Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Anomaly detection principles and algorithms
Mehrotra K., Mohan C., Huang H., Springer International Publishing, New York, NY, 2017. 217 pp. Type: Book (978-3-319675-24-4)
Date Reviewed: Jan 23 2019

Anomaly detection is not only used in cybersecurity and defense, but also in stock markets, finance, and business administration, as well as medicine, astronomy, social networks, fraud, and anti-corruption. This book presents the interesting topic of anomaly detection for a very broad audience.

The book is split into two parts, “Principles” and “Algorithms,” but in reality, principles, examples, techniques, and algorithmic descriptions are scattered throughout. The examples are really motivating and extracted from realistic situations in different areas, not only security. The algorithmic descriptions are given at a very high level in pseudocode. I found both the examples and algorithms very useful.

The different principles and techniques are very well organized into five approaches: (1) distance-based detection, with an informal presentation in Section 3 and a more scientific presentation in Section 6; (2) cluster-based detection, presented in Section 4; (3) time series detection, with an informal presentation in Section 5 and a more scientific presentation in Section 9; (4) rank-based detection, presented in Section 7; and (5) ensemble techniques combining various previous detection techniques, presented in Section 8.

The presentation is really useful: for each technique, some motivation is given, including real-life situations, a comprehensible formalization, and pros and cons, which gives readers an idea of how useful the technique will be in practice. Experimental results are given for some of the techniques, whereas performance descriptions are given for some others. Probably the most important contribution of the book is its citations and references for further reading, which may help casual readers better understand each technique and search for extra documentation.

The take-home message is that there is no “winning” technique and finding anomalies in datasets is a domain-specific endeavor. Some techniques may provide false positives corresponding to unidentified legal behaviors or actions, while others may provide false negatives since their capabilities for finding anomalies in concrete domains are bulky or inefficient. The book subversively claims that a data scientist must work closely with domain-specific experts (analysts, physicians, astronomers) to find anomalies.

More reviews about this item: Amazon

Reviewer:  Santiago Escobar Review #: CR146394 (1904-0115)
Bookmark and Share
  Reviewer Selected
Featured Reviewer 		 
 
Security and Protection (K.6.5 )
 
 
Security, Integrity, And Protection (H.2.7 ... )
 
 
Security and Protection (D.4.6 )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
CIRCAL and the representation of communication, concurrency, and time
Milne G. ACM Transactions on Programming Languages and Systems 7(2): 270-298, 1985. Type: Article		 Oct 1 1985
Computer security risk management
Palmer I., Potter G., Van Nostrand Reinhold Co., New York, NY, 1989. Type: Book (9780442302900)		 Apr 1 1991
Computers at risk
, National Academy Press, Washington, DC, 1991. Type: Book (9780309043885)		 Oct 1 1991
more...
E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use | Privacy Policy