Multi-Perspective Anomaly Detection in Business Process Execution Events
Ensuring anomaly-free process model executions is crucial in order to prevent fraud and security breaches. Existing anomaly detection approaches focus on the control flow, point anomalies, and struggle with false positives in the case of unexpected events. By contrast, this paper proposes an anomaly detection approach that incorporates perspectives that go beyond the control flow, such as, time and resources (i.e., to detect contextual anomalies). In addition, it is capable of dealing with unexpected process model execution events: not every unexpected event is immediately detected as anomalous, but based on a certain likelihood of occurrence, hence reducing the number of false positives. Finally, multiple events are analyzed in a combined manner in order to detect collective anomalies. The performance and applicability of the overall approach are evaluated by means of a prototypical implementation along and based on real life process execution logs from multiple domains.
Top- Böhmer, Kristof
- Rinderle-Ma, Stefanie
Category |
Paper in Conference Proceedings or in Workshop Proceedings (Full Paper in Proceedings) |
Event Title |
International Conference on Cooperative Information Systems (CoopIS) 2016 |
Divisions |
Workflow Systems and Technology |
Subjects |
Informatik Allgemeines Computersicherheit |
Event Location |
Rhodes, Greece |
Event Type |
Conference |
Event Dates |
26-28 Oct 2016 |
Date |
October 2016 |
Export |