When analysing multiple time series that may be subject to changepoints, it is sometimes possible to specify a priori, by means of a graph, which pairs of time series are likely to be impacted by simultaneous changepoints. This article proposes an informative prior for changepoints which encodes the information contained in the graph, inducing a changepoint model for multiple time series that borrows strength across clusters of connected time series to detect weak signals for synchronous changepoints. The graphical model for changepoints is further extended to allow dependence between nearby but not necessarily synchronous changepoints across neighbouring time series in the graph. A novel reversible jump Markov chain Monte Carlo (MCMC) algorithm making use of auxiliary variables is proposed to sample from the graphical changepoint model. The merit of the proposed approach is demonstrated through a changepoint analysis of computer network authentication logs from Los Alamos National Laboratory (LANL), demonstrating an improvement at detecting weak signals for network intrusions across users linked by network connectivity, whilst limiting the number of false alerts.

翻译：在分析可能受变点影响的多条时间序列时，有时可以通过图先验地指定哪些时间序列对可能同时受到变点的影响。本文提出了一种用于变点的信息先验，它编码了图中的信息，从而为多条时间序列构建了一个变点模型，该模型通过利用连接时间序列簇间的强度来检测同步变点的弱信号。该变点图模型进一步扩展，允许图中相邻时间序列之间距离较近但不一定同步的变点相互依赖。本文提出了一种新颖的、利用辅助变量的可逆跳跃马尔可夫链蒙特卡罗（MCMC）算法，用于从图变点模型中采样。通过对洛斯阿拉莫斯国家实验室（LANL）的计算机网络认证日志进行变点分析，展示了所提方法的优势，证明其在限制误报数量的同时，提高了对跨网络连通性连接用户间网络入侵弱信号的检测能力。