Learning Resources

Anomaly detection is the process of identifying data points, events, or observations that deviate significantly from the dataset's normal behavior. These deviations, often called anomalies, outliers, or exceptions, can indicate critical incidents such as:

• Bank fraud
• Structural defects
• Medical problems
• Network intrusions
• Text errors

Anomaly detection is widely used across various domains including cybersecurity, finance, manufacturing, healthcare, and more. The goal is to find patterns in data that do not conform to expected behavior.

Point Anomalies

Individual data points that are far away from the rest of the data. For example, a transaction with an unusually large amount compared to a person's typical spending pattern.

Contextual Anomalies

Data points that are anomalous in a specific context but not otherwise. For example, a temperature of 35°C might be normal in summer but anomalous in winter.

Collective Anomalies

A collection of related data points that is anomalous with respect to the entire dataset, though the individual data points may not be anomalies. For example, a sequence of actions that indicates a network attack.

Supervised Anomaly Detection

Requires labeled data for both normal and anomalous instances. The algorithm learns to classify new data points as normal or anomalous.

Semi-supervised Anomaly Detection

Trains on normal data only and identifies instances that deviate from the learned normal patterns.

Unsupervised Anomaly Detection

Does not require labeled data and assumes that the majority of instances are normal. It identifies instances that are far from the majority.