4.1. Introduction

An anomaly is an observation that deviates from other observations to raise a suspicion that it has been generated by a different mechanism (Ahmed et al. 2016). According to its nature, the anomaly can be categorized into point, collective and contextual anomalies (Fernandes et al. 2019). A point anomaly is a deviation of a data sample from usual behaviors. This kind of anomaly is the simplest and is widely studied by the research community. For example, packet loss in the network every day is less than 1%, but it increases to more than 20% on a specific day. This situation is considered as a point anomaly. A collective anomaly happens when a collection of data samples behaves anomalously with an entire dataset. Anomalous behavior is not considered as a collective anomaly, but point anomaly happening continuously in duration is considered as a collective anomaly. A contextual anomaly is an event or behavior considered as an anomaly depending on the context. In contextual anomalies, there are contextual features (e.g. geographic coordinates in spatial data, time in time-series data, etc.) and non-contextual features (e.g. an indicator determining the context of the anomaly, etc.). For example, ...