Development of an intelligent subsystem for operating system incidents forecasting

Development of an intelligent subsystem for operating system incidents forecasting

The object of research is a subsystem for prediction server platform’s incidents, which operates on the basis of the Windows OS family. One of the most problematic places when planning measures to prevent the harmful effects of network attacks such as dDOS, hardware failures etc for the server syste...

Full description

Bibliographic Details
Main Authors: Valeriy Lakhno, Andriy Sagun, Vladyslav Khaidurov, Elena Panasko
Format: Article
Language:English
Published: PC Technology Center 2020-03-01
Series:Technology Audit and Production Reserves
Subjects:
time series
forecasting subsystem
machine learning
polynomial model
method of group accounting of arguments.
Online Access:http://journals.uran.ua/tarp/article/view/202498
id doaj-73acac6266a641f5a50b9e4771df0bf1
record_format Article
spelling doaj-73acac6266a641f5a50b9e4771df0bf12020-11-25T03:04:29ZengPC Technology CenterTechnology Audit and Production Reserves2664-99692706-54482020-03-0122(52)353910.15587/2706-5448.2020.202498202498Development of an intelligent subsystem for operating system incidents forecastingValeriy Lakhno0Andriy Sagun1Vladyslav Khaidurov2Elena Panasko3National University of Life and Environmental Sciences of Ukraine, 15, Heroiv oborony str., Kyiv, Ukraine, 03041Cherkasy State Technological University, 460, Shevchenko blvd., Cherkasy, Ukraine, 18006Institute of Engineering Thermophysics of the National Academy of Sciences of Ukraine, 2a, Marii Kapnist str., Kyiv, Ukraine, 03057Cherkasy State Technological University, 460, Shevchenko blvd., Cherkasy, Ukraine, 18006The object of research is a subsystem for prediction server platform’s incidents, which operates on the basis of the Windows OS family. One of the most problematic places when planning measures to prevent the harmful effects of network attacks such as dDOS, hardware failures etc for the server system is to obtain an effective model for predicting incidents of the operating system. In the course of the research, methods of formation and research of the time series, exponential smoothing, elements of the theory of machine learning based on the method of group accounting (GMDH) are used. To obtain accurate and reliable forecasts of the operation of the intellectual subsystem for forecasting incidents, elements of the theory of heuristic self-organization and a specific implementation of this theory, the GMDH, are used. An algorithm is obtained and a software implementation of an intelligent system for predicting incidents of operating system operation and the main characteristics of its operation is developed. This became possible as a result of the analysis of the constructed model of the intruder, the system log of security incidents and the use of the GMDH. A mechanism is proposed for generating a sample of OS incident events based on the Windows system event log. The testing of the proposed forecasting system based on test samples allows to state that the forecasting results obtained with various settings of the machine learning system and parameters (degree of the reference polynomial, number of variables in the characteristic polynomial model, number of selection series) are satisfactory. As a result of applying the created algorithm for forecasting incidents of OS operation, it is shown that the use of a large number of polynomial models in GMDH allows one to obtain a forecasting system that is qualitatively superior to systems based on classical regression models and methods. Due to this, a much more accurate forecast can be obtained than the classical regression methods or the method of exponential smoothing, compared with similar methods. The percentage of false calculations using GMDH is less than 4 %.http://journals.uran.ua/tarp/article/view/202498time seriesforecasting subsystemmachine learningpolynomial modelmethod of group accounting of arguments.
collection DOAJ
language English
format Article
sources DOAJ
author Valeriy Lakhno
Andriy Sagun
Vladyslav Khaidurov
Elena Panasko
spellingShingle Valeriy Lakhno
Andriy Sagun
Vladyslav Khaidurov
Elena Panasko
Development of an intelligent subsystem for operating system incidents forecasting
Technology Audit and Production Reserves
time series
forecasting subsystem
machine learning
polynomial model
method of group accounting of arguments.
author_facet Valeriy Lakhno
Andriy Sagun
Vladyslav Khaidurov
Elena Panasko
author_sort Valeriy Lakhno
title Development of an intelligent subsystem for operating system incidents forecasting
title_short Development of an intelligent subsystem for operating system incidents forecasting
title_full Development of an intelligent subsystem for operating system incidents forecasting
title_fullStr Development of an intelligent subsystem for operating system incidents forecasting
title_full_unstemmed Development of an intelligent subsystem for operating system incidents forecasting
title_sort development of an intelligent subsystem for operating system incidents forecasting
publisher PC Technology Center
series Technology Audit and Production Reserves
issn 2664-9969
2706-5448
publishDate 2020-03-01
description The object of research is a subsystem for prediction server platform’s incidents, which operates on the basis of the Windows OS family. One of the most problematic places when planning measures to prevent the harmful effects of network attacks such as dDOS, hardware failures etc for the server system is to obtain an effective model for predicting incidents of the operating system. In the course of the research, methods of formation and research of the time series, exponential smoothing, elements of the theory of machine learning based on the method of group accounting (GMDH) are used. To obtain accurate and reliable forecasts of the operation of the intellectual subsystem for forecasting incidents, elements of the theory of heuristic self-organization and a specific implementation of this theory, the GMDH, are used. An algorithm is obtained and a software implementation of an intelligent system for predicting incidents of operating system operation and the main characteristics of its operation is developed. This became possible as a result of the analysis of the constructed model of the intruder, the system log of security incidents and the use of the GMDH. A mechanism is proposed for generating a sample of OS incident events based on the Windows system event log. The testing of the proposed forecasting system based on test samples allows to state that the forecasting results obtained with various settings of the machine learning system and parameters (degree of the reference polynomial, number of variables in the characteristic polynomial model, number of selection series) are satisfactory. As a result of applying the created algorithm for forecasting incidents of OS operation, it is shown that the use of a large number of polynomial models in GMDH allows one to obtain a forecasting system that is qualitatively superior to systems based on classical regression models and methods. Due to this, a much more accurate forecast can be obtained than the classical regression methods or the method of exponential smoothing, compared with similar methods. The percentage of false calculations using GMDH is less than 4 %.
topic time series
forecasting subsystem
machine learning
polynomial model
method of group accounting of arguments.
url http://journals.uran.ua/tarp/article/view/202498
work_keys_str_mv AT valeriylakhno developmentofanintelligentsubsystemforoperatingsystemincidentsforecasting
AT andriysagun developmentofanintelligentsubsystemforoperatingsystemincidentsforecasting
AT vladyslavkhaidurov developmentofanintelligentsubsystemforoperatingsystemincidentsforecasting
AT elenapanasko developmentofanintelligentsubsystemforoperatingsystemincidentsforecasting
_version_ 1724681559758340096

Similar Items