Recommendation systems (RS) are crucial for alleviating the information overload problem. Due to its pivotal role in guiding users to make decisions, unscrupulous parties are lured to launch attacks against RS to affect the decisions of normal users and gain illegal profits. Among various types of attacks, shilling attack is one of the most subsistent and profitable attacks. In shilling attack, an adversarial party injects a number of well-designed fake user profiles into the system to mislead RS so that the attack goal can be achieved. Although existing shilling attack methods have achieved promising results, they all adopt the attack paradigm of multi-user injection, where some fake user profiles are required. This paper provides the first study of shilling attack in an extremely limited scenario: only one fake user profile is injected into the victim RS to launch shilling attacks (i.e., single-user injection). We propose a novel single-user injection method SUI-Attack for invisible shilling attack. SUI-Attack is a graph based attack method that models shilling attack as a node generation task over the user-item bipartite graph of the victim RS, and it constructs the fake user profile by generating user features and edges that link the fake user to items. Extensive experiments demonstrate that SUI-Attack can achieve promising attack results in single-user injection. In addition to its attack power, SUI-Attack increases the stealthiness of shilling attack and reduces the risk of being detected. We provide our implementation at: https://github.com/KDEGroup/SUI-Attack.

翻译：推荐系统（RS）是缓解信息过载问题的关键工具。由于其在引导用户决策方面的重要作用，不法机构常被诱导对RS发起攻击，以影响正常用户决策并获取非法收益。在各类攻击中，托攻击（shilling attack）是最为持久且有利可图的攻击方式之一。在托攻击中，攻击方通过向系统注入大量精心设计的虚假用户画像，误导推荐系统以实现攻击目标。尽管现有托攻击方法已取得显著效果，但它们均采用多用户注入的攻击范式，即需要注入多个虚假用户画像。本文首次在极端受限场景下研究托攻击：仅向受害RS注入一个虚假用户画像即可实施托攻击（即单用户注入）。我们提出了一种新颖的单用户注入方法SUI-Attack，用于实现不可见的托攻击。SUI-Attack是一种基于图的攻击方法，将托攻击建模为受害RS用户-物品二部图上的节点生成任务，通过生成用户特征和连接虚假用户与物品的边来构建虚假用户画像。大量实验表明，SUI-Attack能够在单用户注入场景下取得优异的攻击效果。除攻击能力外，SUI-Attack还增强了托攻击的隐蔽性，降低了被检测的风险。我们的代码实现见：https://github.com/KDEGroup/SUI-Attack。