Supporting Process Mining with Recovered Residual Data

被引：1

作者：

Englbrecht, Ludwig ^{[1
]}

Schoenig, Stefan ^{[1
]}

Pernul, Guenther ^{[1
]}

机构：

[1] Univ Regensburg, Regensburg, Germany

来源：

PRACTICE OF ENTERPRISE MODELING, POEM 2020 | 2020年 / 400卷

关键词：

Process mining; Business process discovery; Digital; forensics; Digital trace mining;

D O I：

10.1007/978-3-030-63479-7_27

中图分类号：

F [经济];

学科分类号：

02 ;

摘要：

Understanding how workflows are actually carried out within an organization can provide a crucial contribution to business process improvement. This paper presents a concept for reconstructing a business process by using file residuals on a hard-drive and without the need for existing event logs. Thereby, methods from the area of process mining are enriched with approaches from digital forensics investigations in a Digital Trace Miner. First, a framework that extracts traces originating from business process execution based on residual data is developed in order to link them to the processes. The traces from the extraction are used in a life-cycle to keep related data up-to-date. This approach has been implemented and evaluated by a prototype. The evaluation shows that this approach enables useful insights regarding the tasks performed on a suspect computer by associating recovered files by using file-carving mechanisms.

引用

页码：389 / 404

页数：16

共 28 条

[1] Bala S., 2017, CEUR Workshop Proceedings, V1859, P133
[2] Monitoring the Software Development Process with Process Mining
Bala, Saimir
Mendling, Jan
[J]. BUSINESS MODELING AND SOFTWARE DESIGN, BMSD 2018, 2018, 319 : 432 - 442
[3] Breitinger F, 2013, L N INST COMP SCI SO, V114, P167
[4] Castellanos M., 2009, Handbook of research on business process modeling, P456, DOI DOI 10.4018/978-1-60566-288-6.CH021
[5] Cohen F, 2010, IFIP ADV INF COMM TE, V337, P17
[6] Dakic D., 2020, SIM 2019 SPBE, P299, DOI [10.1007/978, DOI 10.1007/978]
[7] Process Mining on Databases: Unearthing Historical Data from Redo Logs
de Murillas, Eduardo Gonzalez Lopez
van der Aalst, Wil M. P.
Reijers, Hajo A.
[J]. BUSINESS PROCESS MANAGEMENT, BPM 2015, 2015, 9253 : 367 - 385
[8] Dewald A., 2014, From Computer Forensics to Forensic Computing: Investigators Investigate
[9] Englbrecht Ludwig, 2020, ARES 2020: Proceedings of the 15th International Conference on Availability, Reliability and Security, DOI 10.1145/3407023.3407064
[10] Digital forensics research: The next 10 years
Garfinkel, Simson L.
[J]. DIGITAL INVESTIGATION, 2010, 7 : S64 - S73

← 1 2 3 →