ABSTRACT
This chapter describes two different types of algorithm for detecting anomalies and deciding how anomalous they are: point anomalies, and contextual anomalies. By detecting the error, it may be possible to avoid a failure completely, but even if it is not, it may be possible to log details of the problem and inform the larger system into which the failing component is embedded before the failure occurs. Much of the research being carried out on anomaly detection is aimed toward the detection of malicious intrusions into networks by attackers and the examination of financial databases, looking for patterns of fraud. Predicting what the next reading will be is useful for anomaly detection because, once the algorithm has settled down and is accurate in its predictions, a major difference between the predicted and actual values represents a potential anomaly.
