Walmart Apollo, LLC · US

Inventors

• Kannan Achan · Saratoga, US
• Durga Deepthi Singh Sharma · Kanchinakote, IN
• Behzad Shahrasbi · Santa Clara, US
• Saurabh Agrawal · Navi Mumbai, IN
• Venugopal Mani · Sunnyvale, US
• Soumya Wadhwa · Sunnyvale, US
• Kamiya Motwani · Sunnyvale, US
• Evren Korpeoglu · San Jose, US
• Sushant Kumar · Sunnyvale, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06Q50/265
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A recommender system can include a defender computing device that is configured to obtain customer interaction data characterizing customer interactions with an ecommerce marketplace. The defender computing device can also be configured to determine an item recommendation based on the customer interaction data using a trained differentially private recommendation model and send the item recommendation to the customer. The trained differentially private recommendation model is more likely to determine the same item recommendation after poisoned data is injected into the customer interaction data than a recommendation model that is not privately trained.