Graph based anomaly detection and description: a survey
TLDR
This survey aims to provide a general, comprehensive, and structured overview of the state-of-the-art methods for anomaly detection in data represented as graphs, and gives a general framework for the algorithms categorized under various settings.Abstract:
Detecting anomalies in data is a vital task, with numerous high-impact applications in areas such as security, finance, health care, and law enforcement. While numerous techniques have been developed in past years for spotting outliers and anomalies in unstructured collections of multi-dimensional points, with graph data becoming ubiquitous, techniques for structured graph data have been of focus recently. As objects in graphs have long-range correlations, a suite of novel technology has been developed for anomaly detection in graph data. This survey aims to provide a general, comprehensive, and structured overview of the state-of-the-art methods for anomaly detection in data represented as graphs. As a key contribution, we give a general framework for the algorithms categorized under various settings: unsupervised versus (semi-)supervised approaches, for static versus dynamic graphs, for attributed versus plain graphs. We highlight the effectiveness, scalability, generality, and robustness aspects of the methods. What is more, we stress the importance of anomaly attribution and highlight the major techniques that facilitate digging out the root cause, or the `why', of the detected anomalies for further analysis and sense-making. Finally, we present several real-world applications of graph-based anomaly detection in diverse domains, including financial, auction, computer traffic, and social networks. We conclude our survey with a discussion on open theoretical and practical challenges in the field.read more
Citations
More filters
Journal ArticleDOI
Truncated Affinity Maximization: One-class Homophily Modeling for Graph Anomaly Detection
H. Qiao,Guansong Pang +1 more
TL;DR: Truncated Affinity Maximization (TAM) as discussed by the authors learns tailored node representations for anomaly detection by maximizing the local affinity of nodes to their neighbors, with the affinity defined as similarity on node attributes/representations.
Book ChapterDOI
Detecting Anomalous Subgraphs on Attributed Graphs via Parametric Flow
Mahito Sugiyama,Keisuke Otaki +1 more
TL;DR: This paper reports that the task of detecting anomalous subgraphs with an abnormal distribution of vertex attributes using the recent graph cut-based formulation is efficiently solved using the parametric flow algorithm.
Posted Content
Anomalous Edge Detection in Edge Exchangeable Social Network Models.
TL;DR: In this paper, the authors exploit edge exchangeability as a criterion for distinguishing anomalous edges from normal edges and present an anomaly detector based on conformal prediction theory, which has a guaranteed upper bound for false positive rate.
Journal ArticleDOI
A Deep Learning Approach Using Graph Neural Networks for Anomaly Detection in Air Quality Data Considering Spatiotemporal Correlations
TL;DR: A new deep learning approach is proposed that combines spatial correlation and temporal correlation of air quality data to detect air quality anomalies and an advanced deep learning model is utilized to handle the above spatiotemporal graph structure data and detect abnormal air quality events.
Book
Exploring Malicious Hacker Communities: Toward Proactive Cyber-Defense
Ericsson Marin,Mohammed Almukaynizi,Soumajyoti Sarkar,Eric Nunes,Jana Shakarian,Paulo Shakarian,Edward G. Amoroso +6 more
TL;DR: In this article, the authors propose models, techniques, and frameworks based on threat intelligence mined from the heart of the underground cyber world: the malicious hacker communities, providing insights into the hackers themselves and the groups they form dynamically in the act of exchanging ideas and techniques, buying or selling malware, and exploits.
References
More filters
Journal ArticleDOI
Collective dynamics of small-world networks
TL;DR: Simple models of networks that can be tuned through this middle ground: regular networks ‘rewired’ to introduce increasing amounts of disorder are explored, finding that these systems can be highly clustered, like regular lattices, yet have small characteristic path lengths, like random graphs.
Journal ArticleDOI
Emergence of Scaling in Random Networks
TL;DR: A model based on these two ingredients reproduces the observed stationary scale-free distributions, which indicates that the development of large networks is governed by robust self-organizing phenomena that go beyond the particulars of the individual systems.
Book
Time series analysis, forecasting and control
TL;DR: In this article, a complete revision of a classic, seminal, and authoritative book that has been the model for most books on the topic written since 1970 is presented, focusing on practical techniques throughout, rather than a rigorous mathematical treatment of the subject.