Another common application of behavioral analytics in security is detecting advanced persistent threats (APTs). APTs occur when a hacker gains access to an organization’s server for an extended period of time. These attacks are especially difficult to detect using conventional methods because APTs are consciously designed to avoid triggering common rules so as to ensure longevity in their access. Behavioral analytics, however, are able to detect APTs since their algorithms monitor activity that is out of the ordinary that would be exhibited by APTs.
The last application of UEBA software that is very common is detecting zero-day attacks. Zero-day attacks are new attacks that have not been used before and therefore will have no rules written to detect them. Because behavioral analysis uses previous behavioral data to evaluate what is not normal, these new attacks can often be detected because they generally use new executables and methods that are out of the ordinary in order to breach a company’s security.
Behavioral Analytics and IoT
Internet of things or IoT refers to the network of peripheral devices that connect to the internet and/or other devices to create a web of connected devices. IoT is experiencing significant growth in the past decade which can be seen in many industries including manufacturing, supply chain, and consumer products. Many of these IoT devices collect behavioral data and use that data to perform analytics to derive insights or appropriate actions.
One of the more visible consumer product examples of this growth is the proliferation of smartwatches. Only a few years ago, smartwatches were very uncommon with only forward-facing tech enthusiasts purchasing these devices, but with more companies diving into this industry, smartwatches and other IoT devices have become much more mainstream. Today, IoT devices are so common that even a casual video game streamer will wear a heart rate monitor that displays for viewers to see. Examples of consumer facing IoT applications that collect behavioral data are:
- Smartwatches that track biometrics
- Doorbell cameras that track traffic to a residential door
- Smart thermostats that track temperature preference throughout the day
- Smart voice assistants that learn when you request actions
Corporations are also looking into using IoT with behavioral analytics to augment their current capabilities. The main reason why businesses are looking to IoT to improve their operations is due to the promises of decreased costs, more accurate delivery estimations, and superior product care. There are less devices that specifically collect behavioral data than in the consumer space, but a couple are:
As the volume of IoT devices continues to grow, behavioral analytics will increase in importance in providing value to consumers and businesses alike.
Behavioral Analytics and Big Data
The amount of data that is generated and stored today far exceeds any other generation to the point where the term “big data” was created. Big data refers to when data scientists or statisticians use methods that use a large amount of data. Generally, more data improves the effectiveness of analytics assuming the quality of the data is the same. Many of the more powerful algorithms such as neural networks are ineffective with small amounts of data, but with large amounts of data become much more effective.
Some industries have embraced the idea of big data more than others with a good example being website advertising. For example, in web advertising tests such as A/B testing enables quick data gathering and analysis, yielding effectiveness metrics for compared ads. Many industries struggle to adopt a big data approach due to the amount of data that is generated, data paywalls, or data regulation that makes it difficult to collect and use entities’ data.
Behavioral analytics fits well in the big data category because behavioral data generates a large amount of data, it can often be collected, and it can often be tracked for each user. When you navigate to websites and see a warning about using cookies to track your experience, they are often tracking your behavior on the website in order to optimize the website design. As mentioned previously, one of the richest sources of behavioral data is IoT to such an extent that entire companies are founded solely focused on running behavioral analytics from resulting IoT data.
Behavioral Analytics and Machine Learning
Machine learning is a class of algorithms that uses input data and sometimes expected data output to tune model parameters to improve its accuracy. Behavioral analytics often uses machine learning to derive insights or automate decision-making. Machine learning is especially helpful to analyze large amounts
since the algorithms can process vast amounts of data in contrast to humans which can only process small amounts of data at a time. Some examples are:
- Insider threats: Insider threats are a type of security concern relating to employees who act maliciously against the company they work for by stealing data or company IP. Security programs can use machine learning to identify anomalous behavior that may indicate these insider threats.
- Customer segmentation: Customers have different buying behavior and thus exhibit different preferences. Machine learning can be used to segment a customer landscape to identify a business’ most valuable customers.
- Facial emotion detection: When people feel emotion, they exhibit different facial expressions. Using complex machine learning that compounds facial recognition and classification, these systems can now detect emotions that people are feeling.
The large volume of behavioral data that is collected makes it difficult to effectively analyze especially on an individual level. Machine learning is a technique to use data to train algorithms to predict a value or classify data. Machine learning is especially helpful to analyze big data since the algorithms can process vast amounts of data in contrast to humans which can only process small amounts of data at a time.
Behavioral Analytics in eCommerce
One of the reasons why Amazon became the dominant ecommerce platform in the market is because it focused its attention on analyzing both consumers’ browsing habits and consumers’ buying habits both of which are classified as behavioral analytics.
By evaluating consumers’ buying habits companies can identify optimal opportunities for both product promotions and bundles. A great example of bundles that are determined by behavioral analytics is on Amazon’s product pages below the initial product details. Usually the bundles include a few other items that others purchased with the same product. Purchasing the bundle gives a slight discount on all the products.
Buying habit data also enables customer segmentation using unsupervised machine learning methods such as clustering. Customer segmentation helps companies understand general buying habits of groups of people to better identify ways to cater to broad groups of people.
Behavioral Analytics in Finance
Internationally, fraud costs the global economy trillions of dollars per year. Unsurprisingly, financial companies are highly invested in catching fraudulent activity detected from unusual consumer behavior to lower costs due to fraud and provide a more secure experience for their customers.
Fraudulent transactions are caught by using behavioral machine learning algorithms to establish normal behavior so that when an unusual transaction occurs it can be flagged as possible fraud. Often, financial companies will reach out to customers when possible fraudulent activity occurred to verify if the transaction was actually fraudulent.
An example of unusual behavior that may indicate fraud is if a consumer buys coffee in Los Angeles and then 20 minutes later buys a donut in London. It would be impossible to travel that fast to make both purchases. Another example is if a consumer makes an expensive purchase that they have never made before in a location they have never been. For instance, if a consumer’s financial credentials are used to purchase fifty mattresses in Brazil when they live in Canada.
Behavioral Analytics Case Study - Financial Services Organization
Get started with Behavioral Analytics today
Behavioral analytics will continue to become even more useful as machine learning algorithms improve and data becomes more socialized in industries with siloed data. With the increased opportunity of behavioral analytics comes greater responsibilities for businesses to use data in a compliant and respectful manner.
With the ever-increasing cyber threats that businesses face today, more preventative measures must be taken to secure valuable data and keep hackers out of internal networks. Our premier UEBA SecOps software, ArcSight Intelligence, uses behavioral analytics to detect anomalies that may indicate malicious actions. It has a proven track record of detecting insider threats, zero-day attacks, and even aggressive red team attacks. Take the first step to securing your organization. Schedule a demo of ArcSight Intelligence today!