Application of Process mining technology to identify abnormal situations in the operation of high-tech equipment

Adelya Khasanova, Maxim Dunaev


In the modern world, all companies use IT infrastructure to organize their activities. And an attempt to eliminate various anomalous events (including security threats) in the activities of technology platforms is becoming extremely urgent.

Such platforms are becoming the mainstream of the IT industry, supporting a wide range of online services and intelligent applications (weather forecast, biomedical engineering, etc.). Most of these systems support the operation of complex equipment in various industries: mining, industrial design and operation of nuclear power plants, transport industry, etc. Serving thousands of computers simultaneously, almost all systems are designed to operate around the clock, serving thousands of computers simultaneously, high availability and reliability.

Any incidents with such systems, including interruptions or reduced quality of service, will lead to the exit from individual applications and, accordingly, to financial costs. In addition, malfunctioning digital equipment can lead to accidents and industrial accidents.

One of the tools for solving the above problems is the development process, which allows you to analyze processes, abnormal events, predict bottlenecks, etc.

The purpose of this work is to study and implement effective technologies for intelligent analysis of processes (Process Mining) for possible operations in event logs (using the example of Windows OS).

Full Text:

PDF (Russian)


Khan S., Parkinson S. Discovering and utilising expert knowledge from security event logs //Journal of Information Security and Applications. – 2019. – Т. 48. – С. 102375.

He S. et al. Experience report: System log analysis for anomaly detection //2016 IEEE 27th International Symposium on Software Reliability Engineering (ISSRE). – IEEE, 2016. – С. 207-218.

Van Der Aalst W. et al. Process Mining manifesto //International Conference on Business Process Management. – Springer, Berlin, Heidelberg, 2011. – С. 169-194.

Fluxicon Disco User's Guide, McGrath, M., Price, M.: Windows 10 in easy steps - Special Edition: To venture further. In Easy Steps Limited, Warwickshire (2015)

Dwyer J., Truta T. M. Finding anomalies in windows event logs using standard deviation //9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing. – IEEE, 2013. – С. 563-570.

Van Der Aalst W. Data science in action //Process Mining. – Springer, Berlin, Heidelberg, 2016. – С. 3-23.

Berti A., van Zelst S. J., van der Aalst W. Process Mining for python (PM4Py): bridging the gap between process-and data science //arXiv preprint arXiv:1905.06169. – 2019.

Van der Aalst W. M. P. Process Mining: discovery, conformance and enhancement of business processes. Springer, 2011.

Van der Aalst W.M.P., Weijters A.J.M.M., Maruster L. Workflow Mining: Discovering Process Models from Event Logs // IEEE Transactions on Knowledge and Data Engineering, 2004. Vol. 16(9). P. 1128–1142.

Van der Aalst W.M.P., Adriansyah A., Van Dongen B.F. Replaying history on process models for conformance checking and performance analysis // Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery. Vol. 2(2). Wiley Online Library. 2012. P. 182–192.

Van der Werf J. M. E. M. et al. Process discovery using integer linear programming // Applications and Theory of Petri Nets. Springer Berlin Heidelberg, 2008. P. 368–387.


  • There are currently no refbacks.

Abava  Кибербезопасность IT congress 2023

ISSN: 2307-8162