Towards Forensic Data Flow Analysis of Business Process Logs

Accorsi, Rafael; Wonnemann, Claus; Stocker, Thomas F.

doi:10.1109/imf.2011.13

Cited by 13 publications

(7 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In order to find appropriate meta-models for efficient data-and information flow analysis, the starting point of this research was to analyze propagation graphs capturing data flows within a process execution with extensional data flow properties, that denote what -instead of how -relevant industrial requirements are to be achieved [5]. Providing a sufficient basis for data flow analysis, propagation graphs do not reflect the control flow of process executions.…”

Section: Preliminary Resultsmentioning

confidence: 99%

Data Flow-Oriented Process Mining to Support Security Audits

Stocker

2012

Service-Oriented Computing

Self Cite

View full text Add to dashboard Cite

Abstract. The automated execution of dynamically-evolving business processes in service-oriented architectures requires audit methods to assert that they fulfill required security properties. Process mining techniques can provide models for the actual process behavior, but mostly disregard the dynamics of processes running in highly flexible environments and neglect the data flow perspective. This research plan is on novel data-oriented mining techniques to tackle these shortcomings in order to support effective security audits.

show abstract

Section: Preliminary Resultsmentioning

confidence: 99%

Data Flow-Oriented Process Mining to Support Security Audits

Stocker

2012

Service-Oriented Computing

Self Cite

View full text Add to dashboard Cite

show abstract

“…Accorsi et al [1,2] present an approach for detecting illegal data flow execution in business processes. These works propose a forensic analysis tool called RecIF that constructs a graph of data flow among subjects (propagation graph) in a process.…”

Section: Anomaly Detection In Process Logsmentioning

confidence: 99%

“…Although the work in [1,2] has similarities with our anomaly detection approaches (e.g. model construction and conformance test), there exists one important difference.…”

Section: Anomaly Detection In Process Logsmentioning

confidence: 99%

Algorithms for anomaly detection of traces in logs of process aware information systems

Bezerra

Wainer

2013

Information Systems

102

View full text Add to dashboard Cite

a b s t r a c tThis paper discusses four algorithms for detecting anomalies in logs of process aware systems. One of the algorithms only marks as potential anomalies traces that are infrequent in the log. The other three algorithms: threshold, iterative and sampling are based on mining a process model from the log, or a subset of it. The algorithms were evaluated on a set of 1500 artificial logs, with different profiles on the number of anomalous traces and the number of times each anomalous traces was present in the log. The sampling algorithm proved to be the most effective solution. We also applied the algorithm to a real log, and compared the resulting detected anomalous traces with the ones detected by a different procedure that relies on manual choices.

show abstract

“…Focusing solely on the flow of data along activities throughout process execution, Accorsi et al [8] proposed an analysis method based on propagation graphs and a constraint language able to express multi-level security requirements. Propagation graphs are build on basis of process logs, whereas nodes stand for process activities and arcs model data flows.…”

Section: Case and Data Perspectivementioning

confidence: 99%

On the exploitation of process mining for security audits

Accorsi

Stocker

Müller

2013

Proceedings of the 28th Annual ACM Symposium on Applied Computing

Self Cite

View full text Add to dashboard Cite

This paper reports on the potential of process mining as a basis for security audits of business process and corresponding business process management systems. In particular, it focuses on process discovery as a means to reconstruct process-related structures from event logs, such as the process' control flow, social network and data flows. Based on this information, security analysis to determine the compliance with security and privacy requirements can be automated.

show abstract

Towards Forensic Data Flow Analysis of Business Process Logs

Cited by 13 publications

References 26 publications

Data Flow-Oriented Process Mining to Support Security Audits

Data Flow-Oriented Process Mining to Support Security Audits

Algorithms for anomaly detection of traces in logs of process aware information systems

On the exploitation of process mining for security audits

Contact Info

Product

Resources

About