Anomaly Detection Unleashed: From Robust Vision to LLM-Powered Insights

Latest 50 papers on anomaly detection: Oct. 12, 2025

Anomaly detection is a cornerstone of modern AI/ML, crucial for everything from cybersecurity to medical diagnostics and industrial inspection. Yet, the field constantly grapples with challenges like data scarcity, class imbalance, and the need for explainable, real-time solutions. Recent research highlights exciting advancements, pushing the boundaries of what’s possible. Let’s dive into some of the latest breakthroughs that are shaping the future of anomaly detection.

The Big Idea(s) & Core Innovations

The current wave of innovation in anomaly detection is driven by several overarching themes: leveraging large models, enhancing robustness with contextual understanding, tackling data limitations, and achieving explainability. For instance, the groundbreaking work in Foundation Visual Encoders Are Secretly Few-Shot Anomaly Detectors by Chun-Liang Li, Yiming Zhang, and Xiao Wang from MIT, Google Research, and Stanford University reveals a fascinating insight: foundation models inherently understand anomalies by the geometry of their embedding space. This led to FOUNDAD, a lightweight few-shot detector that needs no textual prompts.

Building on the power of large models, several papers explore the integration of Large Language Models (LLMs). The team from Monash University and CSIRO’s Data61 in their paper From Description to Detection: LLM based Extendable O-RAN Compliant Blind DoS Detection in 5G and Beyond proposes an LLM-based framework for zero-shot detection of blind Denial of Service (DoS) attacks in 5G, demonstrating how LLMs can reason from natural language descriptions rather than explicit rules. Similarly, LLM as an Algorithmist: Enhancing Anomaly Detectors via Programmatic Synthesis by Hangting Ye et al. from Jilin University and CSIRO’s Data61 positions LLMs as ‘algorithmists’ to synthesize ‘hard-to-detect’ anomalies, systematically improving detector robustness. The importance of contextual reasoning is further emphasized by Kumar et al. from IIT Delhi and NIT Warangal in Adaptive and Explainable AI Agents for Anomaly Detection in Critical IoT Infrastructure using LLM-Enhanced Contextual Reasoning, where a hybrid LLM-XAI framework dramatically improves accuracy and interpretability in critical IoT systems like smart grids.

Addressing data scarcity, especially for complex modalities, is another major theme. Meta-Learning Based Few-Shot Graph-Level Anomaly Detection from University X, University Y, and Research Lab Z presents a meta-learning framework that enables effective few-shot learning for graph anomaly detection, minimizing the need for extensive labeled data. For visual data, ASBench: Image Anomalies Synthesis Benchmark for Anomaly Detection by Zhiyuan Li et al. from Tsinghua University and Microsoft Research Asia introduces a benchmark for synthetically generating realistic anomalies, enhancing model robustness. This is complemented by Kaputt: A Large-Scale Dataset for Visual Defect Detection from Amazon and University of Oxford, providing a massive, diverse dataset to challenge existing methods in retail logistics.

Moreover, the application of Transformers and Spiking Neural Networks (SNNs) is gaining traction. In Foundation Models for Structural Health Monitoring, Luca Benfenati et al. from Politecnico di Torino introduce Transformer neural networks as foundation models for SHM, achieving state-of-the-art performance in anomaly detection. For energy efficiency, Vacuum Spiker: A Spiking Neural Network-Based Model for Efficient Anomaly Detection in Time Series by I. X. Vázqueza et al. from ITCL Technology Center proposes an SNN model that is energy-efficient and suitable for resource-constrained environments.

Under the Hood: Models, Datasets, & Benchmarks

Recent research has not only introduced innovative methods but also enriched the ecosystem with critical resources:

• Models & Frameworks:
  • RASALoRE (https://arxiv.org/pdf/2510.08052) by Sharma et al. (IIT Bombay): A two-stage weakly supervised framework for brain MRI anomaly detection using region-aware spatial attention and fixed location-based random embeddings. Code: https://github.com/BheeshmSharma/RASALoRE-BMVC-2025.
  • MLLM4TS (https://arxiv.org/pdf/2510.07513) by Liu et al. (The Ohio State University, Bosch Research North America): Leverages multimodal large language models and vision-based encoders for general time-series analysis, including anomaly detection.
  • THEMIS (https://arxiv.org/pdf/2510.03911) by Yadav Mahesh Lorik et al. (Comcast India Engineering Center): Combines pretrained embeddings from foundation models (like Chronos) with outlier detection methods for robust time-series anomaly detection.
  • UniMMAD (https://arxiv.org/pdf/2509.25934) by Yuan Zhao et al. (IIAU-Lab, Dalian University of Technology, etc.): A unified multi-modal and multi-class anomaly detection framework using a Mixture-of-Experts (MoE)-driven feature decompression. Code: https://github.com/yuanzhao-CVLAB/UniMMAD.
  • PatchEAD (https://arxiv.org/pdf/2509.25856) by Po-Han Huang et al. (Inventec Corporation, University at Albany): A unified vision-based framework for training-free, patch-exclusive anomaly detection in industrial settings.
  • TSLT-Net (https://arxiv.org/pdf/2510.02711) by Tarun Kumar Biswas et al. (Jahangirnagar University): A lightweight Temporal-Spatial Transformer for intrusion detection in drone networks. Code: https://github.com/Alamgir-JUST/TSLT-Net.
  • LogAction (https://arxiv.org/pdf/2510.03288) by C. Duan et al. (Tsinghua University, Microsoft Research Asia, etc.): A framework for consistent cross-system log anomaly detection via active domain adaptation. Code: https://logaction.github.io.
  • PANDA (https://arxiv.org/pdf/2509.26386) by Zhiwei Yang et al. (Xidian University, Show Lab, National University of Singapore): An agentic AI engineer based on MLLMs for generalist video anomaly detection without training data or manual involvement. Code: https://github.com/showlab/PANDA.
  • TShape (https://arxiv.org/pdf/2510.00680) by Authors from Affiliation 1 and 2: An advanced method for time series anomaly detection using complex shapelets. Code: https://github.com/CSTCloudOps/TShape.
  • Vacuum Spiker (https://arxiv.org/pdf/2510.06910) by I. X. Vázqueza et al. (ITCL Technology Center): An energy-efficient spiking neural network (SNN) model for time series anomaly detection. Code: https://github.com/iago-creator/Vacuum_Spiker_experimentation.
  • RADF (https://arxiv.org/pdf/2510.03486) by Anupam Panwar et al. (Apple): A reasoning-based framework for real-time, scalable, and automated anomaly detection with causality-based root cause analysis. Code: https://github.com/apple/ml-radf.
  • DPGIIL (https://arxiv.org/pdf/2412.04781) by L.F. Mei and W.J. Yan (University of Macau): A deep clustering framework integrating Dirichlet process mixture models with deep generative models for online structural anomaly detection. Code: https://github.com/Christine-cmd/DPGIIL.
  • GraphNC (https://arxiv.org/pdf/2510.02014) by Guolei Zeng et al. (University of Oxford, Singapore Management University): A framework for semi-supervised graph anomaly detection leveraging normality calibration. Code: https://github.com/mala-lab/GraphNC.
  • AgroTrack (https://doi.org/10) by Hitesh Mohapatra (Kalinga Institute of Industrial Technology): A LoRa IoT framework with ML for remote livestock monitoring and behavioral anomaly detection.
  • UniSage (https://arxiv.org/pdf/2509.26336) by Zhouruixing Zhu et al. (The Chinese University of Hong Kong): A unified and post-analysis-aware sampling framework for microservices to improve anomaly detection and root cause analysis.
  • A Visual Diagnostics Framework for District Heating Data (https://arxiv.org/pdf/2510.00872) by A. Danish Energy et al.: A dashboard-based visual analytics framework to improve data quality for AI-driven heat consumption prediction, identifying outliers and anomalies.
  • SCART (https://arxiv.org/pdf/2304.03657) from TII – Technology Innovation Institute: A simulation environment to augment real-time system simulators by enabling the detection and incorporation of faults and cyber-attacks for anomaly detection. Code: https://github.com/kfirgirstein/SCART.
  • A Physics-Informed Context-Aware Approach for Anomaly Detection in Tele-driving Operations (https://arxiv.org/pdf/2410.13962): A novel system for tele-driving operations targeting False Data Injection (FDI) attacks. Code: https://github.com/ghostsubha/TODS_LMD_AD.
• Datasets & Benchmarks:
  • ASBench (https://arxiv.org/pdf/2510.07927) by Zhiyuan Li et al. (Tsinghua University, Microsoft Research Asia): A novel benchmark dataset for image anomaly detection focusing on synthetic anomalies.
  • Kaputt (https://www.kaputt-dataset.com) by Sebastian Höfer et al. (Amazon, University of Oxford): A large-scale dataset for visual defect detection in retail logistics, significantly larger and more diverse than existing benchmarks.
  • TelecomTS (https://arxiv.org/pdf/2510.06063) by Austin Feng et al. (Yale University): The first comprehensive multi-modal observability dataset derived from a 5G telecommunications network, supporting anomaly detection and root-cause analysis. Code: https://github.com/Ali-maatouk/TelecomTS.
  • ReTabAD (https://yoonsanghyu.github.io/ReTabAD/) by Sanghyu Yoon et al. (LG AI Research, Sungkyunkwan University): The first context-aware tabular AD benchmark with 20 curated datasets enriched with textual metadata and a zero-shot LLM framework. Code: https://yoonsanghyu.github.io/ReTabAD/.

Impact & The Road Ahead

These advancements have profound implications across numerous domains. In healthcare, RASALoRE’s low-parameter, high-performance brain MRI anomaly detection could enable earlier and more accessible diagnostics. For critical infrastructure, the Transformer-based SHM by Politecnico di Torino and the GNN-enhanced traffic anomaly detection by Ibrar M. et al. (IEEE Transactions on Consumer Electronics) offer robust real-time monitoring of rail networks and SDN-enabled consumer electronics. The applications of LLMs in cybersecurity are particularly transformative, with frameworks like those from Monash University and Jilin University enabling proactive defense against sophisticated attacks and allowing detection based on natural language descriptions, drastically reducing the need for labeled data. The development of specialized datasets like Kaputt and ASBench will fuel further innovation in industrial inspection and visual defect detection, accelerating the deployment of highly robust systems.

Looking ahead, the convergence of vision and language models (as seen in MLLM4TS, ViTs, and PANDA) promises more intuitive and generalizable anomaly detection systems that can reason and adapt like human experts. The push for explainable AI (XAI), exemplified by the LLM-XAI framework, will be crucial in building trust and facilitating the adoption of AI in safety-critical applications. Furthermore, the emphasis on energy efficiency with SNNs like Vacuum Spiker highlights a growing trend towards sustainable AI. The continued development of modular frameworks, synthetic data generation, and post-analysis-aware sampling will empower researchers and practitioners to tackle even more complex anomaly detection challenges, leading to safer, more efficient, and more intelligent systems across diverse industries. The future of anomaly detection is not just about finding the needle in the haystack, but understanding why it’s there and how to prevent it.