SignGAD: AI framework self-designs anomaly detection workflows

Graph anomaly detection—critical for fraud detection, network security, and system monitoring—has long relied on fixed pipelines that struggle to adapt across tasks and fail to incorporate explicit anomaly signals. In a new paper on arXiv, Tairan Huang and colleagues introduce SignGAD (Self-designing agentic workflows for few-shot graph anomaly detection), a paradigm shift from training a static detector to designing task-conditioned workflows. SignGAD leverages agentic workflows that automatically select the most suitable graph encoding strategies and detector designs for each specific anomaly detection task. The framework also introduces a guarded final refit strategy, which carefully calibrates when to accept workflow refinements, boosting reliability even with very few labeled examples.

Extensive experiments across several real-world graph datasets show that SignGAD achieves strong performance against state-of-the-art methods, demonstrating its effectiveness and adaptability. By enabling models to self-design detection workflows, SignGAD addresses the two key challenges of fixed pipelines and weak evidence—explicitly incorporating contextual and structural anomaly signals into the detection process. This work opens new avenues for building more flexible, evidence-rich anomaly detection systems that can quickly adapt to novel threats with minimal supervision.