International Journal of Communication Networks and Information Security
Now-a-days, many organizations use Process Aware Information Systems (PAISs) to automate their business process. As any other information systems, security plays a major role in PAIS to provide a secure state and maintain the system in it. In order to provide security in a PAIS, a Process Aware Host-based Intrusion Detection (PAHID) model is proposed in this paper. The model detects host-based intrusions in a PAIS using process mining techniques. The proposed model uses both anomaly detection and misuse detection techniques for more efficiency, and organizational perspective of process mining is considered (rather than control-flow perspective) to detect more attack types.