Papers
Topics
Authors
Recent
Assistant
AI Research Assistant
Well-researched responses based on relevant abstracts and paper content.
Custom Instructions Pro
Preferences or requirements that you'd like Emergent Mind to consider when generating responses.
Gemini 2.5 Flash
Gemini 2.5 Flash 189 tok/s
Gemini 2.5 Pro 46 tok/s Pro
GPT-5 Medium 35 tok/s Pro
GPT-5 High 40 tok/s Pro
GPT-4o 103 tok/s Pro
Kimi K2 207 tok/s Pro
GPT OSS 120B 451 tok/s Pro
Claude Sonnet 4.5 38 tok/s Pro
2000 character limit reached

PhoGAD: Graph-based Anomaly Behavior Detection with Persistent Homology Optimization (2401.10547v1)

Published 19 Jan 2024 in cs.LG and cs.SI

Abstract: A multitude of toxic online behaviors, ranging from network attacks to anonymous traffic and spam, have severely disrupted the smooth operation of networks. Due to the inherent sender-receiver nature of network behaviors, graph-based frameworks are commonly used for detecting anomalous behaviors. However, in real-world scenarios, the boundary between normal and anomalous behaviors tends to be ambiguous. The local heterophily of graphs interferes with the detection, and existing methods based on nodes or edges introduce unwanted noise into representation results, thereby impacting the effectiveness of detection. To address these issues, we propose PhoGAD, a graph-based anomaly detection framework. PhoGAD leverages persistent homology optimization to clarify behavioral boundaries. Building upon this, the weights of adjacent edges are designed to mitigate the effects of local heterophily. Subsequently, to tackle the noise problem, we conduct a formal analysis and propose a disentangled representation-based explicit embedding method, ultimately achieving anomaly behavior detection. Experiments on intrusion, traffic, and spam datasets verify that PhoGAD has surpassed the performance of state-of-the-art (SOTA) frameworks in detection efficacy. Notably, PhoGAD demonstrates robust detection even with diminished anomaly proportions, highlighting its applicability to real-world scenarios. The analysis of persistent homology demonstrates its effectiveness in capturing the topological structure formed by normal edge features. Additionally, ablation experiments validate the effectiveness of the innovative mechanisms integrated within PhoGAD.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (46)
  1. Outlier Resistant Unsupervised Deep Architectures for Attributed Network Embedding. In WSDM. ACM, 25–33.
  2. A modified DeepWalk method for link prediction in attributed social network. Computing 103, 10 (2021), 2227–2249.
  3. Anomal-E: A self-supervised network intrusion detection system based on graph neural networks. Knowl. Based Syst. 258 (2022), 110030.
  4. Entity Embedding-Based Anomaly Detection for Heterogeneous Categorical Events. In IJCAI. IJCAI/AAAI Press, 1396–1403.
  5. Anomaly Detection from Log Data Sequences with Perturbations. In DSC. IEEE, 183–190.
  6. DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning. In CCS. ACM, 1285–1298.
  7. AANE: Anomaly Aware Network Embedding For Anomalous Link Detection. In ICDM. IEEE, 1002–1007.
  8. Anomalydae: Dual Autoencoder for Anomaly Detection on Attributed Networks. In ICASSP. IEEE, 5685–5689.
  9. Apache Software Foundation. 2005. SpamAssassin. [Online]. Available: https://spamassassin.apache.org/old/publiccorpus. Accessed: June 15, 2023.
  10. Alleviating Structural Distribution Shift in Graph Anomaly Detection. In WSDM. ACM, 357–365.
  11. Abdallah Ghourabi and Manar Alohaly. 2023. Enhancing Spam Message Classification and Detection Using Transformer-Based Embedding and Ensemble Learning. Sensors 23, 8 (2023), 3861.
  12. LSTM: A Search Space Odyssey. IEEE Trans. Neural Networks Learn. Syst. 28, 10 (2017), 2222–2232.
  13. LogLG: Weakly Supervised Log Anomaly Detection via Log-Event Graph Construction. In DASFAA (4) (Lecture Notes in Computer Science, Vol. 13946). Springer, 490–501.
  14. Inductive Representation Learning on Large Graphs. In NIPS. 1024–1034.
  15. Thomas N. Kipf and Max Welling. 2017. Semi-Supervised Classification with Graph Convolutional Networks. In ICLR (Poster). OpenReview.net.
  16. Directed Graph Auto-Encoders. In AAAI. AAAI Press, 7211–7219.
  17. Semi-supervised Anomaly Detection on Attributed Graphs. In IJCNN. IEEE, 1–8.
  18. Characterization of Tor Traffic using Time based Features. In ICISSP. SciTePress, 253–262.
  19. Haoyuan Li and Yifan Li. 2023. Anomaly detection methods based on GAN: a survey. Appl. Intell. 53, 7 (2023), 8209–8231.
  20. Differential privacy preservation for graph auto-encoders: A novel anonymous graph publishing model. Neurocomputing 521 (2023), 113–125.
  21. The Devil is in the Conflict: Disentangled Information Graph Neural Networks for Fraud Detection. In ICDM. IEEE, 1059–1064.
  22. Focal Loss for Dense Object Detection. IEEE Trans. Pattern Anal. Mach. Intell. 42, 2 (2020), 318–327.
  23. Anomaly Detection on Attributed Networks via Contrastive Self-Supervised Learning. IEEE Trans. Neural Networks Learn. Syst. 33, 6 (2022), 2378–2392.
  24. Deceptive opinion spam detection approaches: a literature survey. Appl. Intell. 53, 2 (2023), 2189–2234.
  25. Nour Moustafa and Jill Slay. 2015. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In MilCIS. IEEE, 1–6.
  26. Persistent homology of complex networks for dynamic state detection. Phys. Rev. E 100 (Aug 2019), 022314. Issue 2.
  27. Unified Graph Embedding-Based Anomalous Edge Detection. In IJCNN. IEEE, 1–8.
  28. Unveiling the potential of Graph Neural Networks for robust Intrusion Detection. SIGMETRICS Perform. Evaluation Rev. 49, 4 (2022), 111–117.
  29. Nitesh Suresh Sehwani. 2022. No Features Needed: Using BPE Sequence Embeddings for Web Log Anomaly Detection. In IWSPA@CODASPY. ACM, 78–85.
  30. Rohit P. Singh and Philip A. Wilsey. 2022. Polytopal Complex Construction and Use in Persistent Homology. In ICDM (Workshops). IEEE, 634–641.
  31. Graph Structure Learning with Variational Information Bottleneck. In AAAI. AAAI Press, 4165–4174.
  32. SUGAR: Subgraph Neural Network with Reinforcement Pooling and Self-Supervised Mutual Information Mechanism. In WWW. ACM / IW3C2, 2081–2091.
  33. Position-aware Structure Learning for Graph Topology-imbalance by Relieving Under-reaching and Over-squashing. In CIKM. ACM, 1848–1857.
  34. Attention is All you Need. In NIPS. 5998–6008.
  35. Deep Graph Infomax. In ICLR (Poster). OpenReview.net.
  36. One-class graph neural networks for anomaly detection in attributed networks. Neural Comput. Appl. 33, 18 (2021), 12073–12085.
  37. MADDC: Multi-Scale Anomaly Detection, Diagnosis and Correction for Discrete Event Logs. In ACSAC. ACM, 769–784.
  38. Social Network Spam Detection Based on ALBERT and Combination of Bi-LSTM with Self-Attention. Secur. Commun. Networks 2021 (2021), 5567991:1–5567991:11.
  39. HP-GMN: Graph Memory Networks for Heterophilous Graphs. In ICDM. IEEE, 1263–1268.
  40. ICANE: interaction content-aware network embedding via co-embedding of nodes and edges. Int. J. Data Sci. Anal. 9, 4 (2020), 401–414.
  41. WPD-ResNeSt: Substation station level network anomaly traffic detection based on deep transfer learning. CSEE Journal of Power and Energy Systems (2021).
  42. LayerLog: Log sequence anomaly detection based on hierarchical semantics. Appl. Soft Comput. 132 (2023), 109860.
  43. Semi-Supervised Classification of Graph Convolutional Networks with Laplacian Rank Constraints. Neural Process. Lett. 54, 4 (2022), 2645–2656.
  44. CAT: Beyond Efficient Transformer for Content-Aware Anomaly Detection in Event Sequences. In KDD. ACM, 4541–4550.
  45. AddGraph: Anomaly Detection in Dynamic Graph Using Attention-based Temporal GCN. In IJCAI. ijcai.org, 4419–4425.
  46. Provenance-based Intrusion Detection Systems: A Survey. ACM Comput. Surv. 55, 7 (2023), 135:1–135:36.
Citations (1)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
Dice Question Streamline Icon: https://streamlinehq.com

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now
Lightbulb Streamline Icon: https://streamlinehq.com

Continue Learning

We haven't generated follow-up questions for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now
List To Do Tasks Checklist Streamline Icon: https://streamlinehq.com

Collections

Sign up for free to add this paper to one or more collections.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets

This paper has been mentioned in 1 tweet and received 0 likes.

Upgrade to Pro to view all of the tweets about this paper:

Start a free 7-day Pro trial