You are previewing Practical Machine Learning: A New Look at Anomaly Detection.
O'Reilly logo
Practical Machine Learning: A New Look at Anomaly Detection

Book Description

Anomaly detection is the detective work of machine learning: finding the unusual, catching the fraud, discovering strange activity in large and complex datasets. But, unlike Sherlock Holmes, you may not know what the puzzle is, much less what "suspects" you’re looking for. This O’Reilly report uses practical example to explain how the underlying concepts of anomaly detection work.

Table of Contents

  1. 1. Looking Toward the Future
  2. 2. The Shape of Anomaly Detection
    1. Finding “Normal”
      1. If you enjoy math, read this description of a probabilistic model of “normal”…
    2. Human Insight Helps
    3. Finding Anomalies
      1. Once again, if you like math, this description of anomalies is for you…
      2. Take-Home Lesson: Key Steps in Anomaly Detection
    4. A Simple Approach: Threshold Models
  3. 3. Using <span xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:pls="http://www.w3.org/2005/01/pronunciation-lexicon" xmlns:ssml="http://www.w3.org/2001/10/synthesis" xmlns:svg="http://www.w3.org/2000/svg" class="emphasis"><em>t</em></span>-Digest for Threshold Automation-Digest for Threshold Automation
    1. The Philosophy Behind Setting the Threshold
    2. Using <span xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:pls="http://www.w3.org/2005/01/pronunciation-lexicon" xmlns:ssml="http://www.w3.org/2001/10/synthesis" xmlns:svg="http://www.w3.org/2000/svg" class="emphasis"><em>t</em></span>-Digest for Accurate Calculation of Extreme Quantiles-Digest for Accurate Calculation of Extreme Quantiles
    3. Issues with Simple Thresholds
  4. 4. More Complex, Adaptive Models
    1. Windows and Clusters
    2. Matches with the Windowed Reconstruction: Normal Function
    3. Mismatches with the Windowed Reconstruction: Anomalous Function
    4. A Powerful But Simple Technique
    5. Looking Toward Modeling More Problematic Inputs
  5. 5. Anomalies in Sporadic Events
    1. Counts Don’t Work Well
    2. Arrival Times Are the Key
      1. And Now with the Math…
    3. Event Rate in a Worked Example: Website Traffic Prediction
    4. Extreme Seasonality Effects
  6. 6. No Phishing Allowed!
    1. The Phishing Attack
    2. The No-Phishing-Allowed Anomaly Detector
    3. How the Model Works
    4. Putting It All Together
  7. 7. Anomaly Detection for the Future
  8. A. Additional Resources
    1. GitHub
    2. Apache Mahout Open Source Project
    3. Additional Publications
  9. About the Authors
  10. Colophon
  11. Copyright