Anomaly detection
Top Cited Papers
- 30 July 2009
- journal article
- research article
- Published by Association for Computing Machinery (ACM) in ACM Computing Surveys
- Vol. 41 (3), 1-58
- https://doi.org/10.1145/1541880.1541882
Abstract
Anomaly detection is an important problem that has been researched within diverse research areas and application domains. Many anomaly detection techniques have been specifically developed for certain application domains, while others are more generic. This survey tries to provide a structured and comprehensive overview of the research on anomaly detection. We have grouped existing techniques into different categories based on the underlying approach adopted by each technique. For each category we have identified key assumptions, which are used by the techniques to differentiate between normal and anomalous behavior. When applying a given technique to a particular domain, these assumptions can be used as guidelines to assess the effectiveness of the technique in that domain. For each category, we provide a basic anomaly detection technique, and then show how the different existing techniques in that category are variants of the basic technique. This template provides an easier and more succinct understanding of the techniques belonging to each category. Further, for each category, we identify the advantages and disadvantages of the techniques in that category. We also provide a discussion on the computational complexity of the techniques since it is an important issue in real application domains. We hope that this survey will provide a better understanding of the different directions in which research has been done on this topic, and how techniques developed in one area can be applied in domains for which they were not intended to begin with.Keywords
Funding Information
- Advanced Cyberinfrastructure (ACI-0325949)
- National Science Foundation (ACI-0325949)
- National Aeronautics and Space Administration (NNX08AC36A)
- Division of Information and Intelligent Systems (CNS-0551551IIS-0713227IIS-0308264)
- Division of Computer and Network Systems (CNS-0551551IIS-0713227IIS-0308264)
This publication has 99 references indexed in Scilit:
- Recurrent Fusion of TMPRSS2 and ETS Transcription Factor Genes in Prostate CancerScience, 2005
- Discovering cluster-based local outliersPattern Recognition Letters, 2003
- Improving the performance of radial basis function classifiers in condition monitoring and fault diagnosis applications where `unknown' faults may occurPattern Recognition Letters, 2002
- Rock: A robust clustering algorithm for categorical attributesInformation Systems, 2000
- Nearest-Neighbor Clutter Removal for Estimating Features in Spatial Point ProcessesJournal of the American Statistical Association, 1998
- STRUCTURAL FAULT DETECTION USING A NOVELTY MEASUREJournal of Sound and Vibration, 1997
- Percentage Points for a Generalized ESD Many-Outlier ProcedureTechnometrics, 1983
- On the Use of AIC for the Detection of OutliersTechnometrics, 1979
- The Detection of Errors in Multivariate Data Using Principal ComponentsJournal of the American Statistical Association, 1974
- Rejecting Outliers in Factorial DesignsTechnometrics, 1972