Russian Federation
UDC 004.5
The work is devoted to the problem of unintentional insider, which is a consequence of the user's deviations from normal behavior (deviation) when being in a state of fatigue, stress, affect, prolonged performance of routine tasks, etc.; the relevant prerequisites for threats to information security are substantiated. Using the author's analytical model of such behavior, a method is proposed to counteract unintentional insider by increasing the resistance to user behavior deviation of the instructions themselves. The method consists of 12 following steps: formalization of instructions, isolation of logic and interface elements, selection of features of interface elements, identification of user groups, determination of the level of deviation, building a behavior model, specifying limit values for violations, solving an optimization problem (for correcting instructions), clarifying instructions, adapting instructions, testing instructions, correcting the model. A graphical diagram of the method is presented with its division into the expert's field of action, a decision support system (unified as automation tools), as well as interaction with external components (data, algorithms, and tools). The possibility of using large language models to help an expert perform a number of steps is substantiated.
information system, information security, unintentional insider, instruction, countermeasure method, artificial intelligence
1. Leonov N.V. Metodologiya i elementy tekhnologii modelirovaniya strategicheskikh zadach upravleniya uyazvimostyami v PO. Chastʹ 1. Kontseptualʹnye osnovy i ontologicheskaya modelʹ // Zashchita informatsii. Insajd. 2025. № 3 (123). S. 17–21.
2. Leonov N.V. Metodologiya i elementy tekhnologii modelirovaniya strategicheskikh zadach upravleniya uyazvimostyami v PO. Chastʹ 2. Imitatsionnoe modelirovanie i otsenka sostoyaniya // Zashchita informatsii. Insajd. 2025. № 4 (124). S. 56–61.
3. Semin R.V., Novosyadlyj V.A. Issledovanie zadachi aktivnogo audita parolʹnoj politiki v kompʹyuternykh setyakh // Izvestiya YuFU. Tekhnicheskie nauki. 2015. № 5 (166). S. 47–55.
4. Vlasov D.S. K voprosu o priznakakh insajderskoj deyatelʹnosti // Natsionalʹnaya bezopasnostʹ i strategicheskoe planirovanie. 2024. № 1 (45). S. 35–45. DOI:https://doi.org/10.37468/2307-1400-2024-1-35-45.
5. Izrailov K.E., Bujnevich M.V. Metod obnaruzheniya atak razlichnogo geneza na slozhnye obʺekty na osnove informatsii sostoyaniya. Chastʹ 1. Predposylki i skhema // Voprosy kiberbezopasnosti. 2023. № 3 (55). S. 90–100. DOI:https://doi.org/10.21681/2311-3456-2023-3-90-100.
6. Izrailov K.E., Bujnevich M.V. Metod obnaruzheniya atak razlichnogo geneza na slozhnye obʺekty na osnove informatsii sostoyaniya. Chastʹ 2. Algoritm, modelʹ i eksperiment // Voprosy kiberbezopasnosti. 2023. № 4 (56). S. 80–93. DOI:https://doi.org/10.21681/2311-3456-2023-4-80-93.
7. Bujnevich M.V., Moiseenko G.Yu. Narushenie reglamenta pri rabote s informatsionnoj sistemoj kak ugroza bezopasnosti informatsionnym resursam // Regionalʹnaya informatika i informatsionnaya bezopasnostʹ: sb. trudov Sankt-Peterburgskoj mezhdunar. konf. i Sankt-Peterburgskoj mezhregion. konf. Sankt-Peterburg, 2024. S. 78–79.
8. Moiseenko G.Yu. Formalʹnaya postanovka zadachi protivodejstviya neumyshlennomu insajdingu v organizatsii putem korrektirovki dolzhnostnykh instruktsij // Zashchita informatsii. Insajd. 2025. № 6 (126). S. 61–69.
9. Bujnevich M.V., Moiseenko G.Yu. Obzor modelej povedeniya polʹzovatelya informatsionnoj sistemy v interesakh protivodejstviya insajderskoj deyatelʹnosti (po sostoyaniyu otechestvennogo nauchnogo segmenta) // Nauchno-analiticheskij zhurnal «Vestnik Sankt-Peterburgskogo universiteta Gosudarstvennoj protivopozharnoj sluzhby MCHS Rossii». 2024. № 4. S. 89–102. DOI:https://doi.org/10.61260/2218-130X-2025-2024-4-89-102.
10. Tsaregorodtsev A.V., Mukhin I.N., Volkov S.D. Metodika otsenki urovnya tsifrovoj avtonomii informatsionnogo produkta // Sovremennaya nauka: aktualʹnye problemy teorii i praktiki. Ser.: Estestvennye i tekhnicheskie nauki. 2024. № 7-2. S. 196–203. DOI:https://doi.org/10.37882/2223-2966.2024.7-2.38.
11. Matveev A.V., Matveev V.V. Sistemno-kiberneticheskij podkhod k opredeleniyu ponyatiya «bezopasnostʹ» // Natsionalʹnaya bezopasnostʹ i strategicheskoe planirovanie. 2015. № 1 (9). S. 18–25.
12. Antropova E.G. Reshenie optimizatsionnykh zadach pri pomoshchi nejronnykh setej // Protsessy upravleniya i ustojchivostʹ. 2024. T. 11. № 1. S. 173–178.
13. Reztsov S.M. Sravnitelʹnyj analiz yazykovykh modelej v obrabotke nestrukturirovannykh dannykh na primere DeepSeek i GigaChat // Paradigma. 2025. № 5-2. S. 200–204.
14. Matveev A.V., Ivanov A.Yu. Ispolʹzovanie bolʹshikh yazykovykh modelej v oblasti bezopasnosti v chrezvychajnykh situatsiyakh: obzor issledovanij i analiz vozmozhnostej // Nauchno-analiticheskij zhurnal «Vestnik Sankt-Peterburgskogo universiteta Gosudarstvennoj protivopozharnoj sluzhby MChS Rossii». 2025. № 3. S. 136–146. DOI:https://doi.org/10.61260/2218-130X-2025-3-136-146.
15. Kurta P.A., Bujnevich M.V. Ontologicheskaya modelʹ vzaimodejstviya polʹzovatelya s informatsionnoj sistemoj v ramkakh polucheniya uslugi informatsionnogo servisa // Vestnik kibernetiki. 2021. № 2 (42). S. 17–23. DOI:https://doi.org/10.34822/1999-7604-2021-2-17-23.
16. Bujnevich M.V., Vostrykh A.V. Metody otsenki graficheskikh polʹzovatelʹskikh interfejsov. Vizualʹnaya sostavlyayushchaya. SPb.: Sankt-Peterburgskij universitet GPS MCHS Rossii, 2024. 340 s.
17. Gaponets E.G., Marʹin A.I. Problemy effektivnosti gruppovogo povedeniya po opytu vnutrennikh vojsk MVD Rossii // Aktualʹnye problemy gumanitarnykh i sotsialʹno-ekonomicheskikh nauk. 2010. T. 4. № 3. S. 40–44.
18. Budnikova I.K., Pleteneva E.V. Klasternyj analiz kak funktsiya intellektualʹnogo analiza dannykh // Informatsionnye tekhnologii v stroitelʹnykh, sotsialʹnykh i ekonomicheskikh sistemakh. 2022. № 1 (27). S. 25–28.
19. Maksimus D.A. Analiz dannykh anketirovaniya gosudarstvennykh sluzhashchikh kak polʹzovatelej svobodnogo programmnogo obespecheniya // Novoe v ekonomicheskoj kibernetike. 2020. № 3-4. S. 133–147.
20. Gusev A.A. Adaptatsiya instruktsij po resheniyu problem dostupa k seti internet na osnove portreta kompetentsij polʹzovatelya // Matematicheskoe modelirovanie i informatsionnye tekhnologii: materialy XV Vseros. (VII mezhdunar.) nauch.-tekhn. konf. studentov, aspirantov i molodykh uchenykh. Ivanovo, 2020. T. 5. S. 19.
21. Bujnevich M.V., Moiseenko G.Yu. Narushenie reglamenta pri rabote s informatsionnoj sistemoj kak ugroza bezopasnosti informatsionnym resursam // Regionalʹnaya informatika i informatsionnaya bezopasnostʹ: sb. trudov Sankt-Peterburgskoj mezhdunar. konf. i Sankt-Peterburgskoj mezhregion. konf. Sankt-Peterburg, 2024. S. 78–79.
