Anomaly detection in the dynamics of web and social networks Volodymyr Miz, Benjamin Ricaud, Kirell Benzi, and Pierre Vandergheynst Ecole Polytechnique Fédérale de Lausanne Lausanne, Switzerland
[email protected] ABSTRACT 1 INTRODUCTION In this work, we propose a new, fast and scalable method for anom- In recent years, the Web has significantly affected the way people aly detection in large time-evolving graphs. It may be a static graph learn, interact in social groups, store and share information. Apart with dynamic node attributes (e.g. time-series), or a graph evolving from being an essential part of modern life, social networks, online in time, such as a temporal network. We define an anomaly asa services, and knowledge bases generate a massive amount of logs localized increase in temporal activity in a cluster of nodes. The containing traces of global online activity on the Web. Most of this algorithm is unsupervised. It is able to detect and track anoma- data is related to the standard activity of the users. However, the lous activity in a dynamic network despite the noise from multiple larger these logs become, the harder it is to detect deviations from interfering sources. normal behavior in the network. Localization of these anomalies be- We use the Hopfield network model of memory to combine the comes even more difficult because of the continuous expansion and graph and time information. We show that anomalies can be spotted dynamic nature of these networks. Hence, in recent years, anomaly with a good precision using a memory network. The presented detection has become an important field of research focusing on approach is scalable and we provide a distributed implementation this problem [8], [33].