Compliance monitoring for anomaly detection
First Claim
1. A method of supporting a compliance agent in compliance monitoring for anomaly detection (CMAD), the method including the steps of:
- receiving information relating to a suspected non-compliant event (SNCE) generated by a primary monitoring system;
selecting first heuristic cues corresponding to a set of premises from a knowledge base, said set of premises being grouped together as of possible relevance to the SNCE;
obtaining a response from the agent to each of the first heuristic cues in a Boolean response form;
selecting second heuristic cues from said knowledge base based on said Boolean responses;
obtaining responses from the agent to each of the second heuristic cues in a linguistic variable form;
combining said linguistic variables with respective relevance measures for each of said second heuristic cues to produce respective weighted intermediate propositions, said intermediate propositions providing supporting evidence; and
combining said weighted intermediate propositions to produce final propositions repudiating or confirming the SNCE, which together with said supporting evidence enables the agent to make a decision regarding the SNCE more efficiently.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for supporting a compliance agent in compliance monitoring for anomaly detection (CMAD) involves a primary monitoring system comparing some predetermined conditions of acceptance with the actual data or event. If any variance is detected (an anomaly) by the primary monitoring system, an exception report or alert is produced, identifying the variance. In a simple environment, this identification of the variance fulfils the evidence conditions and determines an instance of non-compliance. However, in a more complex environment, it may only be an indicator of a suspect non-compliant event (SNCE). In the latter case, the compliance agent uses the results of the initial monitoring as well as important information related to the event and requiring judgmental expertise to obtain further evidence of non-compliance. Compliance gents develop propositions or believes, based on their assumption. For each proposition node in the system, the assumption based truth maintenance system maintains a list of minimum sets of assumptions (Boolean cues), which are relevant to the SNCE type. At the macro level, the construct uses the trivalent belief-disbelief-unknown. However, this is refined by applying a measure of importance to individual pieces or empirical evidence.
87 Citations
18 Claims
-
1. A method of supporting a compliance agent in compliance monitoring for anomaly detection (CMAD), the method including the steps of:
-
receiving information relating to a suspected non-compliant event (SNCE) generated by a primary monitoring system; selecting first heuristic cues corresponding to a set of premises from a knowledge base, said set of premises being grouped together as of possible relevance to the SNCE; obtaining a response from the agent to each of the first heuristic cues in a Boolean response form; selecting second heuristic cues from said knowledge base based on said Boolean responses; obtaining responses from the agent to each of the second heuristic cues in a linguistic variable form; combining said linguistic variables with respective relevance measures for each of said second heuristic cues to produce respective weighted intermediate propositions, said intermediate propositions providing supporting evidence; and combining said weighted intermediate propositions to produce final propositions repudiating or confirming the SNCE, which together with said supporting evidence enables the agent to make a decision regarding the SNCE more efficiently. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system for supporting a compliance agent in compliance monitoring for anomaly detection, the system comprising:
-
a relational database for receiving and storing information relating to a suspected non-compliant event (SNCE) generated by a primary monitoring system; a knowledge and search processing system accessible to the compliance agent for receiving and storing information relating to a suspected non-compliant event (SNCE) generated by a primary monitoring system, and for selecting first heuristic cues corresponding to a set of premises from a knowledge base, said set of premises being grouped together as of possible relevance to the SNCE; and a graphic user interface (GUI) for human agents, or appropriate communication protocol for machine based agents, to enable the agent to respond to each of the first heuristic cues using Boolean responses;
whereinsaid knowledge and search processing system is also adapted to select second heuristic cues from said knowledge base based on said Boolean responses, and said GUI for human agents, or appropriate communication protocol for machine based agents, is adapted to enable the agent to respond to each of the second heuristic cues using linguistic variables, wherein said knowledge and search processing system is adapted to combine said fuzzy linguistic variables with respective relevance measures for each of said second heuristic cues to produce respective weighted intermediate propositions, said intermediate propositions providing supporting evidence, and to combine said weighted intermediate propositions to produce final propositions repudiating or confirming the SNCE, which together with said supporting evidence enables the agent to make a decision regarding the SNCE more efficiently. - View Dependent Claims (16, 17, 18)
-
Specification