A comprehensive survey of anomaly detection in banking, wireless sensor networks, social networks, and healthcare

Collusive anomalies detection based on collaborative markov random field

Abnormal collusive behavior, widely existing in various fields with concealment and synergy, is particularly harmful in user-generated online reviews and hard to detect by traditional methods. With the development of network science, this problem can be solved by analyzing structure features. As a graph-based anomaly detection method, the Markov random field (MRF)-based model has been widely used to identify the collusive anomalies and shown its effectiveness. However, existing methods are mostly unable to highlight the primary synergy relationship among nodes and consider much irrelevant information, which caused poor detectability. Therefore, this paper proposes a novel MRF-based method (ACEagle), considering node-level and community-level behavior features. Our method has several advantages: (1) based on the analysis of the nodes’ local structure, the community-level behavioral features are combined to calculate the nodes’ prior probability to close the ground truth, (2) it measured the behavior’s collaborative intensity between nodes by time and weight, constructing MRF by the synergic relationship exceeding the threshold to filter irrelevant structural information, (3) it operates in a completely unsupervised fashion requiring no labeled data, while still incorporating side information if available. Through experiments in user-reviewed datasets where abnormal collusive behavior is most typical, the results show that ACEagle is significantly outperforming state-of-the-art baselines in collusive anomalies detection.

Graph Learning for Anomaly Analytics: Algorithms, Applications, and Challenges

Anomaly analytics is a popular and vital task in various research contexts, which has been studied for several decades. At the same time, deep learning has shown its capacity in solving many graph-based tasks like, node classification, link prediction, and graph classification. Recently, many studies are extending graph learning models for solving anomaly analytics problems, resulting in beneficial advances in graph-based anomaly analytics techniques. In this survey, we provide a comprehensive overview of graph learning methods for anomaly analytics tasks. We classify them into four categories based on their model architectures, namely graph convolutional network (GCN), graph attention network (GAT), graph autoencoder (GAE), and other graph learning models. The differences between these methods are also compared in a systematic manner. Furthermore, we outline several graph-based anomaly analytics applications across various domains in the real world. Finally, we discuss five potential future research directions in this rapidly growing field.

Anomaly Detection Framework for Wearables Data: A Perspective Review on Data Concepts, Data Analysis Algorithms and Prospects

Wearable devices use sensors to evaluate physiological parameters, such as the heart rate, pulse rate, number of steps taken, body fat and diet. The continuous monitoring of physiological parameters offers a potential solution to assess personal healthcare. Identifying outliers or anomalies in heart rates and other features can help identify patterns that can play a significant role in understanding the underlying cause of disease states. Since anomalies are present within the vast amount of data generated by wearable device sensors, identifying anomalies requires accurate automated techniques. Given the clinical significance of anomalies and their impact on diagnosis and treatment, a wide range of detection methods have been proposed to detect anomalies. Much of what is reported herein is based on previously published literature. Clinical studies employing wearable devices are also increasing. In this article, we review the nature of the wearables-associated data and the downstream processing methods for detecting anomalies. In addition, we also review supervised and un-supervised techniques as well as semi-supervised methods that overcome the challenges of missing and un-annotated healthcare data.

Intrusion detection system using a new fuzzy rule-based classification system based on genetic algorithm

Intrusion can compromise the integrity, confidentiality, or availability of a computer system. Intrusion Detection System (IDS) is a type of security software designed to monitor network traffic and identify network intrusions. In this paper, A Fuzzy Rule – Based classification system is used to detect intrusion in a computer network. In order to improve the classification rate, a new method is proposed based on Genetic Algorithm (GA) for rule weights specification. The proposed method is tested on KDD99 dataset. Experimental results show the proposed method improves the performance of the fuzzy rule-based classification systems in terms of detection rate and false alarm rate.