Abstract
Identifying vandal users or attackers hidden in dynamic online social network data has been shown a challenging problem. In this work, we develop a dynamic attack/anomaly detection approach using a novel combination of the graph spectral features and the restricted Vector Autoregressive (rVAR) model. Our approach utilizes the time series modeling method on the non-randomness metric derived from the graph spectral features to capture the abnormal activities and interactions of individuals. Furthermore, we demonstrate how to utilize Granger causality test on the fitted rVAR model to identify causal relationships of user activities, which could be further translated to endogenous and/or exogenous influences for each individual’s anomaly measures. We conduct empirical evaluations on the Wikipedia vandal detection dataset to demonstrate efficacy of our proposed approach.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bianco, A.M., Garcia Ben, M., Martinez, E., Yohai, V.J.: Outlier detection in regression models with arima errors using robust estimates. J. Forecast. 20(8), 565–579 (2001)
Geweke, J.F.: Measures of conditional linear dependence and feedback between time series. J. Am. Stat. Assoc. 79(388), 907–915 (1984)
Granger, C.W.: Investigating causal relations by econometric models and cross-spectral methods. Econometrica: J. Econometric Soc. 37(3), 424–438 (1969)
Idé, T., Kashima, H.: Eigenspace-based anomaly detection in computer systems. In: Proceedings of the Tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 440–449. ACM (2004)
Johansen, S.: Estimation and hypothesis testing of cointegration vectors in Gaussian vector autoregressive models. Econometrica: J. Econometric Soc. 59(6), 1551–1580 (1991)
Kumar, S., Spezzano, F., Subrahmanian, V.: VEWS: a Wikipedia vandal early warning system. In: Proceedings of the 21th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 607–616. ACM (2015)
Li, Y., Wu, X., Lu, A.: Analysis of spectral space properties of directed graphs using matrix perturbation theory with application in graph partition. In: Proceedings of IEEE International Conference on Data Mining, pp. 847–852. IEEE (2015)
Liberty, E.: Simple and deterministic matrix sketching. In: Proceedings of the 19th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 581–588. ACM (2013)
Ning, H., Xu, W., Chi, Y., Gong, Y., Huang, T.: Incremental spectral clustering with application to monitoring of evolving blog communities. In: Proceedings of the 2007 SIAM International Conference on Data Mining, pp. 261–272. SIAM (2007)
Shyu, M.L., Chen, S.C., Sarinnapakorn, K., Chang, L.: A novel anomaly detection scheme based on principal component classifier. In: Proceedings of the IEEE Foundations and New Directions of Data Mining Workshop, pp. 171–179. IEEE (2003)
Sun, J., Xie, Y., Zhang, H., Faloutsos, C.: Less is more: compact matrix representation of large sparse graphs. In: Proceedings of 7th SIAM International Conference on Data Mining (2007)
Tsay, R.S., Peña, D., Pankratz, A.E.: Outliers in multivariate time series. Biometrika 87(4), 789–804 (2000)
Wu, L., Ying, X., Wu, X., Zhou, Z.H.: Line orthogonality in adjacency eigenspace with application to community partition. In: Proceedings of the 22nd International Joint Conference on Artificial Intelligence, pp. 2349–2354 (2011)
Wu, L., Wu, X., Lu, A., Zhou, Z.H.: A spectral approach to detecting subtle anomalies in graphs. J. Intell. Inf. Syst. 41(2), 313–337 (2013)
Ying, X., Wu, X.: On randomness measures for social networks. In: Proceedings of 9th SIAM International Conference on Data Mining (2009)
Ying, X., Wu, X., Barbará, D.: Spectrum based fraud detection in social networks. In: 2011 IEEE 27th International Conference on Data Engineering, pp. 912–923. IEEE (2011)
Zhang, K., Tsang, I.W., Kwok, J.T.: Improved nyström low-rank approximation and error analysis. In: Proceedings of the 25th International Conference on Machine Learning, pp. 1232–1239. ACM (2008)
Acknowledgments
This work was supported in part by NSF 1564250 and 1564039.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Li, Y., Lu, A., Wu, X., Yuan, S. (2019). Dynamic Anomaly Detection Using Vector Autoregressive Model. In: Yang, Q., Zhou, ZH., Gong, Z., Zhang, ML., Huang, SJ. (eds) Advances in Knowledge Discovery and Data Mining. PAKDD 2019. Lecture Notes in Computer Science(), vol 11439. Springer, Cham. https://doi.org/10.1007/978-3-030-16148-4_46
Download citation
DOI: https://doi.org/10.1007/978-3-030-16148-4_46
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-16147-7
Online ISBN: 978-3-030-16148-4
eBook Packages: Computer ScienceComputer Science (R0)