User and Entity Behaviour Analysis
With the heavy use of Internet and the popularity of “Bring Your Own Device” approach in the daily e-learning, research and administrative activities for all users, the campus network is exposed to more and more sophisticated security attacks from both the external Internet and the “Insider” within the campus. In complementing the traditional security systems such as firewall and antivirus that detect security attacks based on “known” mechanisms and signatures, a new security solution called the User and Entity Behaviour Analysis (UEBA) is deployed for those “unknown” or zero-day advanced attacks. The UEBA solution continuously collects and identifies patterns and behaviour in typical users and systems in order to establish the baseline usage and traffic pattern. By applying advanced machine learning and statistical analysis techniques, the UEBA system can detect and report on security outbreaks by correlating abnormal events that deviate from the baselined behaviour and usage.