Stochastic Complexity in Statistical Inquiry Theory
Stochastic Complexity in Statistical Inquiry Theory
IEEE Intelligent Systems
Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining
Discovering Structural Anomalies in Graph-Based Data
ICDMW '07 Proceedings of the Seventh IEEE International Conference on Data Mining Workshops
Anomaly detection in data represented as graphs
Intelligent Data Analysis
SigSpot: mining significant anomalous regions from time-evolving networks (abstract only)
SIGMOD '12 Proceedings of the 2012 ACM SIGMOD International Conference on Management of Data
Efficient Identification of Linchpin Vertices in Dependence Clusters
ACM Transactions on Programming Languages and Systems (TOPLAS)
| Hi-index | 0.00 |
This work presents the use of graph-based approaches to discovering anomalous instances of structural patterns in data that represent entities, relationships and actions. Using the minimum description length (MDL) principle to first identify the normative pattern, the algorithms presented in this paper identify the three possible changes to a graph: modifications, insertions and deletions. Each algorithm discovers those substructures that match the closest to the normative pattern without matching exactly. As a result, this proposed approach searches for those activities that appear to match normal (or legitimate) transactions, but in fact are structurally different. After briefly presenting the three algorithms, we then show the usefulness of applying these graph theoretic approaches to discovering illegal activity for a simulated insider threat within a passport processing scenario.