Novelty detection is a semi-supervised learning task where a model is trained exclusively on a clean, uncontaminated dataset of normal instances to learn a tight decision boundary. The goal is not to recognize known anomalies, but to identify whether new, unseen data points are out-of-distribution and deviate from this learned normality, triggering a flag for a previously unobserved pattern.
Glossary
Novelty Detection

What is Novelty Detection?
Novelty detection is a classification task focused on identifying whether new, unseen data points deviate from a previously learned profile of normality.
Unlike outlier detection, which finds anomalies within a contaminated training set, novelty detection assumes the training data is anomaly-free. The model learns the support of the normal data distribution using algorithms like One-Class SVM or Deep SVDD. At inference time, any instance falling outside this boundary is classified as a novelty, making it critical for detecting zero-day fraud attacks.
Core Characteristics of Novelty Detection
Novelty detection is a specialized machine learning task where a model is trained exclusively on a clean, uncontaminated dataset of normal instances to learn a tight decision boundary. The goal is to identify whether new, unseen data points deviate from this learned normality, making it distinct from outlier detection which must handle contaminated training data.
Clean Training Data Requirement
The foundational assumption of novelty detection is that the training set contains zero anomalies. The model learns a precise boundary around only normal instances, making it highly sensitive to any deviation. This contrasts with outlier detection, where the training set may contain some contamination. In financial fraud, this means training on verified legitimate transactions from a known clean period to establish a baseline of normal customer behavior.
Decision Boundary Learning
The model constructs a decision function that returns +1 for normal regions and -1 for novel regions. Key approaches include:
- One-Class SVM: Finds a hyperplane that maximally separates normal data from the origin in kernel space
- Deep SVDD: Maps normal data into a minimal hypersphere in latent space
- Gaussian Mixture Models: Fits a probability density to normal data and flags low-density regions
- Autoencoders: Learn to compress and reconstruct normal patterns, flagging high reconstruction error as novel
Novelty vs. Outlier Distinction
This distinction is critical for model selection:
- Novelty Detection: Training data is pristine (no anomalies). The model learns what is normal and flags anything unfamiliar. Used when you have a verified clean dataset of legitimate transactions.
- Outlier Detection: Training data may contain anomalies. The model must robustly identify outliers within potentially contaminated data. Used when historical data cannot be guaranteed clean.
- Key implication: Novelty detection models are more sensitive but less robust to training contamination than outlier detection methods.
Reconstruction-Based Scoring
Autoencoder-based novelty detection relies on reconstruction error as the anomaly score. The principle: a model trained only on normal data will reconstruct normal patterns well but fail on novel patterns. Key metrics include:
- Mean Squared Error (MSE) between input and reconstruction
- Reconstruction probability from Variational Autoencoders, which is more principled than raw error
- Mahalanobis distance in the latent space to measure deviation from the normal distribution In fraud detection, a transaction that cannot be well-reconstructed signals a novel fraud pattern not seen during training.
Density Estimation Methods
Probabilistic approaches estimate the probability density function of normal data and flag low-density regions as novel. Common techniques:
- Kernel Density Estimation (KDE) : Non-parametric density estimation where anomaly scores are inversely proportional to estimated density
- Gaussian Mixture Models (GMM) : Models normal data as a mixture of Gaussian distributions
- Normalizing Flows: Transforms simple distributions into complex ones through invertible mappings for exact likelihood computation
- Extreme Value Theory (EVT) : Models the tail of the anomaly score distribution to set mathematically rigorous thresholds
Threshold Setting Strategies
Setting the decision threshold is critical and challenging since only normal data is available during training. Approaches include:
- Extreme Value Theory: Fit a Generalized Pareto Distribution to the tail of anomaly scores on normal data to control false positive rate
- Percentile-based: Set threshold at the 95th or 99th percentile of anomaly scores on a held-out normal validation set
- Dynamic Thresholding: Adapt thresholds based on rolling statistics to account for concept drift and seasonality
- Contamination factor: Estimate the expected proportion of novel instances in production and calibrate accordingly
Novelty Detection vs. Outlier Detection vs. Out-of-Distribution Detection
A technical comparison of three distinct anomaly detection paradigms based on training data availability, problem formulation, and operational assumptions.
| Feature | Novelty Detection | Outlier Detection | Out-of-Distribution Detection |
|---|---|---|---|
Training Data Composition | Clean normal data only (uncontaminated) | Unlabeled dataset containing both normal and anomalous points | In-distribution data from known classes or domains |
Core Objective | Identify if new instances deviate from learned normality | Identify rare instances that differ from the majority | Detect inputs semantically different from training distribution |
Supervision Paradigm | Semi-supervised | Unsupervised | Supervised or self-supervised |
Assumption About Anomalies | Absent during training | Present but rare in training data | Unknown classes absent during training |
Primary Scoring Mechanism | Distance from decision boundary or hypersphere center | Density, distance, or isolation metrics | Softmax confidence, energy score, or density ratio |
Handles Contaminated Training Data | |||
Typical Algorithms | One-Class SVM, Deep SVDD, Autoencoder | Isolation Forest, LOF, DBSCAN, HBOS | Mahalanobis Distance, Energy-Based Models, ODIN |
Primary Use Case | Fault detection in known operating regimes | Exploratory data cleaning and fraud flagging | Model safety and open-set recognition |
Frequently Asked Questions
Clear, technically precise answers to the most common questions about novelty detection, its mechanisms, and its role in identifying unknown fraud patterns.
Novelty detection is a semi-supervised learning task where a model is trained exclusively on a clean, uncontaminated dataset of normal instances to learn a tight decision boundary, and its goal is to identify whether new, unseen data points deviate from this learned normality. The critical distinction from outlier detection lies in the training data: novelty detection assumes the training set is completely free of anomalies, whereas outlier detection expects the training data to be contaminated with outliers that the algorithm must ignore. In practice, novelty detection is used when you have a robust corpus of legitimate transactions and need to flag any future deviation as potentially fraudulent, making it ideal for zero-day fraud pattern identification where no prior examples of the attack exist.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Novelty detection relies on a constellation of algorithms that learn a compact boundary around normal data. The following concepts are essential for implementing robust semi-supervised anomaly detection in financial systems.
One-Class SVM
The foundational kernel method for novelty detection. A One-Class SVM learns a decision boundary that encapsulates the normal training data in a high-dimensional feature space, maximizing the margin from the origin. New transactions falling outside this boundary are flagged as novel.
- Uses the nu parameter to control the upper bound on outlier fraction
- Kernel trick (RBF) handles non-linear normality boundaries
- Effective when the normal class is tightly clustered
Deep SVDD
A neural extension of Support Vector Data Description that trains a network to map normal data into a minimal hypersphere in latent space. The distance from the sphere's center becomes the anomaly score.
- Jointly learns representations and the enclosing boundary
- Outperforms two-stage methods (autoencoder + separate scoring)
- Vulnerable to hypersphere collapse without architectural constraints
Out-of-Distribution Detection
The broader task of identifying inputs that are semantically or statistically different from the training distribution. In fraud, this means detecting novel attack vectors never seen during training.
- Relies on softmax confidence, energy scores, or density estimation
- Critical for catching zero-day fraud patterns
- Prevents overconfident misclassifications on unknown schemes
Gaussian Mixture Model (GMM)
A probabilistic model assuming data is generated from a mixture of Gaussian distributions. Novelty is scored by the probability density at a point's location—low-density regions indicate anomalies.
- Captures multi-modal normality (e.g., distinct customer segments)
- Provides calibrated likelihood scores for threshold setting
- Expectation-Maximization fits the model to clean data
Kernel Density Estimation (KDE)
A non-parametric method that estimates the probability density function by placing a kernel on each training point. Anomaly scores are inversely proportional to the estimated density.
- Makes no assumptions about the underlying data distribution
- Bandwidth parameter critically controls smoothness
- Computationally expensive at inference time for large datasets
Normalizing Flow
A generative model that transforms a simple base distribution into a complex one through a sequence of invertible, differentiable mappings. Enables exact likelihood computation for novelty scoring.
- Provides tractable density estimation unlike VAEs
- Change-of-variables formula yields precise log-likelihoods
- Useful when the normal data distribution is highly non-Gaussian

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us