THE ENSEMBLE METHOD DEVELOPMENT OF CLASSIFICATION OF THE COMPUTER SYSTEM STATE BASED ON DECISIONS TREES

Abstract

The subject of this article is exploration of methods for identifying the status of a computer system. The purpose of the article is development of a method for classifying a computer system anomalous state based on ensemble methods. Task: To investigate the usage of algorithms for building decision trees: REPTree, Random Tree, J48, HoeffdingTree, DecisionStump and bagging and boosting decision tree ensembles to identify a computer system anomalous state by analyzing operating system events. The methods used are artificial intelligence, machine learning and ensemble classification methods. The following results were obtained: the methods of identifying the computer systems anomalous state based on ensemble methods were investigated, namely, bagging, boosting, and classifiers: REPTree, Random Tree, J48, HoeffdingTree, DecisionStump to identify a computer system anomalous state. The different classifiers set and classifiers ensembles were developed. Training and cross-validation on each algorithm was performed. The developed classifiers performance has been evaluated. The research suggests an ensemble method of a computer system state classifying based on the J48 decision tree algorithm. Conclusions. The scientific novelty of the obtained results consists in creating an ensemble method for classifying the state of a computer system based on a decision tree, which makes it possible to increase the reliability and speed of classification.