Defending federated recommender systems against untargeted attacks: A contribution-aware robust aggregation scheme

Author

Ruicheng LIANG
Yuanchun JIANG
Feida ZHU, Singapore Management UniversityFollow
Ling CHENG
Huiwen LIU

Publication Type

Journal Article

Version

publishedVersion

Publication Date

1-2025

Abstract

Federated recommender systems (FedRSs) effectively tackle the tradeoff between recommendation accuracy and privacy preservation. However, recent studies have revealed severe vulnerabilities in FedRSs, particularly against untargeted attacks seeking to undermine their overall performance. Defense methods employed in traditional recommender systems are not applicable to FedRSs, and existing robust aggregation schemes for other federated learning-based applications have proven ineffective in FedRSs. Building on the observation that malicious clients contribute negatively to the training process, we design a novel contribution-aware robust aggregation scheme to defend FedRSs against untargeted attacks, named contribution-aware Bayesian knowledge distillation aggregation (ConDA), comprising two key components for the defense. In the first contribution estimation component, we decentralize the estimation from the server side to the client side and propose an ensemble-based Shapley value to enable the efficient calculation of contributions, addressing the limitations of lacking auxiliary validation data and high computational complexity. In the second contribution-aware aggregation component, we merge the decentralized contributions via a majority voting mechanism and integrate the merged contributions into a Bayesian knowledge distillation aggregation scheme for robust aggregation, mitigating the impact of unreliable contributions induced by attacks. We evaluate the effectiveness and efficiency of ConDA on two real-world datasets from movie and music service providers. Through extensive experiments, we demonstrate the superiority of ConDA over the baseline robust aggregation schemes.

Discipline

Artificial Intelligence and Robotics | Databases and Information Systems

Research Areas

Data Science and Engineering

Publication

ACM Transactions on Knowledge Discovery from Data

Volume

19

Issue

1

First Page

1

Last Page

28

ISSN

1556-4681

Identifier

10.1145/3706112

Publisher

Association for Computing Machinery (ACM)

Citation

LIANG, Ruicheng; JIANG, Yuanchun; ZHU, Feida; CHENG, Ling; and LIU, Huiwen. Defending federated recommender systems against untargeted attacks: A contribution-aware robust aggregation scheme. (2025). ACM Transactions on Knowledge Discovery from Data. 19, (1), 1-28.
Available at: https://ink.library.smu.edu.sg/sis_research/10961

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1145/3706112