Ouvrir le menu de navigation
AIDive
FR
Se connecter
Retour au glossaire

Anomaly Detection in Security

Ethics & Safety

Search for unusual actions, events, or network activity that may indicate an attack, leak, or compromise.

Définition

In security, an anomaly is not just a rarity, but a signal of a possible threat. AI can analyze logins, network traffic, user actions, file access, and application behavior. The goal is to spot anything suspicious before the damage becomes serious.

Exemple

An employee usually logs into the system during the day from one city, and at night there is a login from another country and a bulk upload of files.

Pourquoi c'est important

The term is important for companies where there are a lot of events and manual analysis is impossible: AI helps to identify suspicious things from a large stream of logs.

Fonctionnement

The model builds a profile of normal behavior and compares new events with it. If there is a strong deviation, it generates a warning or triggers an additional check.

Où c'est utilisé

  • cybersecurity
  • log monitoring
  • protecting accounts and data

Limites

Many false positives tire the security team. We need context, prioritization, and connections to other data sources.

FAQ

Why is “Anomaly Detection in Security” useful to know?

The term is important for companies where there are a lot of events and manual analysis is impossible: AI helps to identify suspicious things from a large stream of logs.