[1] |
PARVEEN P , THURAISINGHAM B . Unsupervised incremental sequence learning for insider threat detection[C]//2012 IEEE Interna-tional Conference on Intelligence and Security Informatics (ISI). 2012:141-143.
|
[2] |
AALST W M P , MEDEIROS A K A . Process mining and security:detecting anomalous process executions and checking process con-formance[J]. Electronic Notes in Theoretical Computer Science, 2005,121:3-21.
|
[3] |
AALST W , WEIJTERS T , MARUSTER L . Workflow mining:Dis-covering process models from event logs[J]. IEEE Transactions on Knowledge and Data Engineering, 2004,16(9):1128-1142.
|
[4] |
WEN L , WANG J , SUN J . Detecting implicit dependencies between tasks from event logs[J]. Frontiers of WWW Research and Develop-ment-APWeb 2006, 2006:591-603.
|
[5] |
WEIJTERS A , RIBEIRO J T S . Flexible heuristics miner (FHM)[C]//2011 IEEE Symposium on Computational Intelligence and Data Min-ing (CIDM). 2011:310-317.
|
[6] |
WEIJTERS A J M M , VAN der AALST W M P . Rediscovering work-flow models from event-based data using little thumb[J]. Integrated Computer-Aided Engineering, 2013,10(2):151-162.
|
[7] |
DONGEN B F , AALST W M P . Multi-phase process mining:Aggre-gating instance graphs into EPCs and Petri nets[C]//PNCWB 2005 Workshop. 2015:35-58.
|
[8] |
VAN DONGEN B F , VAN der AALST W M P . Multi-phase process mining:Building instance graphs[C]//Conceptual Modeling-ER 2004. 2004:362-376.
|
[9] |
DE MEDEIROS A K A , WEIJTERS A . Genetic process mining[C]//26th International Conference on Applications and Theory of Petri Nets. 2005.
|
[10] |
AALST W M P , DONGEN B F , GüNTHER C W , et al. ProM:the process mining toolkit[J]. BPM (Demos), 2009,489:31.
|
[11] |
ANDERSON R H , BOZEK T , LONGSTAFF T , et al. Research on mitigating the insider threat to information systems-# 2[R]. Rand Na-tional Defense Research Inst Santa Monica CA, 2000.
|
[12] |
SPITZNER L . Honeypots:catching the insider threat[C]//19th Com-puter Security Applications Conference. 2003:170-179.
|
[13] |
HU N , BRADFORD P G , LIU J . Applying role based access control and genetic algorithms to insider threat detection[C]//The 44th Annual Southeast Regional Conference. 2006:790-791.
|
[14] |
BISHOP M , ENGLE S , PEISERT S , et al. We have met the enemy and he is us[C]//The 2008 Workshop on New Security Paradigms. 2009:1-12.
|
[15] |
GREITZER F L , FRINCKE D A . Combining traditional cyber security audit data with psychosocial data:towards predictive modeling for in-sider threat mitigation[C]//Insider Threats in Cyber Security. 2010:85-113.
|
[16] |
BRDICZKA O , LIU J , PRICE B , et al. roactive insider threat detec-tion through graph learning and psychological context[C]//2012 IEEE Symposium on Security and Privacy Workshops (SPW). 2012:142-149.
|
[17] |
PARVEEN P , EVANS J , THURAISINGHAM B , et al. Insider threat detection using stream mining and graph mining[C]//2011 IEEE Third International Conference on Privacy,Security,Risk and Trust (PAS-SAT) and 2011 IEEE Third Inernational Conference on Social Com-puting (SocialCom). 2011:1102-1110.
|
[18] |
BURATTIN A , SPERDUTI A . PLG:a framework for the generation of business process models and their execution logs[C]//Business Process Management Workshops. 2011:214-219.
|