Supported Algorithms

The following types of algorithms are supported by Intelligence:

• Classification Algorithms
• Anomaly Detection Algorithms

Classification Algorithms

Intelligence supports those classification algorithms that can be stated as classification problems with two classes of output as follows:

• Anomalous
• Non anomalous

The classes can take any name. A classification algorithm must provide a probability for each class.

You must provide one of the two classes in the targetClass parameter while registering the model. This class is used to filter the events that will be considered for determining anomalies.

The following classification algorithms are supported by Intelligence:

• General Regression
• Naïve Bayes
• Neural Network
• Regression
• Rule Set
• Support Vector Machine
• Tree

Anomaly Detection Algorithms

Anomaly Detection algorithms output two values:

• A score on the event.
• A Boolean value indicating if the score is anomalous or not.

These anomaly detection algorithms do not measure the anomalousness of an event, but they give a Boolean value indicating whether the event is anomalous or not. Intelligence interprets a Boolean value of true as an anomalous event and a Boolean value of false as a non anomalous event while calculating the risk scores for the entities associated with the anomalous events.

You must provide one of the two Boolean values in the targetClass parameter while registering the model. This value is used to filter the events that will be considered for determining anomalies.