A Dynamic Threshold Algorithm for Anomaly Detection in Logs of Process Aware Systems


  • Fábio Bezerra Universidade Federal Rural da Amazônia
  • Jacques Wainer Universidade Estadual de Campinas


anomaly detection, business analysis, process aware systems, process mining


In the last years, companies have adhered to PAIS (Process Aware Information Systems) for supporting the control of their businesses. However, while normative PAIS may compromise the competitiveness of these companies, flexible PAIS are a risk for security. In order to re-balance that trade-off, we present a new approach for anomaly detection in logs of PAIS. It is an algorithm based on conformance threshold that is dynamically defined. The algorithm was evaluated on two datasets of artificial logs (one with 360 complex logs, and other with 1800 simpler logs), with different profiles on the number of anomalous traces and the number of times each anomalous traces was present in the log. We also carried out a comparative study with a naive approach for anomaly detection that marks as potential anomalies traces that are infrequent in the log.


Download data is not yet available.

Author Biographies

Fábio Bezerra, Universidade Federal Rural da Amazônia

Adjunct Professor at ICIBE-UFRA

Jacques Wainer, Universidade Estadual de Campinas

Professor at IC-UNICAMP






SBBD Articles