Skip to main content
SpringerLink
Log in

Pariket: Mining Business Process Logs for Root Cause Analysis of Anomalous Incidents

  • Conference paper
Databases in Networked Information Systems (DNIS 2015)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 8999))

Included in the following conference series:

Abstract

Process mining consists of extracting knowledge and actionable information from event-logs recorded by Process Aware Information Systems (PAIS). PAIS are vulnerable to system failures, malfunctions, fraudulent and undesirable executions resulting in anomalous trails and traces. The flexibility in PAIS resulting in large number of trace variants and the large volume of event-logs makes it challenging to identify anomalous executions and determining their root causes. We propose a framework and a multi-step process to identify root causes of anomalous traces in business process logs. We first transform the event-log into a sequential dataset and apply Window-based and Markovian techniques to identify anomalies. We then integrate the basic event-log data consisting of the Case ID, time-stamp and activity with the contextual data and prepare a dataset consisting of two classes (anomalous and normal). We apply Machine Learning techniques such as decision tree classifiers to extract rules (explaining the root causes) describing anomalous transactions. We use advanced visualization techniques such as parallel plots to present the data in a format making it easy for a process analyst to identify the characteristics of anomalous executions. We conduct a triangulation study to gather multiple evidences to validate the effectiveness and accuracy of our approach.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Van der Aalst, W.: Process mining: discovery, conformance and enhancement of business processes (2011)

    Google Scholar 

  2. Bezerra, F., Wainer, J.: Anomaly detection algorithms in logs of process aware systems. In: Proceedings of the 2008 ACM Symposium on Applied Computing, pp. 951–952. ACM (2008)

    Google Scholar 

  3. Bezerra, F., Wainer, J.: Fraud detection in process aware systems. International Journal of Business Process Integration and Management 5(2), 121–129 (2011)

    Article  Google Scholar 

  4. Bezerra, F., Wainer, J.: A dynamic threshold algorithm for anomaly detection in logs of process aware systems. Journal of Information and Data Management 3(3), 316 (2012)

    Google Scholar 

  5. Bezerra, F., Wainer, J.: Algorithms for anomaly detection of traces in logs of process aware information systems. Information Systems 38(1), 33–44 (2013)

    Article  Google Scholar 

  6. Bezerra, F., Wainer, J., van der Aalst, W.M.P.: Anomaly detection using process mining. In: Halpin, T., Krogstie, J., Nurcan, S., Proper, E., Schmidt, R., Soffer, P., Ukor, R. (eds.) Enterprise, Business-Process and Information Systems Modeling. LNBIP, vol. 29, pp. 149–161. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  7. Calderón-Ruiz, G., Sepúlveda, M.: Automatic discovery of failures in business processes using process mining techniques

    Google Scholar 

  8. Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection for discrete sequences: A survey. IEEE Transactions on Knowledge and Data Engineering 24(5), 823–839 (2012)

    Article  Google Scholar 

  9. Forrest, S., Hofmeyr, S., Somayaji, A., Longstaff, T.: A sense of self for unix processes. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 120–128 (May 1996)

    Google Scholar 

  10. Heravizadeh, M., Mendling, J., Rosemann, M.: Root cause analysis in business processes (2008)

    Google Scholar 

  11. Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion detection using sequences of system calls. Journal of computer security 6(3), 151–180 (1998)

    Google Scholar 

  12. Ron, D., Singer, Y., Tishby, N.: The power of amnesia: Learning probabilistic automata with variable memory length. Machine Learning 25(2-3), 117–149 (1996)

    Article  MATH  Google Scholar 

  13. Suriadi, S., Ouyang, C., van der Aalst, W.M., ter Hofstede, A.H.: Root cause analysis with enriched process logs. In: Business Process Management Workshops, pp. 174–186 (2013)

    Google Scholar 

  14. Vasilyev, E., Ferreira, D.R., Iijima, J.: Using inductive reasoning to find the cause of process delays. In: 2013 IEEE 15th Conference on Business Informatics (CBI), pp. 242–249. IEEE (2013)

    Google Scholar 

  15. Wainer, J., Kim, K.-H., Ellis, C.A.: A workflow mining method through model rewriting. In: Fukś, H., Lukosch, S., Salgado, A.C. (eds.) CRIWG 2005. LNCS, vol. 3706, pp. 184–191. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Indraprastha Institute of Information Technology, Delhi (IIITD), India

    Nisha Gupta & Kritika Anand

  2. Software Analytics Research Lab (SARL), India

    Ashish Sureka

Authors
  1. Nisha Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kritika Anand
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ashish Sureka
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Database Systems Laboratory, University of Aizu, 965-8580, Japan

    Wanming Chu , Shinji Kikuchi  & Subhash Bhalla ,  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Gupta, N., Anand, K., Sureka, A. (2015). Pariket: Mining Business Process Logs for Root Cause Analysis of Anomalous Incidents. In: Chu, W., Kikuchi, S., Bhalla, S. (eds) Databases in Networked Information Systems. DNIS 2015. Lecture Notes in Computer Science, vol 8999. Springer, Cham. https://doi.org/10.1007/978-3-319-16313-0_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-16313-0_19

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-16312-3

  • Online ISBN: 978-3-319-16313-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation