Abstract
When analysing multiple time series that may be subject to changepoints, it is sometimes possible to specify a priori, by means of a graph, which pairs of time series are likely to be impacted by simultaneous changepoints. This article proposes an informative prior for changepoints which encodes the information contained in the graph, inducing a changepoint model for multiple time series that borrows strength across clusters of connected time series to detect weak signals for synchronous changepoints. The graphical model for changepoints is further extended to allow dependence between nearby but not necessarily synchronous changepoints across neighbouring time series in the graph. A novel reversible jump Markov chain Monte Carlo (MCMC) algorithm making use of auxiliary variables is proposed to sample from the graphical changepoint model. The merit of the proposed approach is demonstrated through a changepoint analysis of computer network authentication logs from Los Alamos National Laboratory (LANL), demonstrating an improvement at detecting weak signals for network intrusions across users linked by network connectivity, whilst limiting the number of false alerts.
Funding Statement
The authors acknowledge funding from EPSRC. Research presented in this article was supported by the Laboratory Directed Research and Development program of Los Alamos National Laboratory (New Mexico, USA) under project number 20180607ECR and Los Alamos National Laboratory.
Acknowledgments
The authors thank Niall Adams for stimulating discussions about this work.
Citation
Karl L. Hallgren. Nicholas A. Heard. Melissa J. M. Turcotte. "Changepoint Detection on a Graph of Time Series." Bayesian Anal. Advance Publication 1 - 28, 2023. https://doi.org/10.1214/23-BA1365
Information
