USER BEHAVIOUR ANOMALY DETECTION

Abstract

In the era of rapid digital transformation, cloud platforms have become the
backbone of modern computing infrastructure, offering scalability, flexibil- ity,
and cost-efficiency. However, their widespread adoption has also made them
prime targets for sophisticated cyber threats, especially those involv- ing
other malicious actions that may evade traditional rule-based security systems.
This research paper explores the implementation of machine learn- ing
techniques for real-time anomaly detection in user behavior across cloud
platforms, providing a proactive approach to cloud security.
The study emphasizes the limitations of static rule-based systems and traditional
SIEM (Security Information and Event Management) tools, which often
fail to adapt to evolving behavioral patterns and generate high false- positive
rates. By leveraging supervised, unsupervised, and semi-supervised machine
learning models, we propose an intelligent system capable of learn- ing normal
usage patterns and identifying deviations indicative of threats. Key algorithms
such as Isolation Forest, One-Class SVM, Autoencoders, and clustering
techniques like DBSCAN and K-Means are examined for their ef- fectiveness in
identifying anomalies in large-scale, multidimensional datasets generated by user
activity logs, API calls, access records, and system meta- data.