Back to Search
Start Over
Anomaly Detection in Large-Scale Networks With Latent Space Models.
- Source :
-
Technometrics . May2022, Vol. 64 Issue 2, p241-252. 12p. - Publication Year :
- 2022
-
Abstract
- We develop a real-time anomaly detection method for directed activity on large, sparse networks. We model the propensity for future activity using a dynamic logistic model with interaction terms for sender- and receiver-specific latent factors in addition to sender- and receiver-specific popularity scores; deviations from this underlying model constitute potential anomalies. Latent nodal attributes are estimated via a variational Bayesian approach and may change over time, representing natural shifts in network activity. Estimation is augmented with a case-control approximation to take advantage of the sparsity of the network and reduces computational complexity from O (N 2) to O(E), where N is the number of nodes and E is the number of observed edges. We run our algorithm on network event records collected from an enterprise network of over 25,000 computers and are able to identify a red team attack with half the detection rate required of the model without latent interaction terms. [ABSTRACT FROM AUTHOR]
Details
- Language :
- English
- ISSN :
- 00401706
- Volume :
- 64
- Issue :
- 2
- Database :
- Academic Search Index
- Journal :
- Technometrics
- Publication Type :
- Academic Journal
- Accession number :
- 156475982
- Full Text :
- https://doi.org/10.1080/00401706.2021.1952900