Skip to main content
SpringerLink
Log in

BAnDIT: Business Process Anomaly Detection in Transactions

  • Conference paper
  • First Online:
Cooperative Information Systems (CoopIS 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14353))

Included in the following conference series:

  • 320 Accesses

Abstract

Business process anomaly detection enables the prevention of misuse and failures. Existing approaches focus on detecting anomalies in control, temporal, and resource behavior of individual instances, neglecting the communication of multiple instances in choreographies. Consequently, anomaly detection capabilities are limited. This study presents a novel neural network-based approach to detect anomalies in distributed business processes. Unlike existing methods, our solution considers message data exchanged during process transactions. Allowing the generation of detection profiles incorporating the relationship between multiple instances, related services, and exchanged data to detect point and contextual anomalies during process runtime. To validate the proposed solution, it is demonstrated with a prototype implementation and validated with a use case from the ecommerce domain. Future work aims to further improve the deep learning approach, to enhance detection performance.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 79.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://github.com/nico-ru/BAnDIT.

References

  1. Aalst, W.: Data science in action. In: Process Mining, pp. 3–23. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49851-4_1

    Chapter  Google Scholar 

  2. Bahdanau, D., Cho, K., Bengio, Y.: Neural machine translation by jointly learning to align and translate (2014)

    Google Scholar 

  3. Böhmer, K., Rinderle-Ma, S.: Multi-perspective anomaly detection in business process execution events. In: Debruyne, C., et al. (eds.) OTM 2016. LNCS, vol. 10033, pp. 80–98. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-48472-3_5

    Chapter  Google Scholar 

  4. Böhmer, K., Rinderle-Ma, S.: Multi instance anomaly detection in business process executions. In: Carmona, J., Engels, G., Kumar, A. (eds.) BPM 2017. LNCS, vol. 10445, pp. 77–93. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-65000-5_5

    Chapter  Google Scholar 

  5. Böhmer, K., Rinderle-Ma, S.: Association rules for anomaly detection and root cause analysis in process executions. In: Krogstie, J., Reijers, H.A. (eds.) CAiSE 2018. LNCS, vol. 10816, pp. 3–18. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-91563-0_1

    Chapter  Google Scholar 

  6. Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. 41(3), 1–58 (2009)

    Article  Google Scholar 

  7. Chung, J., Gulcehre, C., Cho, K., Bengio, Y.: Empirical evaluation of gated recurrent neural networks on sequence modeling (2014)

    Google Scholar 

  8. Eskin, E.: Anomaly detection over noisy data using learned probability distributions (2000)

    Google Scholar 

  9. Holtzman, A., Buys, J., Forbes, M., Choi, Y.: The curious case of neural text degeneration. CoRR abs/1904.09751 (2019). http://arxiv.org/abs/1904.09751

  10. Hossin, M., Sulaiman, M.N.: A review on evaluation metrics for data classification evaluations. IJDKP 5(2), 1 (2015)

    Article  Google Scholar 

  11. Huo, S., Völzer, H., Reddy, P., Agarwal, P., Isahagian, V., Muthusamy, V.: Graph autoencoders for business process anomaly detection. In: Polyvyanyy, A., Wynn, M.T., Van Looy, A., Reichert, M. (eds.) BPM 2021. LNCS, vol. 12875, pp. 417–433. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-85469-0_26

    Chapter  Google Scholar 

  12. Leitner, M., Rinderle-Ma, S.: A systematic review on security in process-aware information systems - constitution, challenges, and future directions. Inf. Softw. Technol. 56(3), 273–293 (2014). https://doi.org/10.1016/j.infsof.2013.12.004

    Article  Google Scholar 

  13. Maggi, F.M., Di Francescomarino, C., Dumas, M., Ghidini, C.: Predictive monitoring of business processes. In: Jarke, M., et al. (eds.) CAiSE 2014. LNCS, vol. 8484, pp. 457–472. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-07881-6_31

    Chapter  Google Scholar 

  14. Mavroudopoulos, I., Gounaris, A.: Detecting temporal anomalies in business processes using distance-based methods. In: Appice, A., Tsoumakas, G., Manolopoulos, Y., Matwin, S. (eds.) DS 2020. LNCS (LNAI), vol. 12323, pp. 615–629. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-61527-7_40

    Chapter  Google Scholar 

  15. Meng, W., et al.: Device-agnostic log anomaly classification with partial labels. In: IWQoS 2018, pp. 1–6 (2018)

    Google Scholar 

  16. Mikolov, T., Chen, K., Corrado, G., Dean, J.: Efficient estimation of word representations in vector space (2013)

    Google Scholar 

  17. Nedelkoski, S., Cardoso, J.S., Kao, O.: Anomaly detection and classification using distributed tracing and deep learning. In: CCGRID 2019, pp. 241–250. IEEE (2019)

    Google Scholar 

  18. Nolle, T., Luettgen, S., Seeliger, A., Mühlhäuser, M.: Analyzing business process anomalies using autoencoders. Mach. Learn. 107(11), 1875–1893 (2018)

    Article  MathSciNet  MATH  Google Scholar 

  19. Nolle, T., Seeliger, A., Mühlhäuser, M.: BINet: multivariate business process anomaly detection using deep learning. In: Weske, M., Montali, M., Weber, I., vom Brocke, J. (eds.) BPM 2018. LNCS, vol. 11080, pp. 271–287. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98648-7_16

    Chapter  MATH  Google Scholar 

  20. Pauwels, S., Calders, T.: Incremental predictive process monitoring: the next activity case. In: Polyvyanyy, A., Wynn, M.T., Van Looy, A., Reichert, M. (eds.) BPM 2021. LNCS, vol. 12875, pp. 123–140. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-85469-0_10

    Chapter  Google Scholar 

  21. Rogge-Solti, A., Kasneci, G.: Temporal anomaly detection in business processes. In: Sadiq, S., Soffer, P., Völzer, H. (eds.) BPM 2014. LNCS, vol. 8659, pp. 234–249. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10172-9_15

    Chapter  Google Scholar 

  22. Rud, D., Schmietendorf, A., Dumke, R.R.: Product metrics for service-oriented infrastructures. In: IWSM/MetriKon 2006 (2006)

    Google Scholar 

  23. Rudolf, N.: Profile-based Anomaly Detection in Service Oriented Business Processes. master thesis, University of Vienna (2023)

    Google Scholar 

  24. Sutskever, I., Vinyals, O., Le, Q.V.: Sequence to sequence learning with neural networks. CoRR abs/1409.3215 (2014). http://arxiv.org/abs/1409.3215

Download references

Author information

Authors and Affiliations

  1. Faculty of Computer Science, Research Group Workflow Systems and Technology, University of Vienna, Währinger Straße 29, Vienna, Austria

    Nico Rudolf, Kristof Böhmer & Maria Leitner

  2. Faculty of Informatics and Data Science, Chair of Artificial Intelligence in IT Security, University of Regensburg, Regensburg, Germany

    Maria Leitner

Authors
  1. Nico Rudolf
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kristof Böhmer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Maria Leitner
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nico Rudolf .

Editor information

Editors and Affiliations

  1. Telecom SudParis, Evry, France

    Mohamed Sellami

  2. Leibniz University Hannover, Hannover, Germany

    Maria-Esther Vidal

  3. Eindhoven University of Technology, Eindhoven, The Netherlands

    Boudewijn van Dongen

  4. Telecom SudParis, Evry, France

    Walid Gaaloul

  5. University of Lorraine, Vandoeuvre-les-Nancy, France

    Hervé Panetto

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Rudolf, N., Böhmer, K., Leitner, M. (2024). BAnDIT: Business Process Anomaly Detection in Transactions. In: Sellami, M., Vidal, ME., van Dongen, B., Gaaloul, W., Panetto, H. (eds) Cooperative Information Systems. CoopIS 2023. Lecture Notes in Computer Science, vol 14353. Springer, Cham. https://doi.org/10.1007/978-3-031-46846-9_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-46846-9_22

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-46845-2

  • Online ISBN: 978-3-031-46846-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation