Context-Aware Feature Selection for User Behavior Analytics in Zero-Trust Environments

Abstract

Zero-trust security environments present unique challenges for user behavior analytics, requiring sophisticated approaches to feature selection that can adapt to changing contexts. This paper introduces a novel context-aware feature selection framework specifically designed for behavior analytics in zero-trust architectures. The framework incorporates temporal context, access patterns, and behavioral consistency to dynamically identify the most relevant features for anomaly detection. We propose a multi-layered architecture that includes contextual analyzers, temporal correlation modules, and adaptive selection mechanisms to optimize feature relevance under varying conditions. Experimental evaluation across five datasets containing over 122 million user actions demonstrates that our approach achieves a 95.7% detection rate while maintaining a low false positive rate of 2.8%, outperforming existing methods by 2.2-8.3 percentage points. The framework successfully reduces feature dimensionality by 78.3% while improving detection accuracy, addressing computational efficiency concerns in real-time security monitoring. The adaptive threshold determination component achieves a Context Adaptation Index of 0.87, significantly outperforming baseline approaches. Performance analysis across multiple attack scenarios validates the effectiveness of the proposed methodology in identifying complex behavioral anomalies while minimizing false positives that impact legitimate user activities. The research contributes valuable insights into the application of context-aware analytics for security monitoring in zero-trust environments.