Development and comparative analysis of computer system state identification methods based on ensemble algorithms

Abstract

The scientific novelty of the results obtained consists in creating ensemble methods for classifying the state of a computer system without a teacher and with a teacher. The method based on the "Isolation Forest" algorithm can be used as an express method for analyzing a computer system state. This will allow not only to identify the state of a computer system state, but also to highlight the name of the abnormal processes. This method can also be used to generate labeled data and use it as the source data of the ensemble algorithm with a teacher. The algorithm with a teacher built according to the C4.5 algorithm is more accurate and can be used to refine the result of identifying a computer system state using the method based on the "Isolation Forest" algorithm.