MVCA: Multi-View Cross-Attention Framework for Robust Shilling Attack Detection

Recommender systems are now integral to many online platforms, including e-commerce, social media, and content streaming services. However, their widespread use also exposes them to significant security threats. One of the most critical is the shilling attack, where fake user profiles are injected to manipulate recommendation results. Such attacks undermine system fairness and erode user trust. Traditional detection methods mostly rely on a single perspective, such as a fake profile, temporal behavior or a graph structure, and they have difficulty dealing with complex and changeable attack strategies. Therefore, we propose a multi-view cross-attention (MVCA) attack detection framework. This system integrates three complementary features: the user–item interaction graph structure, the temporal behavior sequence, and the local scoring mode. We propose a bidirectional cross-attention mechanism to achieve deep information interaction, dynamically mine the potential correlations between different views, solve the collaborative optimization of each module, and improve the accuracy of identifying fake users. Extensive experiments conducted on the MovieLens and Netflix datasets have shown that MVCA generally outperforms several established baseline methods. Its strong performance in handling different types and scales of attacks demonstrates the method’s adaptability and robustness for detecting shilling attacks.