13,575 research outputs found
Security Incident Response Criteria: A Practitioner's Perspective
Industrial reports indicate that security incidents continue to inflict large financial losses on organizations.
Researchers and industrial analysts contend that there are fundamental problems with existing security
incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC)
which can be applied to a variety of security incident response approaches. The criteria are derived from
empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and
supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this
paper can be used to evaluate existing security incident response solutions and second, as a guide, to
support future security incident response improvement initiatives
A Quantitative Study of Java Software Buildability
Researchers, students and practitioners often encounter a situation when the
build process of a third-party software system fails. In this paper, we aim to
confirm this observation present mainly as anecdotal evidence so far. Using a
virtual environment simulating a programmer's one, we try to fully
automatically build target archives from the source code of over 7,200 open
source Java projects. We found that more than 38% of builds ended in failure.
Build log analysis reveals the largest portion of errors are
dependency-related. We also conduct an association study of factors affecting
build success
Predictive Monitoring of Business Processes
Modern information systems that support complex business processes generally
maintain significant amounts of process execution data, particularly records of
events corresponding to the execution of activities (event logs). In this
paper, we present an approach to analyze such event logs in order to
predictively monitor business goals during business process execution. At any
point during an execution of a process, the user can define business goals in
the form of linear temporal logic rules. When an activity is being executed,
the framework identifies input data values that are more (or less) likely to
lead to the achievement of each business goal. Unlike reactive compliance
monitoring approaches that detect violations only after they have occurred, our
predictive monitoring approach provides early advice so that users can steer
ongoing process executions towards the achievement of business goals. In other
words, violations are predicted (and potentially prevented) rather than merely
detected. The approach has been implemented in the ProM process mining toolset
and validated on a real-life log pertaining to the treatment of cancer patients
in a large hospital
Incremental Predictive Process Monitoring: How to Deal with the Variability of Real Environments
A characteristic of existing predictive process monitoring techniques is to
first construct a predictive model based on past process executions, and then
use it to predict the future of new ongoing cases, without the possibility of
updating it with new cases when they complete their execution. This can make
predictive process monitoring too rigid to deal with the variability of
processes working in real environments that continuously evolve and/or exhibit
new variant behaviors over time. As a solution to this problem, we propose the
use of algorithms that allow the incremental construction of the predictive
model. These incremental learning algorithms update the model whenever new
cases become available so that the predictive model evolves over time to fit
the current circumstances. The algorithms have been implemented using different
case encoding strategies and evaluated on a number of real and synthetic
datasets. The results provide a first evidence of the potential of incremental
learning strategies for predicting process monitoring in real environments, and
of the impact of different case encoding strategies in this setting
Clustering-Based Predictive Process Monitoring
Business process enactment is generally supported by information systems that
record data about process executions, which can be extracted as event logs.
Predictive process monitoring is concerned with exploiting such event logs to
predict how running (uncompleted) cases will unfold up to their completion. In
this paper, we propose a predictive process monitoring framework for estimating
the probability that a given predicate will be fulfilled upon completion of a
running case. The predicate can be, for example, a temporal logic constraint or
a time constraint, or any predicate that can be evaluated over a completed
trace. The framework takes into account both the sequence of events observed in
the current trace, as well as data attributes associated to these events. The
prediction problem is approached in two phases. First, prefixes of previous
traces are clustered according to control flow information. Secondly, a
classifier is built for each cluster using event data to discriminate between
fulfillments and violations. At runtime, a prediction is made on a running case
by mapping it to a cluster and applying the corresponding classifier. The
framework has been implemented in the ProM toolset and validated on a log
pertaining to the treatment of cancer patients in a large hospital
Change Mining in Adaptive Process Management Systems
The wide-spread adoption of process-aware information systems has resulted in a bulk of computerized information about real-world processes. This data can be utilized for process performance analysis as well as for process improvement. In this context process mining offers promising perspectives. So far, existing mining techniques have been applied to operational processes, i.e., knowledge is extracted from execution logs (process discovery), or execution logs are compared with some a-priori process model (conformance checking). However, execution logs only constitute one kind of data gathered during process enactment. In particular, adaptive processes provide additional information about process changes (e.g., ad-hoc changes of single process instances) which can be used to enable organizational learning. In this paper we present an approach for mining change logs in adaptive process management systems. The change process discovered through process mining provides an aggregated overview of all changes that happened so far. This, in turn, can serve as basis for all kinds of process improvement actions, e.g., it may trigger process redesign or better control mechanisms
- …