SystemOverflow
LearnFraud Detection & Anomaly DetectionSupervised Anomaly Detection (Imbalanced Classification)1 of 6
Fraud Detection & Anomaly DetectionSupervised Anomaly Detection (Imbalanced Classification)Easy⏱️ ~2 min

Supervised Anomaly Detection: Why Accuracy Is Misleading in Imbalanced Classification

Definition
Supervised anomaly detection uses labeled examples of normal and anomalous behavior to train a classifier. Unlike unsupervised methods that find statistical outliers, supervised methods learn specific patterns that define "fraud" or "attack" from historical labeled data.

The Imbalance Problem

Anomalies are rare by definition. In fraud detection, typically 0.1-1% of transactions are fraudulent. In intrusion detection, 0.01% of network packets are malicious. This extreme class imbalance breaks standard machine learning assumptions.

Training data might contain 1 million normal examples and 1,000 fraud examples. A model that predicts "normal" for everything achieves 99.9% accuracy. That model catches zero fraud. Accuracy becomes meaningless when classes are imbalanced.

Why Accuracy Misleads

Accuracy = (correct predictions) / (total predictions). With 99.9% normal data, a trivial classifier that always predicts normal gets 99.9% accuracy. It sounds impressive but catches no anomalies. The metric rewards predicting the majority class and ignoring the minority class entirely.

⚠️ The Trap: Stakeholders see 99% accuracy and assume the model works. In reality, it misses every fraud case. Always report precision and recall on the minority class, never accuracy alone.

Metrics That Matter

Precision: Of all predicted anomalies, what fraction are true anomalies? Low precision means many false alarms, wasting human review time.

Recall: Of all true anomalies, what fraction did we catch? Low recall means fraud slips through. In financial fraud, missing a ,000 theft might cost more than 100 false alarms.

PR-AUC: Area under precision-recall curve. Unlike ROC-AUC, PR-AUC is sensitive to class imbalance. A random classifier gets PR-AUC equal to the positive class fraction (0.001 for 0.1% fraud rate), not 0.5.

💡 Key Takeaways
Supervised anomaly detection learns from labeled examples of normal and anomalous behavior
Extreme class imbalance (0.1-1% anomalies) makes accuracy meaningless: 99.9% accuracy catches zero fraud
Precision measures false alarm rate; recall measures how many true anomalies we catch
PR-AUC is the right metric: random classifier gets PR-AUC = positive class fraction, not 0.5
Never report accuracy alone for imbalanced problems; stakeholders will misinterpret it
📌 Interview Tips
1Explain why accuracy misleads: 99.9% accuracy means nothing if it catches zero fraud
2Show precision-recall trade-off: missing K fraud may cost more than 100 false alarms
3Use PR-AUC instead of ROC-AUC for imbalanced datasets; random baseline is class fraction
← Back to Supervised Anomaly Detection (Imbalanced Classification) Overview