I have executed the anomaly detection application which is an existing application under example server. I want to understand the statistics behind the generation of alarms.
After the autoregression analysis of time series data(training data) there was the predicted value and the actual value. The error and square error were calculated and mean and standard deviations of error and square error were calculated and all other colums got filtered.
Then autoregression analysis of time series data(testing data) was performed and from that "abs(error)-mean(this is the mean of error values of training data)" and " square error-mean(this is the mean of error values of training data)" were calculated and the rule engine was given.
I wan to know how these calculations was decided and performed. What is the advantage of these calculations and any other calculations available to generate the alarms.
Please help me.