AnoScout offers seven algorithms

Src: https://towardsdatascience.com/autoencoders-and-the-denoising-feature-from-theory-to-practice-db7f7ad8fc78

1. Store sliding windows for each layer $l$ in matrices $\mathbf{D}^{(l)}$ and $\mathbf{C}^{(l)}$.
2. Estimate gaussian distribution on matrices through MLE.
3. Create a binary vector a that labels each row as either anomalous (1) or normal (0).
4. On each level, the coefficients are halved, thus creating multiple binary trees across the time series.
5. If an anomaly is detected in one of the nodes, it is marked as an event $e$, which gets pushed down to the leafs of the tree.
6. Event count in the leafs is the final anomaly score.

Partition dataset using tree: Anomalies easy to isolate, therefore closer to root node.

Isolation tree construction:

1. Randomly select an attribute $q$ in the dataset
2. Randomly select a value $p$ from the selected attribute column in the dataset and proceed to split the dataset into two partitions based on the value.
3. Two new nodes are attached to the current node; the left node contains all values smaller than $p$ , while the right node contains all nodes greater or equal than $p$ .
4. These steps are recursively repeated until either the dataset is depleted or the maximum tree height specified by the user has been reached.

Assign anomaly scores to each node $x$

1. Compute average path length $h(x)$ for node $x$ from multiple isolation trees.
2. Estimate total average path length: \[c(n) = 2H (n − 1) − (2(n − 1)/n)\]
3. Anomaly score $s$ for a point $x$: \[ s(x, n) = 2^{-\frac{E(h(x))}{c(n)}} \]

Compute a Local Outlier Factor (LOF) for each point to measure the degree of deviation from normal data in the local neighborhood.

1. Reachability distance (RD) of $p$ w.r.t. $q$: \[RD_k(p, q) = \max \left\{ \text{k-distance}(q), d(p, q) \right\}\]
2. Local reachability density (LRD) for a point $p$: \[ LRD_k(p) = \frac{1}{\sum_{q \in N_k(p)} \frac{RD(p, q)}{\left\| N_k(p) \right\|} } \]
3. Local Outlier Factor (LOF): \[ LOF_k(p) = \frac{\sum_{q \in N_k(p)} \frac{LRD_k(q)}{LRD_k(p)} }{\left\| N_k(p) \right\|} \]

Idea of an RNN:

Neural networks for time series!

RNN is not able to consider information far in the past, therefore LSTM is introduced:

RBF is a nested regression ensemble method:

Forecasting model with three components:

1. Autoregressive model: \[ y_t = c + \phi_1 y_{t-1} + \phi_2 y_{t-2} + \ldots + \phi_p y_{t-p} + \epsilon_t \]
2. Moving average: \[ y_t = c + \epsilon_t + \theta_1 \epsilon_{t-1} + \theta_2 \epsilon_{t-2} + \ldots + \theta_q \epsilon_{t-q} \]
3. Differencing: \[ y_t^{\prime} = y_t - y_{t-1} \]

All combined: