# Anomaly Detection

<details>

<summary><mark style="color:blue;">What is Anomaly Detection in the context of user behavior?</mark></summary>

Anomaly detection in user behavior involves identifying unusual patterns or activities that deviate significantly from normal user behavior. This helps in identifying potential security threats, fraudulent activities, or system malfunctions.

</details>

<details>

<summary><mark style="color:blue;">How does Anomaly Detection work?</mark></summary>

Anomaly detection systems typically employ statistical methods, machine learning algorithms, or a combination of both to analyze user data and identify outliers. These outliers are then flagged as potential anomalies for further investigation.

</details>

<details>

<summary><mark style="color:blue;">What kind of user data is used for Anomaly Detection?</mark></summary>

User data such as IP address, device type, login times, and access patterns,  can be used for anomaly detection.

</details>

<details>

<summary><mark style="color:blue;">What are the benefits of Anomaly Detection?</mark></summary>

Anomaly detection helps in preventing fraud, detecting security breaches, improving system performance, and enhancing customer experience by identifying and addressing issues promptly.

</details>

<details>

<summary><mark style="color:blue;">How does Anomaly Detection help in preventing fraud?</mark></summary>

By identifying unusual user behavior patterns, anomaly detection systems can detect fraudulent activities like account takeover, unauthorized access, and fraudulent transactions.

</details>

<details>

<summary><mark style="color:blue;">How do you balance false positives and false negatives in anomaly detection?</mark></summary>

By threshold tuning, threat scoring, and human-in-the-loop verification.

</details>