Where Is Anomaly Detection Used?

Whether we realize it or not, anomaly detection is being utilized in nearly every facet 

of our lives today. Pretty much any task involving data collection of any sort could have 

anomaly detection applied to it. Let’s look at some of the most prevalent fields and topics 

that anomaly detection can be applied in.

 Data  Breaches

In today’s age of big data, where huge volumes of information are stored about users 

in various companies, information security is vital. Any information breaches must 

be reported and flagged immediately, but it is hard to do so manually at such a scale. 

Data leaks can range from simple accidents such as losing a USB stick that contains a 

company’s sensitive information to employees intentionally sending data to an outside 

party to intrusion attacks that attempt to gain access to the database. You must have 

heard of some high-profile data leaks, such as the Facebook security breach, the iCloud 

data breach, and the Google security breach where millions of passwords were leaked. 

All of those companies operate on an international scale, requiring automation to 

monitor everything in order to ensure the fastest response time to any breach.

The data breaches might not even need network access. For example, an employee 

could email an outside party or another employee with connections to rival companies 

about travel plans to meet up and exchange confidential information. Anomaly 

detection models can sift through and process employee emails to flag any suspicious 

employees. The software can pick up key words and process them to understand the 

context and decide whether or not to flag an employee’s email for review.

When employees try to upload data to another connection, the anomaly detection 

software can pick up on the unusual flow of data while monitoring network traffic and 

flag the employee. An important part of an employee’s regular work day would be to 

pull and push to a code repository, so one might expect regular spikes in data transfer in 

these cases. However, the software takes into account lots of variables, including who the 

sender is, who the recipient is, how the data is being sent (in erratic intervals, all at once, 

or spread out over time). In either case, something won’t add up, which the software will 

pick up and then it will flag the employee.

The key benefit to using anomaly detection in the workspace is how easy it is to scale 

up. These models can be used for small companies as well as large-scale international 

companies.

Chapter 1   What Is anomaly DeteCtIon?

21

Download 26,57 Mb.

Do'stlaringiz bilan baham: