Internal threat detection system based on mining of business process model and detection method thereof

A model mining and business process technology, which is applied in transmission systems, unstructured text data retrieval, special data processing applications, etc., can solve problems such as rarely considering the security of business activities, business system exceptions, leakage, etc.
CN106209893AActive Publication Date: 2016-12-07THE PLA INFORMATION ENG UNIV
3 Cites 29 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
THE PLA INFORMATION ENG UNIV
Publication Date
2016-12-07

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention relates to an internal threat detection system based on mining of a business process model and a detection method thereof. The detection system comprises a model mining module, an abnormality detection module and an abnormality analysis model, wherein the model mining module implements model mining according to an event log of each business event in a business system, and thus acquires a business control flow model, a business performance model and an executor behavior model; the abnormality detection module detects logic abnormality, performance abnormality and behavior abnormality of the event log generated during a real-time operation process of a business activity according to the model mining module; and the abnormality analysis model parses a detection result of the abnormality detection module, recognizes execution information about implementation of an internal threat and outputs the information. According to the internal threat detection system based on mining of the business process model established in the invention, the internal threat behavior existing in the business execution process is effectively detected, a powerful support is provided for enterprises and various organizations to prevent the internal threat, and information security of enterprises and organizations is effectively ensured.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention belongs to the technical field of business process mining and network security, and in particular relates to an internal threat detection system and a detection method based on business process model mining. Background technique

[0002] The rapid development of information technology has promoted the wide application of information systems in various enterprises and organizations. However, while information systems have improved work efficiency for these organizations, they have also introduced a large number of security loopholes, including both technical loopholes in software and hardware, and loopholes in internal personnel management. Compared with external network attacks caused by software and hardware vulnerabilities, internal threats caused by internal personnel management vulnerabilities are often more harmful and harder to detect. The main reasons for internal threats are as follows: first, some employees who lack security awa...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More