24,287 research outputs found
Graph based Anomaly Detection and Description: A Survey
Detecting anomalies in data is a vital task, with numerous high-impact applications in areas such as security, finance, health care, and law enforcement. While numerous techniques have been developed in past years for spotting outliers and anomalies in unstructured collections of multi-dimensional points, with graph data becoming ubiquitous, techniques for structured graph data have been of focus recently. As objects in graphs have long-range correlations, a suite of novel technology has been developed for anomaly detection in graph data. This survey aims to provide a general, comprehensive, and structured overview of the state-of-the-art methods for anomaly detection in data represented as graphs. As a key contribution, we give a general framework for the algorithms categorized under various settings: unsupervised vs. (semi-)supervised approaches, for static vs. dynamic graphs, for attributed vs. plain graphs. We highlight the effectiveness, scalability, generality, and robustness aspects of the methods. What is more, we stress the importance of anomaly attribution and highlight the major techniques that facilitate digging out the root cause, or the ‘why’, of the detected anomalies for further analysis and sense-making. Finally, we present several real-world applications of graph-based anomaly detection in diverse domains, including financial, auction, computer traffic, and social networks. We conclude our survey with a discussion on open theoretical and practical challenges in the field
Graph Neural Networks based Log Anomaly Detection and Explanation
Event logs are widely used to record the status of high-tech systems, making
log anomaly detection important for monitoring those systems. Most existing log
anomaly detection methods take a log event count matrix or log event sequences
as input, exploiting quantitative and/or sequential relationships between log
events to detect anomalies. Unfortunately, only considering quantitative or
sequential relationships may result in low detection accuracy. To alleviate
this problem, we propose a graph-based method for unsupervised log anomaly
detection, dubbed Logs2Graphs, which first converts event logs into attributed,
directed, and weighted graphs, and then leverages graph neural networks to
perform graph-level anomaly detection. Specifically, we introduce One-Class
Digraph Inception Convolutional Networks, abbreviated as OCDiGCN, a novel graph
neural network model for detecting graph-level anomalies in a collection of
attributed, directed, and weighted graphs. By coupling the graph representation
and anomaly detection steps, OCDiGCN can learn a representation that is
especially suited for anomaly detection, resulting in a high detection
accuracy. Importantly, for each identified anomaly, we additionally provide a
small subset of nodes that play a crucial role in OCDiGCN's prediction as
explanations, which can offer valuable cues for subsequent root cause
diagnosis. Experiments on five benchmark datasets show that Logs2Graphs
performs at least on par with state-of-the-art log anomaly detection methods on
simple datasets while largely outperforming state-of-the-art log anomaly
detection methods on complicated datasets.Comment: Preprint submitted to Engineering Applications of Artificial
Intelligenc
Quick survey of graph-based fraud detection methods
In general, anomaly detection is the problem of distinguishing between normal
data samples with well defined patterns or signatures and those that do not
conform to the expected profiles. Financial transactions, customer reviews,
social media posts are all characterized by relational information. In these
networks, fraudulent behaviour may appear as a distinctive graph edge, such as
spam message, a node or a larger subgraph structure, such as when a group of
clients engage in money laundering schemes. Most commonly, these networks are
represented as attributed graphs, with numerical features complementing
relational information. We present a survey on anomaly detection techniques
used for fraud detection that exploit both the graph structure underlying the
data and the contextual information contained in the attributes
Graph-based Time-Series Anomaly Detection: A Survey
With the recent advances in technology, a wide range of systems continue to
collect a large amount of data over time and thus generate time series.
Time-Series Anomaly Detection (TSAD) is an important task in various
time-series applications such as e-commerce, cybersecurity, vehicle
maintenance, and healthcare monitoring. However, this task is very challenging
as it requires considering both the intra-variable dependency and the
inter-variable dependency, where a variable can be defined as an observation in
time series data. Recent graph-based approaches have made impressive progress
in tackling the challenges of this field. In this survey, we conduct a
comprehensive and up-to-date review of Graph-based TSAD (G-TSAD). First, we
explore the significant potential of graph representation learning for
time-series data. Then, we review state-of-the-art graph anomaly detection
techniques in the context of time series and discuss their strengths and
drawbacks. Finally, we discuss the technical challenges and potential future
directions for possible improvements in this research field.Comment: 19 pages, 4 figures, 2 table
Graph Learning for Anomaly Analytics: Algorithms, Applications, and Challenges
Anomaly analytics is a popular and vital task in various research contexts,
which has been studied for several decades. At the same time, deep learning has
shown its capacity in solving many graph-based tasks like, node classification,
link prediction, and graph classification. Recently, many studies are extending
graph learning models for solving anomaly analytics problems, resulting in
beneficial advances in graph-based anomaly analytics techniques. In this
survey, we provide a comprehensive overview of graph learning methods for
anomaly analytics tasks. We classify them into four categories based on their
model architectures, namely graph convolutional network (GCN), graph attention
network (GAT), graph autoencoder (GAE), and other graph learning models. The
differences between these methods are also compared in a systematic manner.
Furthermore, we outline several graph-based anomaly analytics applications
across various domains in the real world. Finally, we discuss five potential
future research directions in this rapidly growing field
Graph learning for anomaly analytics : algorithms, applications, and challenges
Anomaly analytics is a popular and vital task in various research contexts that has been studied for several decades. At the same time, deep learning has shown its capacity in solving many graph-based tasks, like node classification, link prediction, and graph classification. Recently, many studies are extending graph learning models for solving anomaly analytics problems, resulting in beneficial advances in graph-based anomaly analytics techniques. In this survey, we provide a comprehensive overview of graph learning methods for anomaly analytics tasks. We classify them into four categories based on their model architectures, namely graph convolutional network, graph attention network, graph autoencoder, and other graph learning models. The differences between these methods are also compared in a systematic manner. Furthermore, we outline several graph-based anomaly analytics applications across various domains in the real world. Finally, we discuss five potential future research directions in this rapidly growing field. © 2023 Association for Computing Machinery
Graph Anomaly Detection with Graph Neural Networks: Current Status and Challenges
Graphs are used widely to model complex systems, and detecting anomalies in a
graph is an important task in the analysis of complex systems. Graph anomalies
are patterns in a graph that do not conform to normal patterns expected of the
attributes and/or structures of the graph. In recent years, graph neural
networks (GNNs) have been studied extensively and have successfully performed
difficult machine learning tasks in node classification, link prediction, and
graph classification thanks to the highly expressive capability via message
passing in effectively learning graph representations. To solve the graph
anomaly detection problem, GNN-based methods leverage information about the
graph attributes (or features) and/or structures to learn to score anomalies
appropriately. In this survey, we review the recent advances made in detecting
graph anomalies using GNN models. Specifically, we summarize GNN-based methods
according to the graph type (i.e., static and dynamic), the anomaly type (i.e.,
node, edge, subgraph, and whole graph), and the network architecture (e.g.,
graph autoencoder, graph convolutional network). To the best of our knowledge,
this survey is the first comprehensive review of graph anomaly detection
methods based on GNNs.Comment: 9 pages, 2 figures, 1 tables; to appear in the IEEE Access (Please
cite our journal version.
- …