Azure Anomaly Detector service spots business data deviations

Microsoft has expanded its Azure AI capabilities with Anomaly Detector, a service that analyzes data to spot deviations that reveal underlying problems.

The Azure Anomaly Detector service, now in preview, is an addition to Azure Cognitive Services. It takes in customers' time-series data -- information collected at and stamped with specific points in time -- and applies the most efficient algorithm for the particular use case from a library of pretrained models. Time-series data presents a historical baseline from which the system can more easily spot deviations. Customers can fine-tune the algorithm's sensitivity to reduce false-positive results. People with no background in machine learning can use Anomaly Detector thanks to the abstraction layer it provides, according to Microsoft.

To perform real-time anomaly detection, a customer's system calls the Azure Anomaly Detector API every time a new time-series data point is created. The system applies prior data points to figure out whether new ones break from established norms, according to Microsoft's documentation.

Alternatively, the system can analyze time-series data in batches, such as a set that contains daily or hourly records on sales of a particular product over the past quarter.

Potential uses for this Azure AI service include fraud detection, IoT device traffic monitoring and system performance improvement, Microsoft said in a blog post. As one example, Microsoft cited how a video streaming company could use Anomaly Detector to scan time-series information about millions of video files and pinpoint performance problems, which could affect the content provider's customers and hurt its bottom line.

These types of products require a lot of data to be precise.

Also, more than 200 Microsoft teams that work on Azure and other products, such as Office and Bing, use Anomaly Detector to troubleshoot their systems, Microsoft said.

The Azure Anomaly Detector preview version is available in Azure's West U.S. 2 and West Europe regions, but is planned for release in all regions upon general availability. A free tier provides up to 20,000 transactions per month, and a standard tier costs $0.157 per 1,000 transactions. Costs will double upon general availability.

Azure AI efforts aim to spot problems on multiple fronts

Anomaly Detector's roots stem from the Machine Learning Anomaly Detection API. Its release also closely follows that of Azure Sentinel, a security information and event management (SIEM) service on Azure that uses machine learning algorithms to sift through large amounts of security alerts and determine which threats are the most serious. It is built, in part, on Azure Monitor, Microsoft's log analytics service.

SIEMs such as Sentinel, Splunk and Sumo Logic have a similar goal to ferret out potential problems from large amounts of data, but focus solely on security issues and have a much bigger technical footprint than Anomaly Detector.

Eric Ogren

Still, they all tap machine learning to achieve more sophisticated analysis and, ultimately, better results than older approaches, such as rules engines. These systems apply concrete rules to business data that prompt actions when a deviation is found.

For example, a bank may apply a rules engine to automatically flag a debit card transaction for human review if it is above a certain monetary value or occurs in a different country than the cardholder's residence. Rules engines tend to turn up many false positives, though, and aren't easily adaptable to changes in data sets.

There are also a couple of consistent factors to consider with AI and anomaly detection services such as Anomaly Detector, said Eric Ogren, an analyst at 451 Research.

"First of all, these types of products require a lot of data to be precise," Ogren said. Second, anomaly detection usually requires a person, not a machine learning algorithm, to ultimately pass a verdict on whether something is indeed a problem, he added.