A Survey of Graph-Based Deep Learning for Anomaly Detection in Distributed Systems

IF 8.9 2区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE IEEE Transactions on Knowledge and Data Engineering Pub Date : 2023-06-05 DOI:10.1109/TKDE.2023.3282898

Armin Danesh Pazho;Ghazal Alinezhad Noghre;Arnab A Purkayastha;Jagannadh Vempati;Otto Martin;Hamed Tabkhi

{"title":"A Survey of Graph-Based Deep Learning for Anomaly Detection in Distributed Systems","authors":"Armin Danesh Pazho;Ghazal Alinezhad Noghre;Arnab A Purkayastha;Jagannadh Vempati;Otto Martin;Hamed Tabkhi","doi":"10.1109/TKDE.2023.3282898","DOIUrl":null,"url":null,"abstract":"Anomaly detection is a crucial task in complex distributed systems. A thorough understanding of the requirements and challenges of anomaly detection is pivotal to the security of such systems, especially for real-world deployment. While there are many works and application domains that deal with this problem, few have attempted to provide an in-depth look at such systems. In this survey, we explore the potentials of graph-based algorithms to identify anomalies in distributed systems. These systems can be heterogeneous or homogeneous, which can result in distinct requirements. One of our objectives is to provide an in-depth look at graph-based approaches to conceptually analyze their capability to handle real-world challenges such as heterogeneity and dynamic structure. This study gives an overview of the State-of-the-Art (SotA) research articles in the field and compare and contrast their characteristics. To facilitate a more comprehensive understanding, we present three systems with varying abstractions as use cases. We examine the specific challenges involved in anomaly detection within such systems. Subsequently, we elucidate the efficacy of graphs in such systems and explicate their advantages. We then delve into the SotA methods and highlight their strength and weaknesses, pointing out the areas for possible improvements and future works.","PeriodicalId":13496,"journal":{"name":"IEEE Transactions on Knowledge and Data Engineering","volume":null,"pages":null},"PeriodicalIF":8.9000,"publicationDate":"2023-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Knowledge and Data Engineering","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10143711/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 1

Abstract

Anomaly detection is a crucial task in complex distributed systems. A thorough understanding of the requirements and challenges of anomaly detection is pivotal to the security of such systems, especially for real-world deployment. While there are many works and application domains that deal with this problem, few have attempted to provide an in-depth look at such systems. In this survey, we explore the potentials of graph-based algorithms to identify anomalies in distributed systems. These systems can be heterogeneous or homogeneous, which can result in distinct requirements. One of our objectives is to provide an in-depth look at graph-based approaches to conceptually analyze their capability to handle real-world challenges such as heterogeneity and dynamic structure. This study gives an overview of the State-of-the-Art (SotA) research articles in the field and compare and contrast their characteristics. To facilitate a more comprehensive understanding, we present three systems with varying abstractions as use cases. We examine the specific challenges involved in anomaly detection within such systems. Subsequently, we elucidate the efficacy of graphs in such systems and explicate their advantages. We then delve into the SotA methods and highlight their strength and weaknesses, pointing out the areas for possible improvements and future works.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

分布式系统中基于图的深度学习异常检测综述

异常检测是复杂分布式系统中的一项重要任务。全面了解异常检测的需求和挑战对于此类系统的安全至关重要，尤其是对于现实世界的部署。虽然有很多工作和应用领域都在处理这个问题，但很少有人试图深入研究这种系统。在这项调查中，我们探索了基于图的算法在识别分布式系统异常方面的潜力。这些系统可以是异构的，也可以是同质的，这可能导致不同的需求。我们的目标之一是深入研究基于图的方法，从概念上分析它们处理异构性和动态结构等现实世界挑战的能力。本研究概述了该领域的最新研究成果，并对其特点进行了比较和对比。为了便于更全面地理解，我们提出了三个具有不同抽象的系统作为用例。我们研究了此类系统中异常检测所涉及的具体挑战。随后，我们阐明了图在这种系统中的有效性，并说明了它们的优点。然后，我们深入研究了SotA方法，并强调了它们的优势和劣势，指出了可能改进的领域和未来的工作。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Transactions on Knowledge and Data Engineering 工程技术-工程：电子与电气

CiteScore

11.70

自引率

3.40%

发文量

515

审稿时长

6 months

期刊介绍： The IEEE Transactions on Knowledge and Data Engineering encompasses knowledge and data engineering aspects within computer science, artificial intelligence, electrical engineering, computer engineering, and related fields. It provides an interdisciplinary platform for disseminating new developments in knowledge and data engineering and explores the practicality of these concepts in both hardware and software. Specific areas covered include knowledge-based and expert systems, AI techniques for knowledge and data management, tools, and methodologies, distributed processing, real-time systems, architectures, data management practices, database design, query languages, security, fault tolerance, statistical databases, algorithms, performance evaluation, and applications.