Graph based anomaly detection and description: a survey
TLDR
This survey aims to provide a general, comprehensive, and structured overview of the state-of-the-art methods for anomaly detection in data represented as graphs, and gives a general framework for the algorithms categorized under various settings.Abstract:
Detecting anomalies in data is a vital task, with numerous high-impact applications in areas such as security, finance, health care, and law enforcement. While numerous techniques have been developed in past years for spotting outliers and anomalies in unstructured collections of multi-dimensional points, with graph data becoming ubiquitous, techniques for structured graph data have been of focus recently. As objects in graphs have long-range correlations, a suite of novel technology has been developed for anomaly detection in graph data. This survey aims to provide a general, comprehensive, and structured overview of the state-of-the-art methods for anomaly detection in data represented as graphs. As a key contribution, we give a general framework for the algorithms categorized under various settings: unsupervised versus (semi-)supervised approaches, for static versus dynamic graphs, for attributed versus plain graphs. We highlight the effectiveness, scalability, generality, and robustness aspects of the methods. What is more, we stress the importance of anomaly attribution and highlight the major techniques that facilitate digging out the root cause, or the `why', of the detected anomalies for further analysis and sense-making. Finally, we present several real-world applications of graph-based anomaly detection in diverse domains, including financial, auction, computer traffic, and social networks. We conclude our survey with a discussion on open theoretical and practical challenges in the field.read more
Citations
More filters
Journal ArticleDOI
Detection and Classification of Anomalies in Large Datasets on the Basis of Information Granules
TL;DR: In this article , the authors proposed a solution that allows the use of information granules to identify and classify anomalies, which is based on fuzzy semantics implied by the statistical properties of the data considered, instead of the classic approach to detecting anomalies in the data, it is proposed to determine the degree of anomaly for the data transformed to the new resulting state space.
Posted Content
SUGAR: Subgraph Neural Network with Reinforcement Pooling and Self-Supervised Mutual Information Mechanism
TL;DR: Wang et al. as mentioned in this paper proposed a hierarchical subgraph-level selection and embedding based graph neural network for graph classification, which can learn more discriminative subgraph representations and respond in an explanatory way.
Journal ArticleDOI
Mining user interaction patterns in the darkweb to predict enterprise cyber incidents
TL;DR: A framework to predict real-world organization cyber attacks of three different security events suggests that focusing on the reply path structure between groups of users based on random walk transitions and community structures has an advantage in terms of better performance solely relying on forum or user posting statistics prior to attacks.
Book ChapterDOI
Link and Graph Mining in the Big Data Era
TL;DR: This chapter gives an overview of several graph mining approach to mine and handle large complex networks.
Proceedings ArticleDOI
Coding of Graphs with Application to Graph Anomaly Detection
Anders Host-Madsen,June Zhang +1 more
TL;DR: In this paper, the authors developed two coding methods for unlabeled graphs: one based on the degree distribution, the second based on triangle distribution, which are efficient for different types of random graphs, and on real-world graphs.
References
More filters
Journal ArticleDOI
Collective dynamics of small-world networks
TL;DR: Simple models of networks that can be tuned through this middle ground: regular networks ‘rewired’ to introduce increasing amounts of disorder are explored, finding that these systems can be highly clustered, like regular lattices, yet have small characteristic path lengths, like random graphs.
Journal ArticleDOI
Emergence of Scaling in Random Networks
TL;DR: A model based on these two ingredients reproduces the observed stationary scale-free distributions, which indicates that the development of large networks is governed by robust self-organizing phenomena that go beyond the particulars of the individual systems.
Book
Time series analysis, forecasting and control
TL;DR: In this article, a complete revision of a classic, seminal, and authoritative book that has been the model for most books on the topic written since 1970 is presented, focusing on practical techniques throughout, rather than a rigorous mathematical treatment of the subject.