Add graph visualizations to anomaly detection

JohT · JohT · commit 7b83fdd5b704 · 2025-10-11T21:51:31.000+02:00
diff --git a/domains/anomaly-detection/graphs/TopHub.cypher b/domains/anomaly-detection/graphs/TopHub.cypher
@@ -0,0 +1,62 @@
+// Anomaly Detection Graphs: Find top nodes marked as "hub" including their incoming dependencies and output them in Graphviz format.
+
+// Step 1: Query overall statistics, e.g. min/max weight for later normalization
+ MATCH (sourceForStatistics)-[dependencyForStatistics:DEPENDS_ON]->(targetForStatistics)
+ WHERE $projection_node_label IN labels(sourceForStatistics)
+   AND $projection_node_label IN labels(targetForStatistics)
+  WITH min(coalesce(dependencyForStatistics.weight25PercentInterfaces, dependencyForStatistics.weight)) AS minWeight
+      ,max(coalesce(dependencyForStatistics.weight25PercentInterfaces, dependencyForStatistics.weight)) AS maxWeight
+// Step 2: Query direct dependencies to the target
+ MATCH (source)-[directDependency:DEPENDS_ON]->(target)
+ WHERE $projection_node_label IN labels(source)
+   AND $projection_node_label IN labels(target)
+   AND target.anomalyScore   > 0
+   AND target.anomalyHubRank = toInteger($projection_node_rank)
+ORDER BY directDependency.weight DESC
+  WITH minWeight
+      ,maxWeight
+      ,target
+      ,collect(source)[0..60]           AS sources
+      ,collect(directDependency)[0..60] AS directDependencies
+// Step 3: Query dependencies among sources
+UNWIND sources AS source1
+UNWIND sources AS source2
+MATCH (source1)-[indirectDependency:DEPENDS_ON]->(source2)
+  WITH minWeight
+      ,maxWeight
+      ,target
+      ,directDependencies
+      ,collect(indirectDependency) AS indirectDependencies
+  WITH *, directDependencies + indirectDependencies AS allDependencies
+// Step 4: Prepare results in GraphViz format for all dependencies
+UNWIND allDependencies AS dependency
+  WITH *, (endNode(dependency) = target)                                     AS isTargetEndNode
+  WITH *, CASE WHEN isTargetEndNode THEN endNode(dependency) ELSE null END   AS targetEndNodeOrNull
+  WITH *, CASE WHEN isTargetEndNode THEN null ELSE endNode(dependency) END   AS nonTargetEndNodeOrNull
+  WITH *, coalesce(dependency.weight25PercentInterfaces, dependency.weight)  AS weight
+  WITH *, toFloat(weight - minWeight) / toFloat(maxWeight - minWeight)       AS normalizedWeight
+  WITH *, round((normalizedWeight * 2) + 0.4, 1)                             AS penWidth
+  WITH *, coalesce(target.fqn, target.globalFqn, target.fileName, target.signature, target.name) AS targetName
+  WITH *, replace(replace(targetName, '.', '.\\n'), '/', '/\\n')             AS targetNameSplit
+  WITH *, "\\n(hub #" + targetEndNodeOrNull.anomalyHubRank + ")"             AS hubSubLabel
+  WITH *, "\"" + targetNameSplit + hubSubLabel + "\""                        AS hubLabel
+  WITH *, coalesce("\"hub\" [label=" + hubLabel+ ";]; ", "")                 AS hubNode         
+  WITH *, "\"" + startNode(dependency).name + "\""                           AS sourceNode
+  WITH *, coalesce("\"" + nonTargetEndNodeOrNull.name + "\"", "\"hub\"")     AS targetNode
+  WITH *, " -> " + targetNode 
+                 + " [label = "   + weight   + ";"
+                 + " penwidth = " + penWidth + ";"
+                 + " ];"                                                    AS graphVizDotNotationEdge
+  WITH *, hubNode + sourceNode + coalesce(graphVizDotNotationEdge, " [];")  AS graphVizDotNotationLine
+ ORDER BY target.anomalyHubRank DESC, target.name ASC
+RETURN DISTINCT graphVizDotNotationLine
+      //Debugging
+      //,startNode(dependency).name AS sourceName
+      //,endNode(dependency).name   AS targetName
+      //,hubNode
+      //,penWidth
+      //,normalizedWeight
+      //,dependency.weight          AS weight
+      //,minWeight
+      //,maxWeight
+LIMIT 100
diff --git a/domains/anomaly-detection/graphs/TopHub.template.gv b/domains/anomaly-detection/graphs/TopHub.template.gv
@@ -0,0 +1,23 @@
+// This is a GraphViz dot template file for the visualization of a anomaly archetype graph.
+// The main part of the template is marked by the comments "Begin-Template" and "End-Template".
+// It also contains a simple example graph.
+//
+strict digraph top_hub_template {
+    //Begin-Template
+    graph [layout = "fdp"; start = "7", fontname = "Helvetica,Arial,sans-serif";];
+    node [fontsize = 8;];
+    edge [fontsize = 4;];
+    node [style = "filled"; color = "0.58 0.75 0.75"; fillcolor = "0.58 0.15 0.99"; margin = "0.00001,0.00001";];
+    edge [color = "0.58 0.75 0.85"; arrowsize = "0.4";];
+    "hub" [shape = "doublecircle";];
+    "hub" [fontsize = 10;];
+    "hub" [color = "0.52 0.7 0.7"; fillcolor = "0.52 0.4 0.9"; penwidth = 3;];
+    "limit_hint" [color = "0.52 0.7 0.7"; fillcolor = "0.52 0.4 0.9";]
+    "limit_hint" [shape = "note"; penwidth = 2; fontsize = 10]
+    "limit_hint" [label = "limited to\n50 nodes...";]
+    "limit_hint" -> "hub" // Signals that the number of edges might have been limited
+    //End-Template
+    "A" -> "hub" [penwidth = 1.0; label = 1;];
+    "A" -> "B" [penwidth = 3.0; label = 4;];
+    "B" -> "hub" [penwidth = 2.0; label = 2;];
+}
diff --git a/domains/anomaly-detection/graphs/anomalyDetectionGraphVisualization.sh b/domains/anomaly-detection/graphs/anomalyDetectionGraphVisualization.sh
@@ -0,0 +1,90 @@
+#!/usr/bin/env bash
+
+# Executes selected anomaly detection Cypher queries for GraphViz visualization.
+# Visualizes top ranked anomaly archetypes.
+# Requires an already running Neo4j graph database with already scanned and analyzed artifacts.
+# The reports (csv, dot and svg files) will be written into the sub directory reports/anomaly-detection/{language}_{codeUnit}.
+
+# Requires executeQueryFunctions.sh, visualizeQueryResults.sh, cleanupAfterReportGeneration.sh
+
+# Fail on any error ("-e" = exit on first error, "-o pipefail" exist on errors within piped commands)
+set -o errexit -o pipefail
+
+# Overrideable Constants (defaults also defined in sub scripts)
+REPORTS_DIRECTORY=${REPORTS_DIRECTORY:-"reports"}
+
+## Get this "scripts/reports" directory if not already set
+# Even if $BASH_SOURCE is made for Bourne-like shells it is also supported by others and therefore here the preferred solution. 
+# CDPATH reduces the scope of the cd command to potentially prevent unintended directory changes.
+# This way non-standard tools like readlink aren't needed.
+ANOMALY_DETECTION_GRAPHS_DIR=${REPORTS_SCRIPT_DIR:-$( CDPATH=. cd -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd -P )}
+#echo "anomalyDetectionGraphVisualization: ANOMALY_DETECTION_GRAPHS_DIR=${ANOMALY_DETECTION_GRAPHS_DIR}"
+
+# Get the "scripts" directory by taking the path of this script and going one directory up.
+SCRIPTS_DIR=${SCRIPTS_DIR:-"${ANOMALY_DETECTION_GRAPHS_DIR}/../../../scripts"} # Repository directory containing the shell scripts
+# echo "anomalyDetectionGraphVisualization: SCRIPTS_DIR=${SCRIPTS_DIR}"
+
+# Get the "scripts/visualization" directory.
+VISUALIZATION_SCRIPTS_DIR=${VISUALIZATION_SCRIPTS_DIR:-"${SCRIPTS_DIR}/visualization"} # Repository directory containing the shell scripts for visualization
+# echo "anomalyDetectionGraphVisualization: VISUALIZATION_SCRIPTS_DIR=${VISUALIZATION_SCRIPTS_DIR}"
+
+# Define functions to execute cypher queries from within a given file
+source "${SCRIPTS_DIR}/executeQueryFunctions.sh"
+
+# Run queries, outputs their results in GraphViz format and create Graph visualizations.
+#
+# Required Parameters:
+# - projection_node_label=...
+#   Label of the nodes that will be used for the projection. Example: "Package"
+# - projection_language=...
+#   Name of the associated programming language. Examples: "Java", "Typescript"
+anomaly_detection_graph_visualization() {
+    local nodeLabel
+    nodeLabel=$( extractQueryParameter "projection_node_label" "${@}" )
+    
+    local language
+    language=$( extractQueryParameter "projection_language" "${@}" )
+    
+    echo "anomalyDetectionGraphVisualization: $(date +'%Y-%m-%dT%H:%M:%S%z') Creating ${language} ${nodeLabel} anomaly graph visualizations..."
+    
+    local report_name="TopHub"
+    local detail_report_directory_name="${language}_${nodeLabel}"
+    local detail_report_directory="${FULL_REPORT_DIRECTORY}/${detail_report_directory_name}/GraphVisualizations"
+
+    for index in {1..3}; do
+        echo "anomalyDetectionGraphVisualization: Generating ${report_name} ${index}..."
+        mkdir -p "${detail_report_directory}"
+        
+        local queryResultFile="${detail_report_directory}/${report_name}${index}.csv"
+        execute_cypher "${ANOMALY_DETECTION_GRAPHS_DIR}/${report_name}.cypher" "${@}" "projection_node_rank=${index}" > "${queryResultFile}" || true
+        
+        source "${SCRIPTS_DIR}/cleanupAfterReportGeneration.sh" "${detail_report_directory}" # Remove empty files
+
+        if [ -f "${queryResultFile}" ] ; then
+            source "${VISUALIZATION_SCRIPTS_DIR}/visualizeQueryResults.sh" "${queryResultFile}" --template "${ANOMALY_DETECTION_GRAPHS_DIR}/TopHub.template.gv"
+        else
+            break;
+        fi
+    done
+}
+
+
+# Create report directory
+REPORT_NAME="anomaly-detection"
+FULL_REPORT_DIRECTORY="${REPORTS_DIRECTORY}/${REPORT_NAME}"
+mkdir -p "${FULL_REPORT_DIRECTORY}"
+
+# Query Parameter key pairs for projection and algorithm side
+QUERY_NODE="projection_node_label"
+QUERY_LANGUAGE="projection_language"
+
+# -- Detail Reports for each code type -------------------------------
+
+anomaly_detection_graph_visualization "${QUERY_NODE}=Artifact" "${QUERY_LANGUAGE}=Java"
+anomaly_detection_graph_visualization "${QUERY_NODE}=Package" "${QUERY_LANGUAGE}=Java"
+anomaly_detection_graph_visualization "${QUERY_NODE}=Type" "${QUERY_LANGUAGE}=Java"
+anomaly_detection_graph_visualization "${QUERY_NODE}=Module" "${QUERY_LANGUAGE}=Typescript"
+
+# ---------------------------------------------------------------
+
+echo "anomalyDetectionGraphVisualization: $(date +'%Y-%m-%dT%H:%M:%S%z') Successfully finished."
diff --git a/scripts/visualization/convertQueryResultCsvToGraphVizDotFile.sh b/scripts/visualization/convertQueryResultCsvToGraphVizDotFile.sh
@@ -105,7 +105,10 @@ outputFilename="${inputFilePath}/${graphName}.gv"
   echo "strict digraph ${graphName} {"
   # Extract the template content from the template file and remove the begin and end markers
   sed -n '/\/\/Begin-Template/,/\/\/End-Template/{//!p;}' "${templateFile}"
-  # Remove the first (header) line of the CSV file, remove the enclosing double quotes and replace the escaped double quotes by double quotes
+  # Remove the first (header) line of the CSV file, 
+  # print the first column prefixed with a tab, 
+  # remove the enclosing double quotes and 
+  # replace the escaped double quotes by double quotes
   awk -F ',' 'NR>1 {print "\t" $1}' "${inputFilename}" \
     | sed 's/^\t\"\"\"/\t"/' \
     | sed 's/^\t\"\\\"\"/\t"/' \
diff --git a/scripts/visualization/visualizeQueryResults.sh b/scripts/visualization/visualizeQueryResults.sh
@@ -17,7 +17,7 @@ echo "visualizeQueryResults: VISUALIZATION_SCRIPTS_DIR=${VISUALIZATION_SCRIPTS_D
 # Read the first unnamed input argument containing the version of the project
 inputCsvFileName=""
 case "${1}" in
-  "--"*) ;; # Skipping named command line options to forward them later to the "analyze" command
+  "--"*) ;; # Skipping named command line options to forward them later to the "convertQueryResultCsvToGraphVizDotFile" command
   *) 
     inputCsvFileName="${1}" 
     shift || true
