Online Isolation Forest
This work addresses the need for efficient online anomaly detection in applications like cybersecurity and fraud detection, though it is incremental as it builds on existing Isolation Forest methods.
The authors tackled the problem of anomaly detection in streaming data by proposing Online-iForest, a method designed for online conditions that tracks evolving data processes, achieving performance comparable to offline techniques and superior efficiency in real-world datasets.
The anomaly detection literature is abundant with offline methods, which require repeated access to data in memory, and impose impractical assumptions when applied to a streaming context. Existing online anomaly detection methods also generally fail to address these constraints, resorting to periodic retraining to adapt to the online context. We propose Online-iForest, a novel method explicitly designed for streaming conditions that seamlessly tracks the data generating process as it evolves over time. Experimental validation on real-world datasets demonstrated that Online-iForest is on par with online alternatives and closely rivals state-of-the-art offline anomaly detection techniques that undergo periodic retraining. Notably, Online-iForest consistently outperforms all competitors in terms of efficiency, making it a promising solution in applications where fast identification of anomalies is of primary importance such as cybersecurity, fraud and fault detection.