Definitions Edit

Anomaly detection

[is] [a]n intrusion detection method that searches for activity that is different from the normal behavior of system entities and system resources.[1]
compares a profile of allowed or expected attributes against a population, with any deviation from that profile flagged as a potential risk.[2]
[is] the search for data items in a dataset that do not match a projected pattern or expected behaviour.[3]
[a] statistical technique that determines what patterns are normal and then identifies items that do not conform to those patterns. Unlike simple classification where the classes are known in advance, in anomaly detection the users don’t know what they are looking for in the data.[4]

References Edit

  1. Internet Security Glossary 17 (RFC 4949) (Ver. 2) (Aug. 2007).
  2. Survey of DHS Data Mining Activities, at 9 n.14.
  3. Datafloq, An Extensive Glossary Of Big Data Terminology (full-text).
  4. Aeris, IoT Dictionary (full-text).