Approximations for Distributions of Scan Statistics

Naus, Joseph

doi:10.1080/01621459.1982.10477783

Cited by 166 publications

(78 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Systematic search of significant temporal aggregation was studied using the Scan test operating on data from 12 counties, for the whole population or two specific age groups (under 40 years and 40 and over), with a one month or three month forwarding moving window. '5 16 Seasonal differences in incidence were studied for specific age groups and the general population from RRs obtained by comparing monthly incidence with incidence Age adjusted 1988 1989 1990 1991 1992 1993 All incidence 21 30 30 30 45 36 514 1-95 6 2 5 5 3 10 108 2-57 5 3 3 4 4 4 59 1-34 7 7 9 6 5 4 94 1-79 7 2 8 1 7 5 71 1-78 3 3 4 4 4 3 Age adjusted incidence rates for 24 counties and six healthcare regions'8 were calculated using the whole data base. The RRs for Guillain-Barre syndrome in counties and healthcare regions during the study period were obtained using a log linear model controlling for calendar year, age and sex, and taking as a reference the Stockholm County and Stockholm Region respectively.…”

Section: Incidencementioning

confidence: 99%

Epidemiological features of Guillain-Barre syndrome in Sweden, 1978-93.

Jiang

Cheng²,

Link³

et al. 1997

Journal of Neurology, Neurosurgery & Psychiatry

View full text Add to dashboard Cite

show abstract

Section: Incidencementioning

confidence: 99%

Epidemiological features of Guillain-Barre syndrome in Sweden, 1978-93.

Jiang

Cheng²,

Link³

et al. 1997

Journal of Neurology, Neurosurgery & Psychiatry

View full text Add to dashboard Cite

show abstract

“…To accomplish this goal, we have developed a method based on scan statistics to examine each of these shapes in the graph over sliding windows of time. Scan statistics have been widely used to detect local clusters of events (Naus, 1982;Loader, 1991; Kulldorff, 1997;Glaz et al, 2001). The idea is to slide a window over a period of time and/or space, calculating a local deviation statistic.…”

Section: Related Workmentioning

confidence: 99%

Statistical Detection of Intruders Within Computer Networks Using Scan Statistics

Neil

Storlie²,

Hash

et al. 2014

Data Analysis for Network Cyber-Security

View full text Add to dashboard Cite

We introduce a computationally scalable method for detecting small anomalous subgraphs in large, time-dependent graphs. This work is motivated by, and validated against, the challenge of identifying intruders operating inside enterprise-sized computer networks with 500 million communication events per day. Every observed edge (time series of communications between each pair of computers on the network) is modeled using observed and hidden Markov models to establish baselines of behavior for purposes of anomaly detection. These models capture the bursty, often human-caused, behavior that dominates a large subset of the edges. Individual edge anomalies are common, but the network intrusions we seek to identify always involve coincident anomalies on multiple adjacent edges. We show empirically that adjacent edges are primarily independent and that the likelihood of a subgraph of multiple coincident edges can be evaluated using only models of individual edges. We define a new scan statistic in which subgraphs of specific sizes and shapes (out-stars and 3-paths) are tested. We show that identifying these building-block shapes is sufficient to correctly identify anomalies of various shapes with acceptable false discovery rates in both simulated and real-world examples. IntroductionIn this chapter, we consider the problem of detecting locally anomalous activity in a set of time-dependent data having an underlying graph structure. While the method proposed can be applied to a general setting in which data is extracted from a graph over time, and in which anomalies occur in connected subgraphs, we will focus exclusively on the detection of attacks within a large computer network. Specifically, we are interested in detecting those attacks that create connected subgraphs within which the communications have deviated from historic behavior in some window of time. 71Data Analysis for Network Cyber-Security Downloaded from www.worldscientific.com by NANYANG TECHNOLOGICAL UNIVERSITY on 10/01/15. For personal use only.

show abstract

“…(For recent generalizations, see Karlin 1988.) More recent distributional studies of scan statistics concentrate largely on computationally tractable bounds and approximations (e.g., Glaz 1989;Naus 1982;Wallerstein and Neff 1987 Kohara et al (1987) established the first physical map of the E. coli genome. Their experimentation involved partial digestion of DNA using eight different six-cutters (see Section 3).…”

Section: Applicationmentioning

confidence: 99%

Some Statistical Problems in the Assessment of Inhomogeneities of DNA Sequence Data

Karlin

Macken

1991

Journal of the American Statistical Association

View full text Add to dashboard Cite

The fields of molecular genetics and medicine are accumulating DNA and protein sequence data at an accelerating rate. Discovering and interpreting sequence patterns can contribute to understanding molecular mechanisms and evolutionary processes. This article considers two types of statistical problems in these contexts: (1) identifying anomalies in the distribution of a specified biochemical marker along a DNA string; in particular, new statistical methods are set forth by which to assess excessive clustering, over dispersion, and too much regularity of the marker along the sequence. Applications are given to the physical map data of the bacterium Escherichia coli.(2) Some results and statistical problems on the assembly of cloned DNA segments are also described. Sections 2 and 3 of the article present helpful background material on DNA organization and inheritance.

show abstract

Approximations for Distributions of Scan Statistics

Cited by 166 publications

References 17 publications

Epidemiological features of Guillain-Barre syndrome in Sweden, 1978-93.

Epidemiological features of Guillain-Barre syndrome in Sweden, 1978-93.

Statistical Detection of Intruders Within Computer Networks Using Scan Statistics

Some Statistical Problems in the Assessment of Inhomogeneities of DNA Sequence Data

Contact Info

Product

Resources

About