Improve robustness of few-shot cross-domain graph anomaly detection via scenario statistics pseudo-labeling
摘要
Cross-domain graph anomaly detection (CD-GAD) is a critical problem in information-sensitive domains, such as cybersecurity, finance, and healthcare, where obtaining labeled anomalies in the target domain is often impractical. Existing methods primarily rely on attribute similarities across domains. They tend to overlook structural information, which is often more transferable and robust under distribution shift. To address this limitation, we propose Scenario Statistics Pseudo-Labeling (SSPL)—a novel and attachable framework that introduces a structure-aware approach to pseudo-labeling in CD-GAD. Unlike prior work, SSPL fully exploits structural similarities between source and target graphs to generate high-quality pseudo labels without requiring any additional supervision. Specifically, SSPL consists of four key stages: a pseudo-labeling ratio calculator to estimate the anomaly-normal ratio in the target domain; a scenario generator to create diverse detection settings; a structure-guided pseudo labeler to assign consistent labels based on feature embeddings; and a progressive mix-up strategy to align feature spaces during test-time training. This design enables SSPL interpretable, reproducible, and robust to handle domain shifts. Extensive experiments on nine real-world datasets and seven graph anomaly detection models demonstrate that SSPL significantly improves detection accuracy, stability, and generalizability across domains.