Retrieval Augmented Anomaly Detection (RAAD): Nimble Model Adjustment Without Retraining
We propose a novel mechanism for real-time (human-in-the-loop) feedback focused on false positive reduction to enhance anomaly detection models. It was designed for the lightweight deployment of a behavioral network anomaly detection model. This methodology is easily integrable to similar domains that require a premium on throughput while maintaining high precision. In this paper, we introduce Retrieval Augmented Anomaly Detection, a novel method taking inspiration from Retrieval Augmented Generation. Human annotated examples are sent to a vector store, which can modify model outputs on the very next processed batch for model inference. To demonstrate the generalization of this technique, we benchmarked several different model architectures and multiple data modalities, including images, text, and graph-based data.
View on arXiv@article{pastoriza2025_2502.19534,
title={ Retrieval Augmented Anomaly Detection (RAAD): Nimble Model Adjustment Without Retraining },
author={ Sam Pastoriza and Iman Yousfi and Christopher Redino and Marc Vucovich and Abdul Rahman and Sal Aguinaga and Dhruv Nandakumar },
journal={arXiv preprint arXiv:2502.19534},
year={ 2025 }
}