Adaptive behavior profiling and anomaly scoring through continuous learning

What is claimed is: 1. A computer-implemented method for generating a behavior profile, the computer-implemented method comprising: calculating, by a computer, a newness score for a newly received data point in a data point cache corresponding to a context of an access request to a resource made by a user of a client device; generating, by the computer, a fuzzy set of data points corresponding to the newly received data point using a pre-determined number of previously cached data points within a pre-defined distance measure from the newly received data point in the data point cache; aggregating, by the computer, newness scores for a plurality of data points corresponding to contexts of a plurality of access requests made by the user to form an aggregated newness score; and responsive to the computer determining that the aggregated newness score is greater than or equal to a pre-defined newness score threshold, generating, by the computer, the behavior profile identifying a behavior pattern of the user that corresponds to the plurality of access requests made by the user using the fuzzy set of data points within the pre-defined distance measure from the newly received data point in the data point cache. 2. The computer-implemented method of claim 1 further comprising: receiving, by the computer, the access request to the resource from the client device via a network; and determining, by the computer, the newly received data point in the data point cache based on characteristics of the context of the access request. 3. The computer-implemented method of claim 1 further comprising: calculating, by the computer, a user behavior profile anomaly score and a cache anomaly score for the newly received data point in the data point cache corresponding to the context of the access request, wherein the computer calculates the newness score for the newly received data point by subtracting the cache anomaly score from the user behavior profile anomaly score corresponding to the newly received data point. 4. The computer-implemented method of claim 3 , wherein the computer calculates the user behavior profile anomaly score by comparing data corresponding to the context of the access request to data in the behavior profile identifying the behavior pattern of the user making the access request. 5. The computer-implemented method of claim 3 , wherein the computer calculates the cache anomaly score by comparing the newly received data point corresponding to the context of the access request with previously cached data points corresponding to contexts of previous access requests that also are located in the data point cache. 6. The computer-implemented method of claim 3 further comprising: fusing, by the computer, the user behavior profile anomaly score and the cache anomaly score to generate a composite anomaly score for the newly received data point corresponding to the context of the access request. 7. The computer-implemented method of claim 6 further comprising: calculating, by the computer, an estimated risk corresponding to the access request based on the composite anomaly score for the newly received data point corresponding to the context of the access request. 8. The computer-implemented method of claim 7 further comprising: determining, by the computer, whether the estimated risk is greater than a pre-defined risk threshold; and responsive to the computer determining that the estimated risk is greater than or equal to the pre-defined risk threshold, performing, by the computer, an action based on a set of risk policies. 9. The computer-implemented method of claim 8 , wherein the action is one of authorize the access request, block the access request, or mitigate a risk associated with the access request. 10. The computer-implemented method of claim 1 , wherein the data point cache stores the newly received data point corresponding to the context of the access request and one or more of the pre-determined number of previously cached data points corresponding to contexts of a plurality of previous access requests or time constrained previously cached data points corresponding to contexts of a plurality of previous access requests. 11. A computer system for generating a behavior profile, the computer system comprising: a bus system; a storage device connected to the bus system, wherein the storage device stores program instructions; and a processor connected to the bus system, wherein the processor executes the program instructions to: calculate a newness score for a newly received data point in a data point cache corresponding to a context of an access request to a resource made by a user of a client device; generate a fuzzy set of data points corresponding to the newly received data point using a pre-determined number of previously cached data points within a pre-defined distance measure from the newly received data point in the data point cache; aggregate newness scores for a plurality of data points corresponding to contexts of a plurality of access requests made by the user to form an aggregated newness score; and generate the behavior profile identifying a behavior pattern of the user that corresponds to the plurality of access requests made by the user using the fuzzy set of data points within the pre-defined distance measure from the newly received data point in the data point cache in response to determining that the aggregated newness score is greater than or equal to a pre-defined newness score threshold. 12. The computer system of claim 11 , wherein the processor further executes the program instructions to: receive the access request to the resource from the client device via a network; and determine the newly received data point in the data point cache based on characteristics of the context of the access request. 13. The computer system of claim 11 , wherein the processor further executes the program instructions to: calculate a user behavior profile anomaly score and a cache anomaly score for the newly received data point in the data point cache corresponding to the context of the access request, wherein the computer system calculates the newness score for the newly received data point by subtracting the cache anomaly score from the user behavior profile anomaly score corresponding to the newly received data point. 14. A computer program product for generating a behavior profile, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a computer to cause the computer to perform a method comprising: calculating, by the computer, a newness score for a newly received data point in a data point cache corresponding to a context of an access request to a resource made by a user of a client device; generating, by the computer, a fuzzy set of data points corresponding to the newly received data point using a pre-determined number of previously cached data points within a pre-defined distance measure from the newly received data point in the data point cache; aggregating, by the computer, newness scores for a plurality of data points corresponding to contexts of a plurality of access requests made by the user to form an aggregated newness score; and responsive to the computer determining that the aggregated newness score is greater than or equal to a pre-defined newness score threshold, generating, by the computer, the behavior profile identifying a behavior pattern of the user that corresponds to the plurality of access requests made by the user using the fuzzy set of data points within the pre-defined di