March 05, 2026

Stealthy Attacks in Large Language Model-Based Cross-Domain Recommender Systems with Retrieval Augmented Generation

SOKENDAI Student Dispatch Program program year: 2025

Pongsakorn Jirachanchaisiri

Informatics

 

 

The proposed method. Top: An LLM-based CDRS with RAG. Bottom: Proposed attacks.
The proposed method. Top: An LLM-based CDRS with RAG. Bottom: Proposed attacks.

This recommender system uses AI to transform a map of user interests into a ranked recommendation list, which is then reranked by an LLM for better accuracy. To study the system's security, attacks are used to trick the model; these include mimicking the reviews of items being promoted or using fake accounts to create artificial popularity, ultimately forcing specific items to the top of the list.

This study proposes realistic attacks on a graph-based Retrieval-Augmented Generation (RAG) system used in large language model (LLM)-based cross-domain recommender systems. In this setting, the retriever collects related information from a shared graph that connects users, items, and text across different domains. Although attackers do not have internal system access, they can interact through normal user interfaces, such as posting ratings or reviews. This work explored how seemingly harmless interactions can gradually influence what information the system retrieves. Two complementary techniques are considered. First, a cross-domain textual attack subtly edits the text of a target item so it resembles popular items in another domain. Second, a cross-domain graph connectivity attack introduces fake users who link the target item with well-known items across domains. Rather than focusing on final ranking outcomes, this work examines how these small manipulations shift learned item representations inside the graph model and quietly bias retrieval behavior while maintaining normal overall performance.

Period of Stay

Date of Departure: 2025/11/08
Date of Return: 2026/01/23

Country and/or City

The United Kingdom, Birmingham

Visiting Institute, Host, or Meeting

Asst. Prof. Panagiotis Andriotis, Ph.D.
School of Computer Science, the University of Birmingham

What you learned and achieved during the visit

During my visit, I experienced both academic growth and cultural exchange. Arriving during the university’s 125th anniversary and the Christmas season, I felt warmly welcomed by the vibrant campus atmosphere. Academically, I participated in research discussions, attended a helpful viva preparation session, and made steady progress toward my Ph.D. Engaging in social activities and interacting with faculty members broadened my perspective and helped me smoothly adapt to the UK research environment.

Department of Informatics, Pongsakorn Jirachanchaisiri

PAGE TOP