Abstract
In this work, we propose a new approach to detect anomalous graphs in a stream of directed and labeled heterogeneous edges. The stream consists of a sequence of edges derived from different graphs. Each of these dynamic graphs represents the evolution of a specific activity in a monitored system whose events are acquired in real-time. Our approach is based on graph clustering and uses a simple graph embedding based on substructures and graph edit distance. Our graph representation is flexible and updates incrementally the graph vectors as soon as a new edge arrives. This allows the detection of anomalies in real-time which is an important requirement for sensitive applications such as cyber-security. Our implementation results prove the effectiveness of our approach in terms of accuracy of detection and time processing.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
