Abstract image of a woman sitting on books and studying on a laptop

Anomaly detection

Download as PPTX, PDF
D
Dr. Stylianos Kampakis

Anomaly detection, also known as outlier detection, identifies items or events that deviate from expected patterns and is applicable in various domains like intrusion detection, fraud detection, and system health monitoring. Anomalies are classified into point, contextual, and collective anomalies, each with unique characteristics and applications. Various techniques for detecting anomalies range from distance-based methods to support vector machines and neural networks.

Data & Analytics
Related topics:
Data Science InsightsData Analytics InsightsAnomaly Detection
1 of 16
Downloaded 26 times
1
2
3
Most read
4
5
6
7
8
9
Most read
10
11
12
13
14
Most read
15
16
Anomaly detection
Anomaly Detection Anomaly detection (also known as outlier detection) is the search for items or events which do not conform to an expected pattern. ◦ This is domain specific ◦ E.g. intrusion detection, spikes 2
Anomaly detection •Anomaly detection is applicable in a variety of domains, • intrusion detection, fraud detection, fault detection, system health monitoring, event detection in sensor networks, and detecting Eco-system disturbances. It is often used in preprocessing to remove anomalous data from the dataset. In supervised learning, removing the anomalous data from the dataset often results in a statistically significant increase in accuracy. 3
Types of anomalies Anomalies can be classified into following three categories: 1. Point anomalies 2. Contextual anomalies 3. Collective anomalies 4
Point anomalies •If an individual data instance can be considered as anomalous with respect to the rest of data, then the instance is termed as a point anomaly. •This is the simplest type of anomaly and is the focus of majority of research on anomaly detection. Credit card fraud detection. ◦ Data set: an individual’s credit card transactions. ◦ A transaction for which the amount spent is very high compared to the normal range of expenditure for that person will be a point anomaly. 5
Point anomalies 6
Contextual anomalies •The contextual attributes are used to determine the context (or neighborhood) for that instance. •For example, in spatial data sets, the longitude and latitude of a location are the contextual attributes. In time series data, time is a contextual attribute which determines the position of an instance on the entire sequence. Network intrusion detection and social media volume ◦ the interesting objects are often not rare objects, but unexpected bursts in activity. 7
Contextual anomaly example 8
Collective anomalies If a collection of related data instances is anomalous with respect to the entire data set, it is termed as a collective anomaly. The individual data instances in a collective anomaly may not be anomalies by themselves, but their occurrence together as a collection is anomalous. They have two variations. ◦ Events in unexpected order ( ordered. e.g. breaking rhythm in ECG) ◦ Unexpected value combinations ( unordered. e.g. buying large number of expensive items) 9
Anomaly detection techniques Many techniques have been proposed. Some indicative are: ◦ Distance based techniques (k-nearest neighbour, local outlier factor) ◦ One class support vector machines. ◦ Replicator neural networks. ◦ Cluster analysis based outlier detection. ◦ Pointing at records that deviate from learned association rules. 10
Anomaly detection in time series Twitter Anomaly Detection package ◦ https://github.com/twitter/AnomalyDetection 11
Seasonal Hybrid ESD Builds upon the Generalized ESD test for detecting anomalies Generalized extreme Studentized Deviate test (Rosner 1983) Given the upper bound, r, the generalized ESD test essentially performs r separate tests: a test for one outlier, a test for two outliers, and so on up to r outliers. Hypothesis test ◦ Null: There are no outliers in the data set ◦ Alternative: There are up to r outliers in the data set Seasonal ESD applies time series decomposition to remove seasonal component 12
Twitter anomaly detection algorithm Extends original by using robust statistics (median, median absolute deviation) Parameters ◦ Max number of anomalies: expressed as a percentage ◦ Direction: positive – negative – both ◦ Alpha: significance level ◦ Period: Main period of observations (e.g. 24 hours, or 7 days) 13
Applications of anomaly detection Cybersecurity ◦ Intrusion detection Fraud detection Social media monitoring Medical monitoring 14
Learn more Tesseract Academy ◦ http://tesseract.academy ◦ https://www.youtube.com/watch?v=XEM2bYYxkTU ◦ Data science, big data and blockchain for executives and managers. The Data scientist ◦ Personal blog ◦ Covers data science, analytics, blockchain, tokenomics and many more subjects ◦ http://thedatascientist.com
16

More Related Content

PDF
Anomaly detection
Hitesh Mohapatra
 
PPTX
Anomaly Detection - Real World Scenarios, Approaches and Live Implementation
Impetus Technologies
 
PDF
An Introduction to Anomaly Detection
Kenneth Graham
 
PDF
Anomaly detection (Unsupervised Learning) in Machine Learning
Kuppusamy P
 
PDF
Anomaly detection Workshop slides
QuantUniversity
 
PPTX
Anomaly Detection Technique
Chakrit Phain
 
PPTX
Anomaly detection with machine learning at scale
Impetus Technologies
 
PDF
Anomaly Detection: A Survey
Konkuk University, Korea
 
Anomaly detection
Hitesh Mohapatra
 
Anomaly Detection - Real World Scenarios, Approaches and Live Implementation
Impetus Technologies
 
An Introduction to Anomaly Detection
Kenneth Graham
 
Anomaly detection (Unsupervised Learning) in Machine Learning
Kuppusamy P
 
Anomaly detection Workshop slides
QuantUniversity
 
Anomaly Detection Technique
Chakrit Phain
 
Anomaly detection with machine learning at scale
Impetus Technologies
 
Anomaly Detection: A Survey
Konkuk University, Korea
 

What's hot (20)

PDF
Unsupervised Anomaly Detection with Isolation Forest - Elena Sharova
PyData
 
PDF
Anomaly detection
QuantUniversity
 
PDF
Anomaly Detection
Carol Hargreaves
 
PPTX
Anomaly Detection and Spark Implementation - Meetup Presentation.pptx
Impetus Technologies
 
PDF
Anomaly Detection using Deep Auto-Encoders
Gianmario Spacagna
 
PPTX
Supervised and Unsupervised Learning In Machine Learning | Machine Learning T...
Simplilearn
 
PDF
Classification
CloudxLab
 
PPTX
Anomaly Detection
guest0edcaf
 
PPTX
Outlier analysis and anomaly detection
ShantanuDeosthale
 
PPTX
Anomaly Detection for Real-World Systems
Manojit Nandi
 
PDF
Isolation Forest
Konkuk University, Korea
 
PDF
Anomaly Detection in Seasonal Time Series
Humberto Marchezi
 
PDF
K - Nearest neighbor ( KNN )
Mohammad Junaid Khan
 
PPTX
K-Folds Cross Validation Method
SHUBHAM GUPTA
 
PDF
Support Vector Machines for Classification
Prakash Pimpale
 
PPTX
Intrusion Detection with Neural Networks
antoniomorancardenas
 
PDF
Supervised and Unsupervised Machine Learning
Spotle.ai
 
PPTX
Machine learning and types
Padma Metta
 
PDF
Feature Engineering in Machine Learning
Knoldus Inc.
 
PDF
Support Vector Machines ( SVM )
Mohammad Junaid Khan
 
Unsupervised Anomaly Detection with Isolation Forest - Elena Sharova
PyData
 
Anomaly detection
QuantUniversity
 
Anomaly Detection
Carol Hargreaves
 
Anomaly Detection and Spark Implementation - Meetup Presentation.pptx
Impetus Technologies
 
Anomaly Detection using Deep Auto-Encoders
Gianmario Spacagna
 
Supervised and Unsupervised Learning In Machine Learning | Machine Learning T...
Simplilearn
 
Classification
CloudxLab
 
Anomaly Detection
guest0edcaf
 
Outlier analysis and anomaly detection
ShantanuDeosthale
 
Anomaly Detection for Real-World Systems
Manojit Nandi
 
Isolation Forest
Konkuk University, Korea
 
Anomaly Detection in Seasonal Time Series
Humberto Marchezi
 
K - Nearest neighbor ( KNN )
Mohammad Junaid Khan
 
K-Folds Cross Validation Method
SHUBHAM GUPTA
 
Support Vector Machines for Classification
Prakash Pimpale
 
Intrusion Detection with Neural Networks
antoniomorancardenas
 
Supervised and Unsupervised Machine Learning
Spotle.ai
 
Machine learning and types
Padma Metta
 
Feature Engineering in Machine Learning
Knoldus Inc.
 
Support Vector Machines ( SVM )
Mohammad Junaid Khan
 
Ad

Similar to Anomaly detection (20)

PDF
Term_Paper_Shengzhe_Wang
Shengzhe Wang
 
PDF
AI in anomaly detection - An Overview.pdf
StephenAmell4
 
PDF
Outlier analysis for Temporal Datasets
QuantUniversity
 
PDF
anomalydetection-191104083630.pdf
hanadi40
 
PDF
AI in anomaly detection.pdf
StephenAmell4
 
PDF
Pattern recognition at scale anomaly detection in banking on stream data
NUS-ISS
 
PPTX
Here is the anomalow-down!
CSIRO
 
PDF
Annommaly detection techniques and approaches
Jay Sahoo
 
PPTX
Time Series Anomaly Detection with .net and Azure
Marco Parenzan
 
PPTX
Chapter 10 Anomaly Detection
Khalid Elshafie
 
PDF
How to build an AI-based anomaly detection system for fraud prevention.pdf
ChristopherTHyatt
 
PPTX
AI-Powered-Anomaly-Detection-in-Time-Series-Data.pptx
d2023nagdevaryan
 
PPTX
AI-Powered-Anomaly-Detection-in-Time-Series-Data.pptx
d2023nagdevaryan
 
PDF
A_review_on_outlier_detection_in_time_series_data__BCAM_1.pdf.pdf
TadiyosHailemichael
 
PPTX
Time Series Anomaly Detection with .net and Azure
Marco Parenzan
 
PPTX
Anomalies and events keep us on our toes
CSIRO
 
PDF
Anomly and fraud detection using AI - Artivatic.ai
Artivatic.ai
 
PDF
Fraud detection- Retail, Banking, Finance & FMCG
Artivatic.ai
 
PDF
leewayhertz.com-How to build an AI-based anomaly detection system for fraud p...
alexjohnson7307
 
PDF
Chapter 6.pdf
DrGnaneswariG
 
Term_Paper_Shengzhe_Wang
Shengzhe Wang
 
AI in anomaly detection - An Overview.pdf
StephenAmell4
 
Outlier analysis for Temporal Datasets
QuantUniversity
 
anomalydetection-191104083630.pdf
hanadi40
 
AI in anomaly detection.pdf
StephenAmell4
 
Pattern recognition at scale anomaly detection in banking on stream data
NUS-ISS
 
Here is the anomalow-down!
CSIRO
 
Annommaly detection techniques and approaches
Jay Sahoo
 
Time Series Anomaly Detection with .net and Azure
Marco Parenzan
 
Chapter 10 Anomaly Detection
Khalid Elshafie
 
How to build an AI-based anomaly detection system for fraud prevention.pdf
ChristopherTHyatt
 
AI-Powered-Anomaly-Detection-in-Time-Series-Data.pptx
d2023nagdevaryan
 
AI-Powered-Anomaly-Detection-in-Time-Series-Data.pptx
d2023nagdevaryan
 
A_review_on_outlier_detection_in_time_series_data__BCAM_1.pdf.pdf
TadiyosHailemichael
 
Time Series Anomaly Detection with .net and Azure
Marco Parenzan
 
Anomalies and events keep us on our toes
CSIRO
 
Anomly and fraud detection using AI - Artivatic.ai
Artivatic.ai
 
Fraud detection- Retail, Banking, Finance & FMCG
Artivatic.ai
 
leewayhertz.com-How to build an AI-based anomaly detection system for fraud p...
alexjohnson7307
 
Chapter 6.pdf
DrGnaneswariG
 
Ad

More from Dr. Stylianos Kampakis (8)

PPTX
VR in manufacturing
Dr. Stylianos Kampakis
 
PPTX
Autonomous shipping
Dr. Stylianos Kampakis
 
PPTX
What is ml
Dr. Stylianos Kampakis
 
PPTX
Agent based modelling
Dr. Stylianos Kampakis
 
PPTX
What is statistics
Dr. Stylianos Kampakis
 
PPTX
Optimisation vs prediction
Dr. Stylianos Kampakis
 
PPTX
Tokenomics
Dr. Stylianos Kampakis
 
PPTX
Understanding deep learning
Dr. Stylianos Kampakis
 
VR in manufacturing
Dr. Stylianos Kampakis
 
Autonomous shipping
Dr. Stylianos Kampakis
 
What is ml
Dr. Stylianos Kampakis
 
Agent based modelling
Dr. Stylianos Kampakis
 
What is statistics
Dr. Stylianos Kampakis
 
Optimisation vs prediction
Dr. Stylianos Kampakis
 
Tokenomics
Dr. Stylianos Kampakis
 
Understanding deep learning
Dr. Stylianos Kampakis
 

Recently uploaded (20)

PPTX
SET 1 Compulsory MNH machine learning intro
RahikAhmed
 
PPTX
chuitkarjhanbijunsdivndsijvndiucbhsaxnmzsicvjsd
siddi1404
 
PPTX
IMPACT OF LANDSLIDE.....................
shinjanmandal111
 
PPT
statistics analysis - topic 3 - describing data visually
NguynNgcBchTrm8
 
PDF
CS3352FOUNDATION OF DATA SCIENCE _1_MAterial.pdf
mohanapriya462996
 
PPT
PROJECT CYCLE MANAGEMENT FRAMEWORK (PCM).ppt
GebrelibanosYowhans
 
PPTX
Copy of 16 Timeline & Flowchart Templates – HubSpot.pptx
ahsonbashir
 
PPT
Image processing and pattern recognition 2.ppt
anwarfadel430
 
PPTX
machinelearningoverview-250809184828-927201d2.pptx
AnujChetry
 
PDF
ahaaaa shbzjs yaiw jsvssv bdjsjss shsusus s
elisafebrianipasarib1
 
PPTX
Business_Capability_Map_Collection__pptx
anandazad4
 
PPTX
Statisticsccdxghbbnhhbvvvvvvvvvv. Dxcvvvhhbdzvbsdvvbbvv ccc
DibyenduRoy49
 
PPTX
Hushh Hackathon for IIT Bombay: Create your very own Agents
adil643655
 
PPTX
Tapan_20220802057_Researchinternship_final_stage.pptx
MrSantoshChavan
 
PPTX
DS-40-Pre-Engagement and Kickoff deck - v8.0.pptx
GuillermoIgnacioAlva
 
PPTX
DATA MODELING, data model concepts, types of data concepts
Shiwangi sharma
 
PPTX
Crypto_Trading_Beginners.pptxxxxxxxxxxxxxx
bbahu5761
 
PDF
A biomechanical Functional analysis of the masitary muscles in man
AnkitNayak56
 
PPT
expt-design-lecture-12 hghhgfggjhjd (1).ppt
n02428295w
 
PPTX
PPT for Diseases.pptx, there are 3 types of diseases
salilbansal7
 
SET 1 Compulsory MNH machine learning intro
RahikAhmed
 
chuitkarjhanbijunsdivndsijvndiucbhsaxnmzsicvjsd
siddi1404
 
IMPACT OF LANDSLIDE.....................
shinjanmandal111
 
statistics analysis - topic 3 - describing data visually
NguynNgcBchTrm8
 
CS3352FOUNDATION OF DATA SCIENCE _1_MAterial.pdf
mohanapriya462996
 
PROJECT CYCLE MANAGEMENT FRAMEWORK (PCM).ppt
GebrelibanosYowhans
 
Copy of 16 Timeline & Flowchart Templates – HubSpot.pptx
ahsonbashir
 
Image processing and pattern recognition 2.ppt
anwarfadel430
 
machinelearningoverview-250809184828-927201d2.pptx
AnujChetry
 
ahaaaa shbzjs yaiw jsvssv bdjsjss shsusus s
elisafebrianipasarib1
 
Business_Capability_Map_Collection__pptx
anandazad4
 
Statisticsccdxghbbnhhbvvvvvvvvvv. Dxcvvvhhbdzvbsdvvbbvv ccc
DibyenduRoy49
 
Hushh Hackathon for IIT Bombay: Create your very own Agents
adil643655
 
Tapan_20220802057_Researchinternship_final_stage.pptx
MrSantoshChavan
 
DS-40-Pre-Engagement and Kickoff deck - v8.0.pptx
GuillermoIgnacioAlva
 
DATA MODELING, data model concepts, types of data concepts
Shiwangi sharma
 
Crypto_Trading_Beginners.pptxxxxxxxxxxxxxx
bbahu5761
 
A biomechanical Functional analysis of the masitary muscles in man
AnkitNayak56
 
expt-design-lecture-12 hghhgfggjhjd (1).ppt
n02428295w
 
PPT for Diseases.pptx, there are 3 types of diseases
salilbansal7
 

Anomaly detection

  • 2. Anomaly Detection Anomaly detection (also known as outlier detection) is the search for items or events which do not conform to an expected pattern. ◦ This is domain specific ◦ E.g. intrusion detection, spikes 2
  • 3. Anomaly detection •Anomaly detection is applicable in a variety of domains, • intrusion detection, fraud detection, fault detection, system health monitoring, event detection in sensor networks, and detecting Eco-system disturbances. It is often used in preprocessing to remove anomalous data from the dataset. In supervised learning, removing the anomalous data from the dataset often results in a statistically significant increase in accuracy. 3
  • 4. Types of anomalies Anomalies can be classified into following three categories: 1. Point anomalies 2. Contextual anomalies 3. Collective anomalies 4
  • 5. Point anomalies •If an individual data instance can be considered as anomalous with respect to the rest of data, then the instance is termed as a point anomaly. •This is the simplest type of anomaly and is the focus of majority of research on anomaly detection. Credit card fraud detection. ◦ Data set: an individual’s credit card transactions. ◦ A transaction for which the amount spent is very high compared to the normal range of expenditure for that person will be a point anomaly. 5
  • 7. Contextual anomalies •The contextual attributes are used to determine the context (or neighborhood) for that instance. •For example, in spatial data sets, the longitude and latitude of a location are the contextual attributes. In time series data, time is a contextual attribute which determines the position of an instance on the entire sequence. Network intrusion detection and social media volume ◦ the interesting objects are often not rare objects, but unexpected bursts in activity. 7
  • 9. Collective anomalies If a collection of related data instances is anomalous with respect to the entire data set, it is termed as a collective anomaly. The individual data instances in a collective anomaly may not be anomalies by themselves, but their occurrence together as a collection is anomalous. They have two variations. ◦ Events in unexpected order ( ordered. e.g. breaking rhythm in ECG) ◦ Unexpected value combinations ( unordered. e.g. buying large number of expensive items) 9
  • 10. Anomaly detection techniques Many techniques have been proposed. Some indicative are: ◦ Distance based techniques (k-nearest neighbour, local outlier factor) ◦ One class support vector machines. ◦ Replicator neural networks. ◦ Cluster analysis based outlier detection. ◦ Pointing at records that deviate from learned association rules. 10
  • 11. Anomaly detection in time series Twitter Anomaly Detection package ◦ https://github.com/twitter/AnomalyDetection 11
  • 12. Seasonal Hybrid ESD Builds upon the Generalized ESD test for detecting anomalies Generalized extreme Studentized Deviate test (Rosner 1983) Given the upper bound, r, the generalized ESD test essentially performs r separate tests: a test for one outlier, a test for two outliers, and so on up to r outliers. Hypothesis test ◦ Null: There are no outliers in the data set ◦ Alternative: There are up to r outliers in the data set Seasonal ESD applies time series decomposition to remove seasonal component 12
  • 13. Twitter anomaly detection algorithm Extends original by using robust statistics (median, median absolute deviation) Parameters ◦ Max number of anomalies: expressed as a percentage ◦ Direction: positive – negative – both ◦ Alpha: significance level ◦ Period: Main period of observations (e.g. 24 hours, or 7 days) 13
  • 14. Applications of anomaly detection Cybersecurity ◦ Intrusion detection Fraud detection Social media monitoring Medical monitoring 14
  • 15. Learn more Tesseract Academy ◦ http://tesseract.academy ◦ https://www.youtube.com/watch?v=XEM2bYYxkTU ◦ Data science, big data and blockchain for executives and managers. The Data scientist ◦ Personal blog ◦ Covers data science, analytics, blockchain, tokenomics and many more subjects ◦ http://thedatascientist.com
  • 16. 16