Russian Federation
The purpose of the article is to clarify the relationship between the concepts of computer incidents, events and incidents of information security. Various definitions of these terms have appeared in the scientific literature and standards, the understanding of which complicates practical activities to respond to the entire wide and diverse range of information security events and incidents. To detect signs of possible threats and classify them using neural networks and machine learning, it is necessary to have a clearer understanding of the ratio of multiple computer attacks, events and incidents of information security. The paper uses methods of comparative analysis of documents, an integrated approach to the study of terms and their content in the field of information security. Therefore, reducing the basic concepts to a single understanding will help improve the response system. As a result of the research, the author proposed a model for the interaction of nested sets of computer attacks, incidents and information security events, the list of unacceptable events is highlighted.
event, incident, threat, computer attack, response, detection, classification
1. Zegzhda D.P. Teoreticheskie osnovy kiberustojchivosti i praktika prognosticheskoj zashchity ot kiberatak: monografiya. SPb.: POLITEH-PRESS, 2022. 490 s.
2. Vil'hovskij D.E. Vozmozhnosti II v sfere kiberbezopasnosti: voprosy obnaruzheniya, predotvrashcheniya i reagirovaniya na SQL-in"ekcii, XSS- i CSRF-ataki // Matematicheskie struktury i modelirovanie. 2024. №4. S. 111–124.
3. Oyinloye T.S., Arowolo M.O., Prasad R. Enhancing cyber threat detection with an improved artificial neural network model // Data Science and Management. 2025. № 8. P. 107–115.
4. Modelirovanie processov upravleniya incidentami informacionnoj bezopasnosti na predpriyatii / E.S. Mityakov [i dr.] // Russian Technological Journal. 2024. T. 12. № 6. S. 39−47.
5. Muller O., Junglas I., Brocke J. The use of Big Data analytics for Information Systems research: Problems, Promises and Recommendations // European Journal of Information Systems. 2016. № 25 (1). P. 289–202.
6. Mikalef P., Krogsti J. Exploring the interaction between big data analytics and contextual factors in stimulating process innovation opportunities // European Journal of Information Systems. 2020. № 29 (3). P. 260–287.
7. Krundyshev V.M. Avtomatizirovannaya sistema analiza kiberugroz v kriticheskoj informacionnoj infrastrukture: avtoref. dis. … kand. tekhn. nauk. Sankt-Peterburg, 2021. 19 s.
8. Yazov Yu.K. Osnovy teorii sostavnyh setej Petri-Markova i ih primeneniya dlya modelirovaniya processov realizacii ugroz bezopasnosti informacii v informacionnyh sistemah: monografiya. SPb.: Scientia, 2024. 196 s.
9. Issledovanie nejrosetevyh tekhnologij dlya vyyavleniya incidentov informacionnoj bezopasnosti / R. A. Markov [i dr.] // Molodoj uchenyj. 2015. № 23 (103). S. 55–60.
10. Kiberbezopasnost' cifrovoj industrii. Teoriya i praktika funkcional'noj ustojchivosti k kiberatakam / pod red. D.P. Zegzhda. M.: Goryachaya liniya-Telekom, 2023. 560 s.
11. Pavlenko E.Yu. Vyyavlenie vredonosnyh Android-prilozhenij s ispol'zovaniem svertochnoj nejronnoj seti // Problemy informacionnoj bezopasnosti. Komp'yuternye sistemy. 2018. № 3. S. 107–119.
12. Zegzhda P.D. Ispol'zovanie iskusstvennoj nejronnoj seti dlya opredeleniya avtomaticheski upravlyaemyh akkauntov v social'nyh setyah // Problemy informacionnoj bezopasnosti. Komp'yuternye sistemy. 2016. № 4. S. 9–15.
13. Majorova E.V. Metodicheskie aspekty reagirovaniya na incidenty informacionnoj bezopasnosti v usloviyah cifrovoj ekonomiki // Peterburgskij ekonomicheskij zhurnal. 2020. № 1. C.158–159.
14. Computer Security Incident Handling Guide. URL: https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-61r2.pdf (data obrashcheniya 13.02.2025).
15. Babash A.V. Ugrozy i riski informacionnoj bezopasnosti sub"ekta ekonomicheskoj deyatel'nosti: ucheb. posobie. M.: FGBOU VO «REU im. G.V. Plekhanova», 2022.144 s.
16. Sychev Yu.N. osnovy informacionnoj bezopasnosti: ucheb. posobie. M.: INFRA-M, 2023. 337 s.
17. Avramenko V.S., Malikov A.V., Seleznev A.V. Problemy upravleniya sobytiyami i incidentami informacionnoj bezopasnosti v avtomatizirovannyh sistemah special'nogo naznacheniya // Tekhnika sredstv svyazi. 2018. № 2 (142). S.48–52.
18. GOST R 59709–2022 Zashchita informacii. Upravlenie komp'yuternymi incidentami. Terminy i opredeleniya. Izdanie oficial'noe. M.: Rossijskij institut standartizacii, 2022. 16 s.
19. GOST R 56939–2016 Zashchita informacii. Razrabotka bezopasnogo programmnogo obespecheniya. Obshchie trebovaniya. Izdanie oficial'noe. M.: Standartinform, 2016. 24 s.
20. A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions / Ö. Aslan [et al.] // Electronics. 2023. Vol. 12. № 6. P. 1333. https://doi.org/10.3390/electronics12061333.
