SNAP Framework: Linked Prediction Based Anomaly Prevention With Suspicious Nodes on Social Network Graph

In previous studies, the focus has predominantly been on anomaly detection, with minimal attention given to anomaly prevention. However, anomaly prevention holds greater significance than anomaly detection. Preventing anomalous behavior before it occurs and identifying potential anomalies in advance to enable timely intervention is both challenging and crucial. In this study, a Suspicious Nodes Anomaly Prevention framework for anomaly prevention has been developed. First, a novel K-medoid based Salp Swarm Anomaly Detection method is proposed within the framework. This method reveals unclustered data by applying clustering and determines the boundaries of clusters using a nature-inspired algorithm that optimizes the threshold. Since threshold determination is an optimization problem, it aligns well with nature-inspired algorithms. Additionally, the Enron email dataset was selected as it is a real-world dataset with accessible content information. Initially, content and node features were extracted from the Enron email dataset. The proposed anomaly detection method was then applied separately to each of these features. Nodes identified as anomalous by one feature but normal by others were of particular interest. These nodes were labeled as suspicious nodes, and their connections were analyzed to detect potentially harmful email content. This framework fills a significant gap in the anomaly detection literature by contributing an unprecedented approach to anomaly prevention, offering early intervention capabilities in various sectors by identifying risks in advance. In this study, the proposed framework demonstrates high efficacy in detecting anomalies, achieving a True Positive Rate of 94% in node-based anomaly detection and 78% in content-based anomaly detection, indicating a robust capability for early intervention and risk identification.