A COMPUTER SYSTEM STATE IDENTIFICATION BASED ON THE ENSEMBLE CLASSIFICATION METHOD
DOI:
https://doi.org/10.26906/SUNZ.2020.3.075Keywords:
computer system, operating system events, machine learning, MS Windows abnormal state, decision trees, ensemble classification methods, boosting, beggingAbstract
The subject of f this article is the study of methods of identifying a computer system state. The purpose of the article is development of a method for identifying computer system abnormal state based on ensemble methods. Objective: investigate and distinguish events in Windows operating systems, develop software for collecting events; investigate the use of ensemble classifiers based on begging, busting and decision trees for identifying the state of a computer system. The methods used are: machine learning methods and ensemble classification methods. The following results were obtained: The following events classes in Windows operating systems were selected as source data: process communication events, file system interaction events, internet connection events, and registry interaction events. Identification methods of abnormal computer system state were studied based on ensemble methods such as begging, boosting, and J48 decision tree for identifying the state of a computer system. The effectiveness of developed ensemble classifiers was evaluated. Based on the research results, the begging ensemble classification method and the J48 decision tree is proposed for identifying the computer system state. Conclusions. The scientific novelty of the obtained results consists in selecting the computer system functioning processes and creating an ensemble method for identifying the computer system state based on begging and the J48 decision tree, which makes it possible to increase the identification accuracy.Downloads
References
Алпайдин Э. Машинное обучение: новый искусственный интеллект /Э. Алпайдин – М.: Изд.гр. Точка, 2017. – 208 с.
Вьюгин В.В. Математические основы машинного обучения и прогнозирования. / В.В. Вьюгин // – Москва: МЦНМО, 2013. – 304 с.
Флах П. Машинное обучение. Наука и искусство построения алгоритмов, которые извлекают знания из данных /П. Флах.//–Москва: ДМКПресс, 2015. – 400 с.
Марманис Х. Алгоритмы интеллектуального интернета. Передовые методики сбора, анализа и обработки данных. / Х.Марманис, Д.Бабенко .– Сб-П, М: Символ, 2011 . – 468 с.
Саттон Ричард С., Барто Эндрю Г. Обучение с подкреплением = Reinforcement Learning. – 2-е издание. – М.: ДМК пресс, 2020. – 552 с.
Кафтанников И. Л., Парасич А. В. Особенности применения деревьев решений в задачах классификации // Вестн. ЮУрГУ. Сер. «Компьютерные технологии, управление, радиоэлектроника». 2015, Т. 15. No 3. с. 26–32.
Cha Zhang. Ensemble Machine Learning. Methods and Applications / Cha Zhang, Yunqian Ma .— New York Dordrecht Heidelberg London: Springer, 2012 .– 329 p.
Тархов Д. А. Нейросетевые модели и алгоритмы / Д. А. Тархов.– Москва: Радиотехника, 2014. – 352 с.
Vipin Kumar. The Top Ten Algorithms in DataMining– Taylor & Francis Group, LLC, 2009 .– 2006 p.
Joseph Rocca, Baptiste Rocca. “Ensemble methods: bagging, boosting and stacking”. [Електронний ресурс]. – Режим доступу: https://towardsdatascience.com/ensemble-methods-bagging-boosting-and-stacking-c9214a10a205.
Kristína Machová, Miroslav Puszta, František Barčák, and Peter Bednár, , “ A Comparison of the Bagging and the Boosting Methods Using the Decision Trees Classifiers”, Computer Science and Information Systems, 3(2), 2006, рр.57-72, DOI: 10.2298/CSIS0602057M.
Гавриленко С.Ю. Розробка методу оцінки стану комп’ютера на базі аналізу системних подій / С.Ю. Гавриленко, І.В. Шевердін //Науковий вісник Івано-Франківського національного технічного університету нафти і газу – Івано-Франківськ, 2018, No1(40), сс.108-114
“WEKA. The workbench for machine learning”. [Електронний ресурс]. – Режим доступу: https://www.cs.waikato.ac.nz/ml/weka/.
