Visual Analysis of Collective Anomalies Using Faceted High-Order Correlation Graphs
Successfully detecting, analyzing, and reasoning about collective anomalies is important for many real-life application domains (e.g., intrusion detection, fraud analysis, software security). The primary challenges to achieving this goal include the overwhelming number of low-risk events and their m...
| Veröffentlicht in: | IEEE transactions on visualization and computer graphics. - 1996. - 26(2020), 7 vom: 24. Juli, Seite 2517-2534 |
|---|---|
| 1. Verfasser: | |
| Weitere Verfasser: | , , , , , , , , |
| Format: | Online-Aufsatz |
| Sprache: | English |
| Veröffentlicht: |
2020
|
| Zugriff auf das übergeordnete Werk: | IEEE transactions on visualization and computer graphics |
| Schlagworte: | Journal Article |
| Zusammenfassung: | Successfully detecting, analyzing, and reasoning about collective anomalies is important for many real-life application domains (e.g., intrusion detection, fraud analysis, software security). The primary challenges to achieving this goal include the overwhelming number of low-risk events and their multimodal relationships, the diversity of collective anomalies by various data and anomaly types, and the difficulty in incorporating the domain knowledge of experts. In this paper, we propose the novel concept of the faceted High-Order Correlation Graph (HOCG). Compared with previous, low-order correlation graphs, HOCG achieves better user interactivity, computational scalability, and domain generality through synthesizing heterogeneous types of objects, their anomalies, and the multimodal relationships, all in a single graph. We design elaborate visual metaphors, interaction models, and the coordinated multiple view based interface to allow users to fully unleash the visual analytics power of the HOCG. We conduct case studies for three application domains and collect feedback from domain experts who apply our method to these scenarios. The results demonstrate the effectiveness of the HOCG in the overview of point anomalies, the detection of collective anomalies, and the reasoning process of root cause analyses |
|---|---|
| Beschreibung: | Date Revised 01.06.2020 published: Print-Electronic Citation Status PubMed-not-MEDLINE |
| ISSN: | 1941-0506 |
| DOI: | 10.1109/TVCG.2018.2889470 |