Anomaly detection in dynamic graphs using MIDAS-R

Real world networks are dynamic in nature and are constantly changing.

Contributions of Midas:-

* Streaming approach
* Theoretical Gurantee
* Effectiveness

Microcluster based detector of anomalies in Edge streams (MIDAS) performs detections by considering the temporal nature of the networks and by considering micro-clusters instead of individual edges.

MIDAS considers Temporal nature

capturing the temporal characteristics

Static graphs do not capture the temporal relations.

MIDAS considers micro-clusters instead of individual edges

Detecting DDOS attack

Burst in activity

MIDAS monitors suddenly appearing bursts of activity sharing several nodes or edges that are close by in spatial locality

Theoretical guarantees on the false positive probability

MIDAS can give binary decisions upto a user defined threshold.

MIDAS handle space time complexity using Count-Min-Sketch (CMS)

References

• Towards data science blog post
• Github Repo
• Research Paper