GRADIENT BOOSTING TREES METHOD IN THE TASK OF SOFTWARE IDENTIFICATION
Annotation
Subject of Research.The paper proposes an approach to the use of gradient boosted decision trees algorithm. For this purpose, CatBoost algorithm developed by Yandex is proposed. Its implementation is aimed at the problem solution of OS Linux software identification in order to reduce the number of system vulnerabilities, which occur due to the installation of unauthorized software by automated system users. We consider an approach to the program signatures formation and further training of CatBoostClassifier classifier model. The subsequent recognition task is set for the identified programs that were not previously involved in the model training process. Method. Free CatBoost software was used for implementation of the gradient boosted decision trees algorithm. CatBoostClassifier multi-classification model was created on its basis. The use of this model allows identifying test sample elf-files.Main Results. The training parameters of the classification model are selected. An experiment is carried out to identify elf-files with the use of ten different featuresof emerging signature programs. The results obtained in the new approach are compared with the results of the previously developed method of identification based on the application of the statistical criterion of Chi-square homogeneity at the significance level p = 0.01. Practical Relevance. The results of the study can be recommended to information security specialists for data media audit. The developed approach gives the possibility to identify violations of the established security policy in the processing of confidential information.
Keywords
Постоянный URL
Articles in current issue
- MODERN STABLE MATHEMATICAL AND SOFTWARE-BASED METHODS FOR DISTORTED SPECTRA RESTORATION
- COMPUTER SIMULATION OF GAMMA-RAY DETECTOR BASED ON SCINTILLATION CRYSTALS AND SILICON PHOTOMULTIPLIERS
- STUDY OF ACOUSTIC SIGNAL DURING LASER HYDROACOUSTIC PROCESSING OF BIOLOGICAL TISSUE BY MICROSECOND PULSES OF YTTERBIUM-ERBIUM GLASS LASER RADIATION
- SELECTION OF OPTICAL SYSTEM PARAMETERS AND METHODS FOR SOFTWARE DEVELOPMENT OF TECHNICAL VISION COMPLEX FOR THREE-DIMENSIONAL PRINTING
- VECTOR-MATRIX METHOD FOR RESTORATION OF POINT SPATIAL COORDINATES IN STEREO PHOTOGRAPHY GENERAL CASE
- DESIGN OF ATHERMALIZED INFRARED LENSES INVOLVING DIFFRACTIVE OPTICAL ELEMENTS
- IMPLEMENTATION OF FREQUENCY AND PHASE SYNCHRONIZATION OF FIBER-OPTIC HYDROACOUSTIC SENSORS ARRAY
- SINUSOIDAL SIGNAL PARAMETERS IDENTIFICATION WITH UNKNOWN VARIABLE AMPLITUDE
- DIELECTRIC PROPERTIES OF POLYURETHANE NANOCOMPOSITES MODIFIED BY FULLERENE С60 AND NANODIAMONDS
- APPLICATION OF SUBSTANCES WITH PHASE TRANSITIONS FOR THERMAL ENERGY ACCUMULATION
- APPLICATION METHOD OF FIRE-RETARDANT COMPOSITE MATERIAL
- ROBUST CODES CREATION BASED ON BENT-FUNCTIONS AND WAVELET TRANSFORMATION
- GRADIENT BOOSTING TREES METHOD IN THE TASK OF SOFTWARE IDENTIFICATION
- OPEN DATAFLOW-SYSTEMS WITH NETWORK STRUCTURE
- STRUCTURAL-FUNCTIONAL MODEL OF INTELLIGENT INFOCOMMUNICATION SYSTEM
- SIMULATION MODEL OF LOCAL COMPUTER NETWORK WITH CHANNEL AGGREGATION AND RANDOM ACCESS METHOD AT REDUNDANT TRANSFER
- ENTROPY ANALYSIS OF DATA COLLECTED FROM INERTIAL MEASUREMENT UNIT OF CYBER-PHYSICAL SYSTEM UNDER NON-DISTURBED CONDITIONS
- SCHEME WITH CUSTOMIZABLE DISSIPATIVE PROPERTIES AS APPLIED TO INTERACTION PROBLEM BETWEEN SHOCKWAVE AND HELIUM BUBBLE
APPROACHES TO ANALYSIS OF GENOTYPE AND PHENOTYPE RELATION WITH QTL METHODS
- SYNTHESIS METHOD FOR ALPHABETS OF ORTHOGONAL SIGNALING BROADBAND COMMUNICATIONS
REINFORCED SEQ2SEQ ADVERSARIAL AUTOENCODER FOR DE NOVO MOLECULAR DESIGN
- ANALYSIS OF NOISE COMPONENTS IN QUARTZ PENDULUM ACCELEROMETER WITH DIGITAL FEEDBACK AMPLIFIER
STUDY OF MAXIMUM POWER POINT TRACKING ALGORITHMS FOR EFFICIENCY GROWTH OF PHOTOVOLTAIC CELLS
- MAINTAINING OF INTERNAL CONSISTENCY OF ALGEBRAIC BAYESIAN NETWORKS WITH LINEAR AND STELLATE STRUCTURE