Article

Graph-based anomaly detection

Authors:
Caleb C. Noble

University of Texas at Arlington, Arlington, TX

University of Texas at Arlington, Arlington, TX
View Profile

,
Diane J. Cook

University of Texas at Arlington, Arlington, TX

University of Texas at Arlington, Arlington, TX
View Profile

KDD '03: Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data miningAugust 2003Pages 631–636https://doi.org/10.1145/956750.956831

Published:24 August 2003Publication History

KDD '03: Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining

Pages 631–636

ABSTRACT

Anomaly detection is an area that has received much attention in recent years. It has a wide variety of applications, including fraud detection and network intrusion detection. A good deal of research has been performed in this area, often using strings or attribute-value data as the medium from which anomalies are to be extracted. Little work, however, has focused on anomaly detection in graph-based data. In this paper, we introduce two techniques for graph-based anomaly detection. In addition, we introduce a new method for calculating the regularity of a graph, with applications to anomaly detection. We hypothesize that these methods will prove useful both for finding anomalies, and for determining the likelihood of successful anomaly detection within graph-based data. We provide experimental results using both real-world network intrusion data and artificially-created data.

References

Cook, D. J. and Holder, L. B. Graph-Based Data Mining. IEEE Intelligent Systems, 15(2), pages 32--41, 2000. Google ScholarDigital Library
Lee, W. and Xiang, D. Information-Theoretic Measures for Anomaly Detection. Proceedings of The 2001 IEEE Symposium on Security and Privacy, Oakland, CA, May 2001. Google ScholarDigital Library
Maxion, R. A. and Tan, K. M. C. Benchmarking Anomaly-Based Detection Systems. International Conference on Dependable Systems and Networks, pages 623--630, New York, New York; 25--28 June 2000. Google ScholarDigital Library
Miller, G. A. Note on the Bias of Information Estimates. Information Theory in Psychology: Problems and Methods, Free Press, 1955.Google Scholar
Rissanen, J. Stochastic Complexity in Statistical Inquiry. World Scientific Publishing Company, 1989. Google ScholarDigital Library
http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.htmlGoogle Scholar

Index Terms

Graph-based anomaly detection
1. Information systems
  1. Information systems applications
    1. Data mining

Recommendations

Two-stage anomaly detection algorithm via dynamic community evolution in temporal graph
Abstract
Detecting anomalies from a massive amount of user behavioral data is often liken to finding a needle in a haystack. While tremendous efforts have been devoted to anomaly detection from temporal graphs, existing studies rarely consider community ...
Read More
Graph based anomaly detection and description: a survey

Detecting anomalies in data is a vital task, with numerous high-impact applications in areas such as security, finance, health care, and law enforcement. While numerous techniques have been developed in past years for spotting outliers and anomalies in ...
Read More
Scalable anomaly detection in graphs

The advantage of graph-based anomaly detection is that the relationships between elements can be analyzed for structural oddities that could represent activities such as fraud, network intrusions, or suspicious associations in a social network. ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
KDD '03: Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining
August 2003
736 pages
ISBN:1581137370
DOI:10.1145/956750
Conference Chair:
Lise Getoor
University of Maryland, College Park
,
General Chair:
Ted Senator
DARPA
,
Program Chairs:
Pedro Domingos
University of Washington
,
Christos Faloutsos
Carnegie Mellon University
Copyright © 2003 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 24 August 2003
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
anomaly detection
data mining
graph regularity
Qualifiers
- Article
Conference

Acceptance Rates
KDD '03 Paper Acceptance Rate46of298submissions,15%Overall Acceptance Rate1,133of8,635submissions,13%
More
Upcoming Conference
KDD '24

Sponsor:

sigkdd

sigkdd

KDD '24: The 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining

August 25 - 29, 2024

Barcelona , Spain
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 275
  Total Citations
  View Citations
- 5,308
  Total Downloads
- Downloads (Last 12 months)368
- Downloads (Last 6 weeks)65
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Graph-based anomaly detection

KDD '03: Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining

ABSTRACT

References

Cited By

Index Terms

Recommendations

Two-stage anomaly detection algorithm via dynamic community evolution in temporal graph

Graph based anomaly detection and description: a survey

Scalable anomaly detection in graphs