Abstract
The problem of anomaly detection when several information technologies (processes) are functioning simultaneously is considered. It is assumed that the normal or typical functioning of the process can be described by some formal model. In this paper a directed acyclic graph (DAG) is considered as such formal model. It is considered that all necessary information about the processes possible executions can be received from an event log, which is considered given. In this paper the event log traces containing the data from one and several processes were examined. The complexity estimates for solving anomaly detection problem with the use of the constructed earlier formal models are determined. It has been shown that the solution of the anomaly detection problem has linear complexity with respect to the length of the trace, for which it is required to give an answer whether such trace contains an anomaly. Also, it has been proven that the solution of the anomaly detection problem has quadratic complexity with respect to the maximum possible number of actions and dependencies in one simulated process. Moreover, it has been demonstrated how the system of different representatives may help to effectively identify the trajectories of many different processes.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
