A Dynamic Threshold Algorithm for Anomaly Detection in Logs of Process Aware Systems

Authors

  • Fábio Bezerra Universidade Federal Rural da Amazônia
  • Jacques Wainer Universidade Estadual de Campinas

Keywords:

anomaly detection, business analysis, process aware systems, process mining

Abstract

In the last years, companies have adhered to PAIS (Process Aware Information Systems) for supporting the control of their businesses. However, while normative PAIS may compromise the competitiveness of these companies, flexible PAIS are a risk for security. In order to re-balance that trade-off, we present a new approach for anomaly detection in logs of PAIS. It is an algorithm based on conformance threshold that is dynamically defined. The algorithm was evaluated on two datasets of artificial logs (one with 360 complex logs, and other with 1800 simpler logs), with different profiles on the number of anomalous traces and the number of times each anomalous traces was present in the log. We also carried out a comparative study with a naive approach for anomaly detection that marks as potential anomalies traces that are infrequent in the log.

Downloads

Download data is not yet available.

Author Biographies

Fábio Bezerra, Universidade Federal Rural da Amazônia

Adjunct Professor at ICIBE-UFRA

Jacques Wainer, Universidade Estadual de Campinas

Professor at IC-UNICAMP

Downloads

Additional Files

Published

2012-09-27

Issue

Vol. 3 No. 3 (2012): SBBD 2012

Section

SBBD Articles