DEVELOPMENT OF METHOD TO IDENTIFY THE COMPUTER SYSTEM STATE BASED ON THE «ISOLATION FOREST» ALGORITHM
Context. The problem of identification a computer system state was investigated. The object of the research is the identification process of the computer system state. The subject of the research is computer system state identifying means and methods. Objective. The purpose of the work is to develop...
Saved in:
| Published in | Radìoelektronika, informatika, upravlìnnâ Vol. 1; no. 1; pp. 105 - 116 |
|---|---|
| Main Authors | , |
| Format | Journal Article |
| Language | English Ukrainian |
| Published |
27.03.2021
|
| Online Access | Get full text |
| ISSN | 1607-3274 2313-688X |
| DOI | 10.15588/1607-3274-2021-1-11 |
Cover
Loading…
| Abstract | Context. The problem of identification a computer system state was investigated. The object of the research is the identification process of the computer system state. The subject of the research is computer system state identifying means and methods.
Objective. The purpose of the work is to develop a method for identifying the computer system state.
Method. The method has been developed for identifying a computer system state based on integrated use the procedure for grouping unlabeled initial data and using machine learning technology based on the «Isolation Forest» algorithm, which provides to identify a computer system state and to distinguished the process name that initiated the abnormal state. Therefore, for collecting statistical data in the form of operating system functioning events, data method has been proposed and developed along with software. The analysis of functioning events has been performed. The result of analysis showed that the most informative are read and write operations. To set up a single dataset, read and write operations compared with the process name and combined into one array of event groups, so that it is possible to single out the process that causes the abnormal state of the computer system. As a result of the research, the «Isolation Forest» algorithm has been selected as a component of the method for identifying the computer system state. An accuracy and efficiency assessment of the developed method of identifying a computer system state has been carried out.
Results. The developed method is implemented and investigated when solving the problem of identifying anomalies in the functioning of computer systems.
Conclusions. The experiments carried out confirmed the efficiency of the proposed method. It allows us recommended the method for practical use in order to improve efficiency of identifying the computer system state and use it as an express method. Areas for further research may lie in the creation of the ensemble of fuzzy trees based on the proposed method and optimization of this software implementation. |
|---|---|
| AbstractList | Context. The problem of identification a computer system state was investigated. The object of the research is the identification process of the computer system state. The subject of the research is computer system state identifying means and methods.
Objective. The purpose of the work is to develop a method for identifying the computer system state.
Method. The method has been developed for identifying a computer system state based on integrated use the procedure for grouping unlabeled initial data and using machine learning technology based on the «Isolation Forest» algorithm, which provides to identify a computer system state and to distinguished the process name that initiated the abnormal state. Therefore, for collecting statistical data in the form of operating system functioning events, data method has been proposed and developed along with software. The analysis of functioning events has been performed. The result of analysis showed that the most informative are read and write operations. To set up a single dataset, read and write operations compared with the process name and combined into one array of event groups, so that it is possible to single out the process that causes the abnormal state of the computer system. As a result of the research, the «Isolation Forest» algorithm has been selected as a component of the method for identifying the computer system state. An accuracy and efficiency assessment of the developed method of identifying a computer system state has been carried out.
Results. The developed method is implemented and investigated when solving the problem of identifying anomalies in the functioning of computer systems.
Conclusions. The experiments carried out confirmed the efficiency of the proposed method. It allows us recommended the method for practical use in order to improve efficiency of identifying the computer system state and use it as an express method. Areas for further research may lie in the creation of the ensemble of fuzzy trees based on the proposed method and optimization of this software implementation. |
| Author | Gavrylenko, S. Y. Sheverdin, I. V. |
| Author_xml | – sequence: 1 givenname: S. Y. surname: Gavrylenko fullname: Gavrylenko, S. Y. – sequence: 2 givenname: I. V. surname: Sheverdin fullname: Sheverdin, I. V. |
| BookMark | eNo9kEFOwzAQRS1UJErpDVj4AgaP49jOMjROEympq8ZFdGUlaYJA0KKkG87EEdj1ZKQFob8Y_dHTX7xrNNrtdw1Ct0DvwPeVugdBJfGY5IRRBmQIXKAx88AjQqmnERr_E1do2vevlFLwlQAux-g50o86M8tcLyw2Mc61TUyErcFpNLzSeINtovHM5Mu11StcbAqrc1zY0Gr8EBY6wmZxRo5faWGy0KZDj81KF_b4jcNsblapTfIbdNmWb30z_bsTtI61nSUkM_N0FmakBikOhFVbUBQCEYhSUiFqD1hdUVYHPt-2SpRQVdCWvl_LduAoCxrZ8Kbccs5Fy7k3Qfx3t-72fd81rfvoXt7L7tMBdWdf7mTDnWy4ky83BLwfYXlYEg |
| ContentType | Journal Article |
| DBID | AAYXX CITATION |
| DOI | 10.15588/1607-3274-2021-1-11 |
| DatabaseName | CrossRef |
| DatabaseTitle | CrossRef |
| DatabaseTitleList | CrossRef |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Engineering |
| EISSN | 2313-688X |
| EndPage | 116 |
| ExternalDocumentID | 10_15588_1607_3274_2021_1_11 |
| GroupedDBID | 9MQ AAYXX ADBBV ALMA_UNASSIGNED_HOLDINGS BCNDV CITATION GROUPED_DOAJ |
| ID | FETCH-LOGICAL-c176t-2bd18019696a7066c312cb02c954df86a1bb1fa55c7f801029e7e4ead4446f443 |
| ISSN | 1607-3274 |
| IngestDate | Tue Jul 01 03:16:44 EDT 2025 |
| IsDoiOpenAccess | false |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 1 |
| Language | English Ukrainian |
| License | https://creativecommons.org/licenses/by-sa/4.0 |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-c176t-2bd18019696a7066c312cb02c954df86a1bb1fa55c7f801029e7e4ead4446f443 |
| OpenAccessLink | http://ric.zntu.edu.ua/article/download/227775/226967 |
| PageCount | 12 |
| ParticipantIDs | crossref_primary_10_15588_1607_3274_2021_1_11 |
| ProviderPackageCode | CITATION AAYXX |
| PublicationCentury | 2000 |
| PublicationDate | 2021-03-27 |
| PublicationDateYYYYMMDD | 2021-03-27 |
| PublicationDate_xml | – month: 03 year: 2021 text: 2021-03-27 day: 27 |
| PublicationDecade | 2020 |
| PublicationTitle | Radìoelektronika, informatika, upravlìnnâ |
| PublicationYear | 2021 |
| SSID | ssj0001586147 ssib018208917 ssib015895113 ssib044757822 |
| Score | 2.1471593 |
| Snippet | Context. The problem of identification a computer system state was investigated. The object of the research is the identification process of the computer... |
| SourceID | crossref |
| SourceType | Index Database |
| StartPage | 105 |
| Title | DEVELOPMENT OF METHOD TO IDENTIFY THE COMPUTER SYSTEM STATE BASED ON THE «ISOLATION FOREST» ALGORITHM |
| Volume | 1 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1Lj5swELai7aU9VH2qb_nQPSEoBgPOMQ-yodqEqpBqc0IYTCulyq4islL7a3rvT-htf1nHNhDUXVXdCokklmWszKd5mJlvEHprs0IM7YqahBNhUrf0TQ6RkFnlduC4Jdh4VSS2WPrzFX1_5p0NBj96WUv7mlvF9xvrSv5HqjAGcpVVsreQbLcoDMB3kC_cQcJw_ycZ9zpoyuydRZjO46mRxkY0haFotlYJPZN48WGVygOldZKGC3ACR2kIAXoSTo14qaYcT5zj0ThK4lPdhQdCwzBJ5eh4bIxOT-KPUdoQXrdk3gAN-Y59cg52a6Ma6WyUH9owsdbNz_3FLr_8qqeCqyw_u3zmk_xy9w2s3kYd1yaWsba6A58vAqRRaoKDyDI-Wf3jCUflZ-lq_0aj-vIg1NGteCyhxsCndE2fqZ7CBzV8DW1apRLb61lnoiszryl-z2OymqF7mqn2Ahc5GLr25f4f9q_LSpTxkFwnk6tkcpVMrpLBBfH1HQcCEacXtIPGIh4DD_XgEEk2fNYLgCWbYtASJOq6dQb-kOr40-60qeeUD353w_Z7_lLP8UkfoPtNxIJHGn4P0UBsH6F7PR7Lx-hzD4g4nmENRJzGuAUiBpThFohYAxErIGIFRBwv1ZSrnx0IsQbh1S_cAfAJWs3CdDI3mw4eZkECvzYdXhKmGZjyAJzbwiVOwW2nGHq0rJifE85JlXteEVRMshsORSAoKDdKqV9R6j5FR9vzrXiGMKOkIqRwKs_mNKeEu5zkgvh5GQgmCv85Mtv_KbvQRC3Z3wT64pbzX6K7B3i_Qkf1bi9egz9a8zcKEr8Bl5xqeQ |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=DEVELOPMENT+OF+METHOD+TO+IDENTIFY+THE+COMPUTER+SYSTEM+STATE+BASED+ON+THE+%C2%ABISOLATION+FOREST%C2%BB+ALGORITHM&rft.jtitle=Rad%C3%ACoelektronika%2C+informatika%2C+upravl%C3%ACnn%C3%A2&rft.au=Gavrylenko%2C+S.+Y.&rft.au=Sheverdin%2C+I.+V.&rft.date=2021-03-27&rft.issn=1607-3274&rft.eissn=2313-688X&rft.volume=1&rft.issue=1&rft.spage=105&rft.epage=116&rft_id=info:doi/10.15588%2F1607-3274-2021-1-11&rft.externalDBID=n%2Fa&rft.externalDocID=10_15588_1607_3274_2021_1_11 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1607-3274&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1607-3274&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1607-3274&client=summon |