User Behavior Analysis

Analysis of user behavior and patterns for the purpose of detecting unauthorized user activity.,User behavior analytics ("UBA") as defined by Gartner, is a cybersecurity process about detection of insider threats, targeted attacks, and financial fraud. UBA solutions look at patterns of human behavior, and then apply algorithms and statistical analysis to detect meaningful anomalies from those patterns-anomalies that indicate potential threats.' Instead of tracking devices or security events, UBA tracks a system's users. Big data platforms are increasing UBA functionality by allowing them to analyze petabytes worth of data to detect insider threats and advanced persistent threats.

Informational References

https://d3fend.mitre.org/technique/d3f:UserBehaviorAnalysis/

Countermeasures

ID Name Description NIST Rev5 D3FEND ISO 27001

Related SPARTA Techniques and Sub-Techniques

ID Name Description

Space Threats Mapped

ID Description

Sample Requirements

Requirement Rationale/Additional Guidance/Notes