Novel metrics and LSH algorithms for unsupervised, real-time anomaly detection in multi-aspect data streams

Given a vast online stream of transactions in e-markets, how can we detect fraudulent traders and suspicious behaviors in an unsupervised manner? Can we detect them in constant time and memory? Fraud detection in e-markets is increasingly challenging due to the scale and complexity of multi-aspect d...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Engineering science and technology, an international journal Jg. 69; S. 102119
Hauptverfasser: Khodabandehlou, Samira, Hashemi Golpayegani, Alireza
Format: Journal Article
Sprache:Englisch
Veröffentlicht: Elsevier B.V 01.09.2025
Elsevier
Schlagworte:
Locality-sensitive hashing
Market manipulation detection
Multi-aspect data
Real-time anomaly detection
Stream mining
Unsupervised learning
Real-time anomaly detection
Stream mining
Market manipulation detection
Multi-aspect data
Locality-sensitive hashing
Unsupervised learning
ISSN:2215-0986, 2215-0986
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Given a vast online stream of transactions in e-markets, how can we detect fraudulent traders and suspicious behaviors in an unsupervised manner? Can we detect them in constant time and memory? Fraud detection in e-markets is increasingly challenging due to the scale and complexity of multi-aspect data streams. This study introduces SATrade, an unsupervised and scalable approach for real-time anomaly detection in big multi-aspect data streams. This approach proposes two novel Locality-Sensitive Hashing (LSH) functions: Gaussian projections to preserve numerical distances and collision-resistant linear hashing to prevent the increase in dimensionality of the categorical data. The main contributions include the Collusiveness metric, which detects group anomalies through statistical divergence analysis, and the RR-ISF, which prioritizes rare burst patterns. An exponential decay mechanism (λ) ensures adaptability to evolving fraud tactics without retraining, while PCA handles feature correlation. In extensive experiments on five real datasets, using both synthetic and real labels, SATrade achieved 99 % AUC, 93 % F-measure, and 0.2 ms/record latency, which is a significant improvement over the six baseline methods. The framework’s interpretability allows tracing anomalies to fraudulent behaviors like sudden order spikes. The constant memory consumption of 0.25 MB per record and linear scalability make SATrade suitable for high-frequency environments and online platforms.
ISSN:2215-0986
2215-0986
DOI:10.1016/j.jestch.2025.102119