DOI QR코드

DOI QR Code

The use of Local API(Anomaly Process Instances) Detection for Analyzing Container Terminal Event

로컬 API(Anomaly Process Instances) 탐지법을 이용한 컨테이너 터미널 이벤트 분석

Jeon, Daeuk;Bae, Hyerim
전대욱;배혜림

  • Received : 2015.08.07
  • Accepted : 2015.09.09
  • Published : 2015.11.30

Abstract

Information systems has been developed and used in various business area, therefore there are abundance of history data (log data) stored, and subsequently, it is required to analyze those log data. Previous studies have been focusing on the discovering of relationship between events and no identification of anomaly instances. Previously, anomaly instances are treated as noise and simply ignored. However, this kind of anomaly instances can occur repeatedly. Hence, a new methodology to detect the anomaly instances is needed. In this paper, we propose a methodology of LAPID (Local Anomaly Process Instance Detection) for discriminating an anomalous process instance from the log data. We specified a distance metric from the activity relation matrix of each instance, and use it to detect API (Anomaly Process Instance). For verifying the suggested methodology, we discovered characteristics of exceptional situations from log data. To demonstrate our proposed methodology, we performed our experiment on real data from a domestic port terminal.

Keywords

Anomaly;Process Mining;Process Instance;Local Anomaly;Container Terminal

References

  1. Agarwal, B. and Mittal, N., "Hybrid Approach for Detection of Anomaly Network Traffic using Data Mining Techniques," Procedia Technology, Vol. 6, pp. 996-1003, 2012. https://doi.org/10.1016/j.protcy.2012.10.121
  2. Aggarwal, C. C., "Outlier analysis: Springer Science & Business Media," 2013.
  3. Agrawal, R. and Srikant, R., "Mining sequential patterns," in Data Engineering, 1995. Proceedings of the Eleventh International Conference on, pp. 3-14, 1995.
  4. Bezerra, F. and Wainer, J., "Algorithms for anomaly detection of traces in logs of process aware information systems," Information Systems, Vol. 38, No. 1, pp. 33-44, 2013. https://doi.org/10.1016/j.is.2012.04.004
  5. Bhaduri, K., Matthews, B. L., and Giannella, C. R., "Algorithms for speeding up distance-based outlier detection," in Proceedings of the 17th ACM SIGKDD international conference on Knowledge Discovery and Data Mining, pp. 859-867, 2011.
  6. Breunig, M. M., Kriegel, H.-P., Ng, R. T., and Sander, J., "LOF: identifying density- based local outliers," in ACM Sigmod Record, pp. 93-104, 2000.
  7. Chandola, V., Banerjee, A., and Kumar, V., "Anomaly detection: A survey," ACM Computing Surveys(CSUR), Vol. 41, No. 3, p. 15, 2009.
  8. Chen, S., Wang, W., and van Zuylen, H., "A comparison of outlier detection algorithms for ITS data," Expert Systems with Applications, Vol. 37, No. 2, pp. 1169-1178, 2010. https://doi.org/10.1016/j.eswa.2009.06.008
  9. Deza, M. M. and Deza, E., "Encyclopedia of distances: Springer," 2009.
  10. Du, W., Fang, L., and Peng, N., "LAD: Localization anomaly detection for wireless sensor networks," Journal of Parallel and Distributed Computing, Vol. 66, No. 7, pp. 874-886, 2006. https://doi.org/10.1016/j.jpdc.2005.12.011
  11. Han, B., Jiang, L., and Cai, H., "Abnormal Process Instances Identification Method in Healthcare Environment," in Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on, pp. 1387-1392, 2011.
  12. Han, J., Kamber, M., and Pei, J., "Data mining: concepts and techniques: Morgan Kaufmann," 2012.
  13. Jeon, D., Bae, H., and Pulshashi, I. R., "Detection of Anomaly Process Instances using the arc matrix," BSC lab, Pusan National Univ., 2015.
  14. Kang, B. Y., Kim, D. S., and Kang, S. H., "Extended KNN Imputation Based LOF Prediction Algorithm for Real-time Business Process Monitoring Method," The Jounal of Society for e-Business Studies, Vol. 15, No. 4, pp. 303-317, 2010.
  15. Kim, H. K. and Shin, K. S., "Analysis and Improvement of Stocking and Releasing Processes in Logistics Warehouse Using Process Mining Approach," Journal of the Korean Operations Research and Management Science Society, Vol. 39, No. 4, pp. 1-17, 2014.
  16. Kim, K. H., Oh, K. H., Lee, Y. K., and Jung, J. Y., "Discovery of Travel Patterns in Seoul Metropolitan Subway Using Big Data of Smart Card Transaction Systems," The Journal of Society for e-Business Studies, Vol. 18, No. 3, pp. 211-222, 2013. https://doi.org/10.7838/jsebs.2013.18.3.211
  17. Kim, S., Cho, N. W., Kang, S. H., "Density-based Outlier Detection for Very Large Data," Journal of the Korean Operations Research and Management Science Society, Vol. 35, No. 2, pp. 71-88, 2010.
  18. Kovach, S. and Ruggiero, W. V., "Online banking fraud detection based on local and global behavior," in ICDS 2011, The Fifth International Conference on Digital Society, pp. 166-171, 2011.
  19. Lee, J. S., Kang, B. Y., and Kang, S. H., "The Use of Local Outlier Factor(LOF) for Improving Performance of Independent Component Analysis(ICA) based Statistical Process Control(SPC)," Journal of the Korean Operations Research and Management Science Society, Vol. 36, No. 1, pp. 39-55, 2011.
  20. Levenshtein, V. I., "Binary codes capable of correcting deletions, insertions and reversals," in Soviet physics doklady, p. 707, 1966.
  21. Lin, S. and Brown, D. E., "An outlier-based data association method for linking criminal incidents," Decision Support Systems, Vol. 41, No. 3, pp. 604-615, 2006. https://doi.org/10.1016/j.dss.2004.06.005
  22. Ngai, E. W. T., Hu, Y., Wong, Y. H., Chen, Y., and Sun, X., "The application of data mining techniques in financial fraud detection: A classification framework and an academic review of literature," Decision Support Systems, Vol. 50, No. 3, pp. 559-569, 2011. https://doi.org/10.1016/j.dss.2010.08.006
  23. Pei, J., Han, J., Mortazavi-Asl, B., Pinto, H., Chen, Q., and Dayal, U. et al., "Prefixspan: Mining sequential patterns efficiently by prefix-projected pattern growth," in International Conference on Knowledge Discovery in Databases and Data Mining, pp. 215-224, 2001.
  24. Potter, C., TAN, P. N., Steinbach, M., Klooster, S., Kumar, V., and Myneni, R. et al., "Major disturbance events in terrestrial ecosystems detected using global satellite data sets," Global Change Biology, Vol. 9, No. 7, pp. 1005-1021, 2003. https://doi.org/10.1046/j.1365-2486.2003.00648.x
  25. Purarjomandlangrudi, A., Ghapanchi, A. H., and Esmalifalak, M., "A data mining approach for fault diagnosis: An application of anomaly detection algorithm," Measurement, Vol. 55, pp. 343-352, 2014. https://doi.org/10.1016/j.measurement.2014.05.029
  26. Shyur, H.-J., Jou, C., and Chang, K., "A data mining approach to discovering reliable sequential patterns," Journal of Systems and Software, Vol. 86, No. 8, pp. 2196-2203, 2013. https://doi.org/10.1016/j.jss.2013.03.105
  27. Van der Aalst, W. M. P. and de Medeiros, A. K. A., "Process Mining and Security: Detecting Anomalous Process Executions and Checking Process Conformance," Electronic Notes in Theoretical Computer Science, Vol. 121, pp. 3-21, 2005. https://doi.org/10.1016/j.entcs.2004.10.013
  28. Van der Aalst, W. M., Discovery, "Conformance and Enhancement of Business Processes: Springer," 2011.
  29. Van Der Aalst, W., Adriansyah, A., de Medeiros, A. K. A., Arcieri, F., Baier, T., Blickle, T. et al., "Process mining manifesto," in Business process management workshops, pp. 169-194, 2012.
  30. Xiong, W., Hu, H., Xiong, N., Yang, L. T., Peng, W.-C., Wang, X. et al., "Anomaly secure detection methods by analyzing dynamic characteristics of the network traffic in cloud communications," Information Sciences, Vol. 258, pp. 403-415, 2014. https://doi.org/10.1016/j.ins.2013.04.009

Acknowledgement

Supported by : MOTIE / KEIT (Ministry of Trade, Industry and Energy / Korea Evaluation Institute Of Industrial Technology)