Detection of Anomalies Based on User Behavioral Information: A Survey

User and entity behaviour analytics (UEBA) solutions are becoming more and more popular for detecting anomalies since they establish baseline models of typical user behaviour and highlight deviations from them. Modelling normal user behavior and identifying any new behavior that deviates from the normal model user i.e., an attack, which is the main concept of Anomaly Detection (AD) techniques. In this work, a comprehensive review of various AD techniques based on user behavior is presented. Accordingly, this survey is concerted on various techniques employed for AD based on user behavior. Among various research articles, 50 research articles based on AD are considered and categorized based on different parameters, like techniques, publication year, performance metrics, utilized tools, and so on. At last, the research gaps and challenges of this method are illustrated in such a way that a goal for emerging an efficient technique for allowing the effective AD technique is defined.