Multi-Perspective Anomaly Detection in Business Process Execution Events

Multi-Perspective Anomaly Detection in Business Process Execution Events

Abstract

Ensuring anomaly-free process model executions is crucial in order to prevent fraud and security breaches. Existing anomaly detection approaches focus on the control flow, point anomalies, and struggle with false positives in the case of unexpected events. By contrast, this paper proposes an anomaly detection approach that incorporates perspectives that go beyond the control flow, such as, time and resources (i.e., to detect contextual anomalies). In addition, it is capable of dealing with unexpected process model execution events: not every unexpected event is immediately detected as anomalous, but based on a certain likelihood of occurrence, hence reducing the number of false positives. Finally, multiple events are analyzed in a combined manner in order to detect collective anomalies. The performance and applicability of the overall approach are evaluated by means of a prototypical implementation along and based on real life process execution logs from multiple domains.

Grafik Top
Authors
  • Böhmer, Kristof
  • Rinderle-Ma, Stefanie
Grafik Top
Shortfacts
Category
Paper in Conference Proceedings or in Workshop Proceedings (Full Paper in Proceedings)
Event Title
International Conference on Cooperative Information Systems (CoopIS) 2016
Divisions
Workflow Systems and Technology
Subjects
Informatik Allgemeines
Computersicherheit
Event Location
Rhodes, Greece
Event Type
Conference
Event Dates
26-28 Oct 2016
Date
October 2016
Export
Grafik Top