Process Mining and Security: Detecting Anomalous Process Executions and Checking Process Conformance
نویسندگان
چکیده
One approach to secure systems is through the analysis of audit trails. An audit trail is a record of all events that take place in a system and across a network, i.e., it provides a trace of user/system actions so that security events can be related to the actions of a specific individual or system component. Audit trails can be inspected for the presence or absence of certain patterns. This paper advocates the use of process mining techniques to analyze audit trails for security violations. It is shown how a specific algorithm, called the α-algorithm, can be used to support security efforts at various levels ranging from low-level intrusion detection to high-level fraud prevention.
منابع مشابه
Aligning Event Logs and Declarative Process Models for Conformance Checking
Process mining can be seen as the “missing link” between data mining and business process management. Although nowadays, in the context of process mining, process discovery attracts the lion’s share of attention, conformance checking is at least as important. Conformance checking techniques verify whether the observed behavior recorded in an event log matches a modeled behavior. This type of an...
متن کاملProcess algebraic modeling of authentication protocols for analysis of parallel multi-session executions
Many security protocols have the aim of authenticating one agent acting as initiator to another agent acting as responder and vice versa. Sometimes, the authentication fails because of executing several parallel sessions of a protocol, and because an agent may play both the initiator and responder role in parallel sessions. We take advantage of the notion of transition systems to specify authen...
متن کاملLights, Camera, Action! Business Process Movies for Online Process Discovery
Nowadays, organizational information systems are able to collect high volumes of data in event logs every day. Through process mining techniques, it is possible to extract information from such logs to support organizations in checking process conformance, detecting bottlenecks, and carrying on performance analysis. However, to analyze such “big data” through process mining, events coming from ...
متن کاملGenetic-based Anomaly Detection in Logs of Process Aware Systems
Nowaday’s, many organizations use systems that support business process as a whole or partially. However, in some application domains, like software development and health care processes, a normative Process Aware System (PAS) is not suitable, because a flexible support is needed to respond rapidly to new process models. On the other hand, a flexible Process Aware System may be vulnerable to un...
متن کاملTowards Goal-Oriented Conformance Checking
Constructing a business process is important area between requirements engineering and business process management. Goal-oriented requirements analysis method is widely researched in requirements engineering and useful for reflecting organizational requirements to business process models, but actual business processes deviate from defined process models. Therefore, it is not sufficient for busi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Electr. Notes Theor. Comput. Sci.
دوره 121 شماره
صفحات -
تاریخ انتشار 2005