nach oben

Erschienen in:

2016 | OriginalPaper | Buchkapitel

Multi-perspective Anomaly Detection in Business Process Execution Events

verfasst von : Kristof Böhmer, Stefanie Rinderle-Ma

Erschienen in: On the Move to Meaningful Internet Systems: OTM 2016 Conferences

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Ensuring anomaly-free process model executions is crucial in order to prevent fraud and security breaches. Existing anomaly detection approaches focus on the control flow, point anomalies, and struggle with false positives in the case of unexpected events. By contrast, this paper proposes an anomaly detection approach that incorporates perspectives that go beyond the control flow, such as, time and resources (i.e., to detect contextual anomalies). In addition, it is capable of dealing with unexpected process model execution events: not every unexpected event is immediately detected as anomalous, but based on a certain likelihood of occurrence, hence reducing the number of false positives. Finally, multiple events are analyzed in a combined manner in order to detect collective anomalies. The performance and applicability of the overall approach are evaluated by means of a prototypical implementation along and based on real life process execution logs from multiple domains.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Transition Adjacency Relation Computation Based on Unfolding: Potentials and Challenges

Nächstes Kapitel Scalable Detection of Overlapping Communities and Role Assignments in Networks via Bayesian Probabilistic Generative Affiliation Modeling

We expect that the ongoing execution events either represent an activity selection, resource assignment, or activity execution start timestamp.

Note, this paper calculates the comparison likelihood based on the recorded traces in L because they represent expected execution event traces. Alternatively, for example, each theoretically possible trace (event order) in G could be constructed/analyzed.

http://www.win.tue.nl/bpi/2015/challenge—DOI:10.4121/uuid:31a308ef-c844-48da-948c-305d167a0ec1.

Bezerra, F., Wainer, J.: Anomaly detection algorithms in business process logs. In: Enterprise Information Systems, pp. 11–18 (2008)

Bezerra, F., Wainer, J.: Anomaly detection algorithms in logs of process aware systems. In: Applied Computing, pp. 951–952. ACM (2008)

Bezerra, F., Wainer, J.: Algorithms for anomaly detection of traces in logs of process aware information systems. Inf. Syst. 38(1), 33–44 (2013)CrossRef

Bezerra, F., Wainer, J., Aalst, W.M.P.: Anomaly detection using process mining. In: Halpin, T., Krogstie, J., Nurcan, S., Proper, E., Schmidt, R., Soffer, P., Ukor, R. (eds.) BPMDS/EMMSAD -2009. LNBIP, vol. 29, pp. 149–161. Springer, Heidelberg (2009). doi:10.1007/978-3-642-01862-6_13 CrossRef

Böhmer, K., Rinderle-Ma, S.: Automatic signature generation for anomaly detection in business process instance data. In: Schmidt, R., Guédria, W., Bider, I., Guerreiro, S. (eds.) BPMDS/EMMSAD -2016. LNBIP, vol. 248, pp. 196–211. Springer, Heidelberg (2016). doi:10.1007/978-3-319-39429-9_13 CrossRef

Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: A survey. ACM Comput. Surv. 41(3), 15 (2009)CrossRef

Chatfied, C., Collins, A.J.: Introduction to multivariate analysis. Springer, Heidelberg (2013)

Chinchor, N., Sundheim, B.: Muc-5 evaluation metrics. In: Message Understanding, pp. 69–78. Association for Computational Linguistics (1993)

Jans, M., van der Werf, J.M., Lybaert, N., Vanhoof, K.: A business process mining application for internal transaction fraud mitigation. Expert Syst. Appl. 38(10), 13351–13359 (2011)CrossRef

10.

Ly, L.T., Indiono, C., Mangler, J., Rinderle-Ma, S.: Data transformation and semantic log purging for process mining. In: Ralyté, J., Franch, X., Brinkkemper, S., Wrycza, S. (eds.) CAiSE 2012. LNCS, vol. 7328, pp. 238–253. Springer, Heidelberg (2012). doi:10.1007/978-3-642-31095-9_16 CrossRef

11.

Mangler, J., Rinderle-Ma, S.: Cpee-cloud process exection engine (2014)

12.

Rieke, R., Zhdanova, M., Repp, J., Giot, R., Gaber, C.: Fraud detection in mobile payments utilizing process behavior analysis. In: Availability, Reliability and Security, pp. 662–669. IEEE (2013)

13.

Rogge-Solti, A., Kasneci, G.: Temporal anomaly detection in business processes. In: Sadiq, S., Soffer, P., Völzer, H. (eds.) BPM 2014. LNCS, vol. 8659, pp. 234–249. Springer, Heidelberg (2014). doi:10.1007/978-3-319-10172-9_15

14.

Sarno, R., Sinaga, F.P.: Business process anomaly detection using ontology-based process modelling and multi-level class association rule learning. In: Computer, Control, Informatics and its Applications, pp. 12–17. IEEE (2015)

15.

Sinaga, F., Sarno, R.: Business process anomali detection using multi-level class association rule learning. Technol. Sci. 2(1), 65–72 (2016)

16.

Sureka, A.: Kernel based sequential data anomaly detection in business process event logs. preprint (2015). arXiv:1507.01168

17.

Van Der Aalst, W.: Process Mining: Discovery, Conformance and Enhancement of Business Processes. Springer, Heidelberg (2011)CrossRefMATH

18.

Weijters, A.J., Van der Aalst, W.M.: Rediscovering workflow models from event-based data using little thumb. Integrated Comput. Aided Eng. 10(2), 151–162 (2003)

19.

Yang, W.S., Hwang, S.Y.: A process-mining framework for the detection of healthcare fraud and abuse. Expert Syst. Appl. 31(1), 56–68 (2006)CrossRef

20.

Yu, L., Liu, H.: Efficient feature selection via analysis of relevance and redundancy. Mach. Learn. Res. 5, 1205–1224 (2004)MathSciNetMATH

Titel: Multi-perspective Anomaly Detection in Business Process Execution Events
verfasst von: Kristof Böhmer
Stefanie Rinderle-Ma
Verlag: Springer International Publishing
Buch: On the Move to Meaningful Internet Systems: OTM 2016 Conferences
Print ISBN: 978-3-319-48471-6

Electronic ISBN: 978-3-319-48472-3

Copyright-Jahr: 2016
DOI: https://doi.org/10.1007/978-3-319-48472-3_5

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner