Privacy-Preserving and Security Schemes in Deep Learning-Based Recommendation Systems

Dang, Xiaocui

Privacy-Preserving and Security Schemes in Deep Learning-Based Recommendation Systems

Dang, Xiaocui

Permalink

Publication Type:: Thesis
Issue Date:: 2025

Open Access

Copyright Clearance Process

Recently Added
In Progress
Open Access

This item is open access.

Adobe PDF

Download thesisAdobe PDF (19.35 MB)

View statistics

Full metadata record

Field	Value	Language
dc.contributor.author	Dang, Xiaocui
dc.date.accessioned	2026-03-17T03:41:20Z
dc.date.available	2026-03-17T03:41:20Z
dc.date.issued	2025
dc.identifier.uri	http://hdl.handle.net/10453/194354
dc.description	University of Technology Sydney. Faculty of Engineering and Information Technology.	en_US.UTF-8
dc.description.abstract	Deep learning-based recommendation systems (RS) are widely applied in e-commerce, healthcare, and personalized education, offering accurate and adaptive suggestions that enhance user experience. However, the integration of deep learning has raised critical challenges in data privacy and model security, which are among the most emerging and urgent issues in intelligent system deployment. These concerns hinder RS adoption, especially in scenarios involving sensitive data and intellectual property. To address data privacy challenges, this thesis first proposes a dual-defense frame-work against data poisoning attacks that compromise user-level integrity. By combining active and passive strategies, the framework effectively detects and mitigates adversarial data and is further adapted to large-scale RS with large language models (LLMs). Additionally, a recommendation unlearning verification (RUV) mechanism is introduced, leveraging non-influential trigger data to verify unlearning requests while maintaining model performance and user confidentiality. For model security, a lightweight watermarking mechanism is developed to support robust model ownership verification. By embedding non-influential watermark data into RS models, this approach ensures invisible, secure, and reliable proof of ownership without impairing recommendation performance. Additionally, the LLM-compatible dual-defense strategy enhances protection against adversarial manipulations, addressing new threats in model robustness and authenticity. The proposed methods are evaluated through extensive experiments under diverse conditions, including poisoning, ownership verification, and consistency checks. Results show substantial improvements in RS resilience, privacy protection, and defense effectiveness while maintaining high efficiency. By tackling these cutting-edge challenges in privacy and security, this thesis provides practical, scalable, and deployable solutions for trustworthy recommendation systems. The proposed frameworks support real-world applications in secure and privacy-aware environments, promoting safer and broader adoption of deep learning-based RS technologies across industries.	en_US.UTF-8
dc.format	Thesis (PhD)
dc.language.iso	en_US	en_US.UTF-8
dc.relation	https://opus.lib.uts.edu.au/bitstream/10453/194354/1/thesis.pdf
dc.rights	info:eu-repo/semantics/openAccess
dc.rights	The author owns the copyright in this thesis including all reproduction and reuse rights for the work. The work may not be altered without the permission of the copyright owner. Attribution is essential when quoting or paraphrasing from this thesis.
dc.rights	© 2025 Xiaocui Dang
dc.rights	au.edu.uts.lib/cph
dc.title	Privacy-Preserving and Security Schemes in Deep Learning-Based Recommendation Systems	en_US.UTF-8
dc.type	Thesis
utslib.copyright.status	open_access	*

Abstract:

Deep learning-based recommendation systems (RS) are widely applied in e-commerce, healthcare, and personalized education, offering accurate and adaptive suggestions that enhance user experience. However, the integration of deep learning has raised critical challenges in data privacy and model security, which are among the most emerging and urgent issues in intelligent system deployment. These concerns hinder RS adoption, especially in scenarios involving sensitive data and intellectual property. To address data privacy challenges, this thesis first proposes a dual-defense frame-work against data poisoning attacks that compromise user-level integrity. By combining active and passive strategies, the framework effectively detects and mitigates adversarial data and is further adapted to large-scale RS with large language models (LLMs). Additionally, a recommendation unlearning verification (RUV) mechanism is introduced, leveraging non-influential trigger data to verify unlearning requests while maintaining model performance and user confidentiality. For model security, a lightweight watermarking mechanism is developed to support robust model ownership verification. By embedding non-influential watermark data into RS models, this approach ensures invisible, secure, and reliable proof of ownership without impairing recommendation performance. Additionally, the LLM-compatible dual-defense strategy enhances protection against adversarial manipulations, addressing new threats in model robustness and authenticity. The proposed methods are evaluated through extensive experiments under diverse conditions, including poisoning, ownership verification, and consistency checks. Results show substantial improvements in RS resilience, privacy protection, and defense effectiveness while maintaining high efficiency. By tackling these cutting-edge challenges in privacy and security, this thesis provides practical, scalable, and deployable solutions for trustworthy recommendation systems. The proposed frameworks support real-world applications in secure and privacy-aware environments, promoting safer and broader adoption of deep learning-based RS technologies across industries.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/194354