In data mining, anomaly detection (also known as outlier detection) is the recognition and identification of unusual items, events or observations which raise suspicions by containing significant differences from the rest of the data.

Usually, the anomalous items will translate to some sort of issues like bank fraud, a structural defect, errors in a text, or a medical problem. Anomalies can also be called outliers, novelties, noise, deviations, unusual occurrences, or exceptions.

In particular, in the context of violations and network intrusion detection, the interesting objects are often not rare, but unexpected bursts in activity. This pattern does not adhere to the common statistical definition of an outlier as a rare object, and many outlier detection methods (in particular unsupervised methods) will cease to work on such data unless it has been aggregated appropriately. Instead, a cluster analysis algorithm may provide detection for the microclusters originated by these configurations.