RETRACTED ARTICLE: Discovering Graphical Visual Features for Abnormal Semantic Event Detection

Abstract

Intrusion detection systems play an important role in numerous industrial applications, such as network security and abnormal event detection. They effectively protect our critical computer systems or networks against the network attackers. Anomaly detection is an effective detection method, which can find patterns that do not meet a desired behavior. Mainstream anomaly detection system (ADS) typically depend on data mining techniques. That is, they recognize abnormal patterns and exceptions from a set of network data. Nevertheless, supervised or semi-supervised data mining techniques rely on data label information. This setup may be infeasible in real-world applications, especially when the network data is large-scale. To solve these problems, we propose a novel unsupervised and manifold-based feature selection algorithm, associated with a graph density search mechanism for detecting abnormal network behaviors. First, toward a succinct set of features to describe each network pattern, we realize that these pattern can be optimally described on manifold. Thus, a Laplacian score feature selection is developed to discover a set of descriptive features for each pattern, wherein the patterns’ locality relationships are well preserved. Second, based on the refined features, a graph clustering method for network anomaly detection is proposed, by incorporating the patterns’ distance and density properties simultaneously. Comprehensive experimental results show that our method can achieve higher detection accuracy as well as a significant efficiency improvement.