Process mining and security: detecting anomalous process executions and checking process conformance

W.M.P. Aalst, van der, A.K. Alves De Medeiros

Onderzoeksoutput: Bijdrage aan tijdschriftTijdschriftartikelAcademicpeer review

106 Citaten (Scopus)
2 Downloads (Pure)

Samenvatting

One approach to secure systems is through the analysis of audit trails. An audit trail is a record of all events that take place in a system and across a network, i.e., it provides a trace of user/system actionssothatsecurityeventscanberelatedtotheactionsofaspecific individual or system component. Audit trails can be inspected for the presence or absence of certain patterns. This paper advocates the use of process mining techniques to analyze audit trails for security violations. It is shown how a specific algorithm, called the a-algorithm, can be used to support security efforts at various levels ranging from low-level intrusion detection to high-level fraud prevention.
Originele taal-2Engels
Pagina's (van-tot)3-21
TijdschriftElectronic Notes in Theoretical Computer Science
Volume121
StatusGepubliceerd - 2005

Vingerafdruk

Duik in de onderzoeksthema's van 'Process mining and security: detecting anomalous process executions and checking process conformance'. Samen vormen ze een unieke vingerafdruk.

Citeer dit