Open Challenges in Time Series Anomaly Detection: An Industry Perspective
Andreas Mueller
TL;DR
This paper argues that practical time-series anomaly detection (TAD) in industry differs substantially from academic benchmarks, centering on two core tenets: alerting and application-specific needs. It advocates for formalizing TAD problems, integrating streaming, side information, and human-in-the-loop feedback, and accounting for RCA and signal-processing considerations through a holistic framework. By combining an illustrative temperature-sensor use-case with analyses of preprocessing, thresholding, and evaluation, the authors highlight gaps in current benchmarks and propose directions for cohorts, conditional anomalies, and online learning with censored feedback. The work stresses the importance of realistic datasets, integrated evaluation, and end-to-end system design to enable reliable, actionable alerts in large-scale cloud environments, with practical impact on reliability, maintenance, and operations.
Abstract
Current research in time-series anomaly detection is using definitions that miss critical aspects of how anomaly detection is commonly used in practice. We list several areas that are of practical relevance and that we believe are either under-investigated or missing entirely from the current discourse. Based on an investigation of systems deployed in a cloud environment, we motivate the areas of streaming algorithms, human-in-the-loop scenarios, point processes, conditional anomalies and populations analysis of time series. This paper serves as a motivation and call for action, including opportunities for theoretical and applied research, as well as for building new dataset and benchmarks.