Сергій Толюпа,Сергій Штаненко,Serhiі Tolіupa,,Serhii Shtanenko,

DOI: https://doi.org/10.17721/ists.2023.1.28-36

2023-01-01

Information systems and technologies security

Abstract:An effective solution to the problems of analysis and synthesis of information security management systems can not be provided by simple ways of simply describing their behavior in different conditions - systems engineering solves problems that require quantitative evaluation of characteristics. Such data, obtained experimentally or by mathematical modeling, should reveal the properties of information security management systems. The main one is efficiency, which means the degree of compliance of the results of information protection to the goal. The latter, depending on the resources available, the knowledge of developers and other factors, can be achieved to one degree or another, and there are alternative ways to implement it. In a number of publications the authors propose the basics of the categorical apparatus of set theory, which allows to explain the relationship between sets of threats and sets of information protection system, which allows to build different mathematical models to analyze information exchange systems in critical application systems. At present, the creation of information security management systems is not possible without research and generalization of world experience in building information systems and their constituent subsystems, one of the key of which are information protection and intrusion prevention systems. Components of the process of attacking the mechanisms of protection and blocking or destruction of cyber threats themselves are components of the mathematical support of such systems. The basis of such models is the mathematical apparatus, which should ensure the adequacy of modeling of information security processes for any conditions of cyber threats. When defining the mathematical apparatus, it is necessary to clearly understand how certain sets of cyber threats are built, and how the sets of cyber threat sets, sets of security system elements and sets of cyber attack detection systems, which should control the correctness of the information security process. The article analyzes various options for building models of information security management system and creates a mathematical model that takes into account the internal relationships of different subsets of components of the information security system under the influence of cyber threats.

O.I. Peliukh,M.V. Yesina,D.Yu. Holubnychyi

DOI: https://doi.org/10.30837/rt.2024.1.216.03

2024-03-20

Radiotekhnika

Abstract:In the modern world, information and communication systems (ICS) have become an integral part of our lives, processing, storing and transmitting information. However, this dependence makes them extremely vulnerable to various threats. The article examines the current threats that call into question the normal functioning of ICS. The authors emphasise the constant evolution of these threats, which makes them more complex and dangerous. This necessitates constant research and development of new methods and means of information protection, as well as raising awareness of ICS users about cyber threats. The purpose of the article is to study modern ICS threats and develop recommendations for improving the level of information security (IS). The article provides a classification of ICS IS threats by various criteria: by the basic principles of the cybersecurity triad (confidentiality, integrity and availability), by sources of threats (internal and external), by the amount of damage caused (from general to private), by the degree of impact (passive and active) and by the nature of occurrence (natural and artificial). The article reveals the sources of threats to ICS security: unintentional (related to user errors, software failures or hardware failures) and intentional (cyber-attacks aimed at causing damage to ICS). Particular attention is paid to cyberattacks that are becoming more widespread. The authors describe different types of cyberattacks, as well as methods and means of their implementation. An important aspect of the article is the development of recommendations for improving the level of security. Along with the technical aspects of protection, the article considers the importance of implementing organisational measures such as security policy, access control and privilege management. The article also draws attention to the importance of complying with international and national standards for the protection of information in ICS. These measures help to avoid leakage or prevent unauthorised access to valuable information.

Yulia Yu. Kosenkova,Sergei V. Romanovskii,Elena P. Tsatskina,,,

DOI: https://doi.org/10.28995/2686-679x-2023-2-46-69

2023-01-01

Abstract:The current stage of Russian society development is characterized by the implementation of measures aimed at the development of digital technologies and their introduction into various spheres of the economy. An example of an innovative digital breakthrough in Russia is the Federal Tax Service, which accumulates significant amounts of confidential information, maintains a large number of registries, and implements a large number of services, including those not related to taxation. The realization of threats to information security in relation to information and communication technologies of the Federal Tax Service can lead to negative consequences. The purpose of the study is to build a model that allows assessing the probability of occurrence of the threats in question and their impact on digital interaction system between tax authorities and taxpayers, and the security of databases formed by tax authorities. The study applies universal methods of scientific cognition and mathematical methods for the construction of a risk assessment model. As a result, a model is proposed that allows assessment of information security risks, which information and communication technologies of the Federal Tax Service of Russia are exposed to. The proposed model can be used both at various levels of tax administration and in other spheres of state and municipal administration.

,S. I. Gluhov

DOI: https://doi.org/10.31673/2412-4338.2024.021920

2024-01-01

Telecommunication and information technologies

Abstract:Statistics of information security breaches show that information compromise is one of the most frequent security violations, and almost half of them are aimed at acquiring personal data. Since companies suffer significant financial losses, lose customers and their reputation due to the leakage of personal data, it is this category of data that requires particularly reliable and effective protection. It has been established that for the effective protection of personal data processed in information and communication systems, it is necessary to implement a complex of normative-legal, organizational, engineering-technical and software-hardware measures. The basic principles of the regulatory and legal protection of personal data in Ukraine, which obliges enterprises, organizations and institutions that own or dispose of personal data, to ensure their proper protection, are considered. The paper analyzes the existing models of threats to personal data and data security tools, in particular the requirements for their formation, elements, factors and characteristics that must be considered during modeling. Based on the obtained results, an algorithm for improving the efficiency of personal data protection in ICS is proposed, which, thanks to the combination of threat and security violator models, has a synergistic effect and leads to an increase in the quality of data protection indicators. Achieving a synergistic effect on increasing the efficiency of personal data protection creates advantages of the presented model in comparison with existing models and algorithms. Recommendations for organizations and individuals on improving the efficiency of personal data protection in ICS are also presented, constant compliance with which will help reduce the number of incidents related to the compromise of personal information.

Aleksey Novokhrestov,Anton Konev,Alexander Shelupanov

DOI: https://doi.org/10.3390/sym11121506

2019-12-11

Symmetry

Abstract:This article highlights the issue of identifying information security threats to computer networks. The aim of the study is to increase the number of identified threats. Firstly, it was carried out the analysis of computer network models used to identify threats, as well as in approaches to building computer network threat models. The shortcomings that need to be corrected are highlighted. On the basis of the mathematical apparatus of attributive metagraphs, a computer network model is developed that allows to describe the software components of computer networks and all possible connections between them. On the basis of elementary operations on metagraphs, a model of threats to the security of computer network software is developed, which allows compiling lists of threats to the integrity and confidentiality of computer network software. These lists include more threats in comparison with the considered analogues.

Aleksandar Šijan,Dejan Viduka,Luka Ilić,Bratislav Predić,Darjan Karabašević

DOI: https://doi.org/10.3390/electronics13214209

IF: 2.9

2024-10-27

Electronics

Abstract:This paper presents a comprehensive model for cyber security risk assessment using the PIPRECIA-S method within decision theory, which enables organizations to systematically identify, assess and prioritize key cyber threats. The study focuses on the evaluation of malware, ransomware, phishing and DDoS attacks, using criteria such as severity of impact, financial losses, ease of detection and prevention, impact on reputation and system recovery. This approach facilitates decision making, as it enables the flexible adaptation of the risk assessment to the specific needs of an organization. The PIPRECIA-S model has proven to be useful for identifying the most critical threats, with a special emphasis on ransomware and DDoS attacks, which represent the most significant risks to businesses. This model provides a framework for making informed and strategic decisions to reduce risk and strengthen cyber security, which are critical in a digital environment where threats become more and more sophisticated.

engineering, electrical & electronic,computer science, information systems,physics, applied

Dmitrii E. Belomoytsev,,Tamara M. Volosatova,Anastasiya A. Kozar,Mikhail V. Filippov,Nikolai V. Chichvarin,,,,

DOI: https://doi.org/10.28995/2686-679x-2021-3-52-73

2021-01-01

Abstract:The article presents results of researches and the analysis of means of unauthorized access and Directors of hindrances to means of communication and navigation of aircraft. It also shows that the issue of protecting automated systems of aviation equipment from threats to information security is becoming increasingly important in the context of an increase in the level of automation for prospective aircraft engines, onboard equipment, systems and units of aircraft, an increase in the complexity of onboard information systems. There is an analysis in the means of electronic warfare, capable of influencing the flight of an aircraft, both intentionally and unintentionally. There also is a statistical inference of aviation accidents on various aircraft flight phases. The airplane mathematical model constructed taking into account hindrances and harmful impacts on the onboard equipment is developed. Static stability of the plane longitudinal movement taking into account the external environment is investigated. The article gives results of a numerical experiment showing offered mathematical model high degree of adequacy. The materials of the publication contain the results of theoretical research and numerical experiment conducted using a mathematical model of the dynamics of controlled flight of the aircraft under the action of both natural noise and intentional harmful effects on the means of communication and navigation of AIRCRAFT, as well as hacker attacks on onboard computing facilities. The model is implemented in Matlab/Simulink, which allows building a workstation simulator. That in turn allows for taking into account the “human factor” when modeling the flight of an aircraft.

V. M. Akhramovych,

DOI: https://doi.org/10.31673/2412-4338.2021.046277

2021-01-01

Telecommunication and information technologies

Abstract:With the development of digital and information technologies, electronic theft, forgery of documents, etc. began to appear. Criminals have mastered a new space and cause damage, stealing data not only from commercial organizations, for example, Borovikov systems, but also personal files of the average user. The service of protecting information on a PC has already become popular. Users are increasingly becoming aware of the importance of technical security of data stored on electronic devices. Not all users can take care of the security of private files and configure protection on their PC. Therefore, the article is devoted to the issue of quantifying the information security indicator on a computer, depending on the impact on the information structure of various types of internal and external threats (reflects: identification and authentication of users, control of data integrity and authenticity, data backup, delimitation of access to information, Firewall operation (packet filter), audit, antivirus, failures of software and hardware components, speed of information leakage, the effect of the amount of information on their leakage, the effect of information security threats from the loss of trust between users, the effect of the size of the computer system on security, the impact of computer security on information leakage). To solve the specified tasks, a mathematical model of information protection in a PC based on a system of differential equations was developed and solutions were simulated in the MatLab system. Three options for solving the equation near the steady state of the system were considered (a more visual analysis of the system’s behavior was performed, with a transition from the differential form of the equations to a discrete one and modeling of a certain interval of the system’s existence), it was concluded that, based on the conditions of the ratio of dissipation and the natural frequency of fluctuations of the magnitude, damping the latter up to a certain value is carried out periodically, with a decaying amplitude, or according to an exponentially decaying law. Taking into account the impact of the specified parameters on information protection and the possibility of determining a quantitative indicator of protection, PC users will be able to independently assess the impact of each component of threats and make adequate protection decisions.

Konrad Trzonkowski,Olena Khalina,Paulina Kolisnichenko,Nataliia Rozumovych,Oleksandr Zhyhulin

DOI: https://doi.org/10.34069/ai/2023.69.09.28

2023-09-30

Revista Amazonia Investiga

Abstract:The aim of the article was to study the characteristics of the formation of an information system to implement the administrative and legal mechanism to ensure financial and economic security under the influence of cyber threats. The research methodology involved the use of hierarchical and pairwise comparison analysis, as well as the method of expert analysis, with the help of academic documentary sources. As a result of the study, the main cyber threats in the information system of the administrative and legal mechanism for ensuring financial and economic security were identified and ordered according to their level of influence. This order will allow the management apparatus to understand, at least in theory, the hierarchy of importance of existing threats and subsequently use the latter to build information systems. Everything allows to conclude that, by analyzing the obtained results, a methodical approach to the assessment of cyber threats to financial and economic security was formed. However, the study has its limitations, as for the formation of the above-mentioned information systems, a small number of cyber threats were adopted, which are also characteristic for a particular country like Ukraine.

Svitlana Lehominova,Halyna Haidur

DOI: https://doi.org/10.28925/2663-4023.2023.22.5467

2023-01-01

Abstract:Taking into account the process of complication of the geopolitical and geoeconomic landscape space, the development of information technologies and the formation of new security challenges associated with the emergence of new cyber threats, there is a need for constant monitoring and forecasting of them in order to prevent consequences in the form of damage and leakage of valuable and confidential information. The authors analyzed the new predictable cyber security threats to organizations, with special attention paid to the protection of endpoints. Threats identified in the field of artificial intelligence development (underground development of malicious Large Language Models (LLM); “Script Kiddies” update; voice fraud for social engineering, which is created by artificial intelligence); changing trends in the behavior of threat actors (attacks on supply chains against managed file transfer solutions, malware threats that are becoming multilingual); as new emerging threats and attack methods (growing QR code rivalry; stealth attacks on peripheral devices; Python implementation in Excel creating a potentially new vector for attacks; LOL drivers changing action algorithms). The resulting detection of future threats emphasizes the need for strategic planning for the adoption of new technologies and platforms: such as Endpoint Detection and Response (EDR) capabilities, as well as the use of EDR as part of a multi-instrumented enhanced detection and response (XDR) architecture. Gartner’s research has been proven to have a tremendous impact on improving organizations’ threat detection capabilities by providing valuable insight into the strengths and weaknesses of each cybersecurity service provider with respect to emerging threat intelligence, by focusing organizations’ attention on opportunities to identify gaps in their existing security infrastructure and adopt sound decisions to invest in additional solutions or services that effectively address these gaps. The spheres of activity of the world’s leading companies were analyzed, their connection with Ukrainian companies was found, and further cooperation was proposed for the effective protection of national cyberspace.

A. M. Konakov,A. G. Pevneva

DOI: https://doi.org/10.21822/2073-6185-2023-50-4-109-114

2024-01-23

Abstract:Objective . The purpose of the study is the functionality of designing, building and implementing protection systems taking into account the time factor. Method . The analysis of the functional interaction of the construction of three sequentially interconnected dynamic models and data transfer between them is carried out. Result . A general model of the system of protection and forecasting of possible threats in ensuring the security of information and infrastructure, taking into account the time factor, has been developed and proposed for implementation. Conclusion . The field of information security considered in the article is a necessary component of ensuring the protection of information resources and related systems from various threats. The application of the basics of dynamic modeling of data, processes and structures in terms of time, allows you to assess risks and threats, identify certain significant shortcomings and eliminate them, thereby optimizing costs, increasing the efficiency of ensuring security

Yu-peng LIU,Shi-you QU

DOI: https://doi.org/10.3969/j.issn.1007-3221.2014.01.021

2014-01-01

Abstract:In recent years , more and more evidence shows that the security of information systems and information management within the organization is a major security risk .Therefore , it is particularly urgent and important that internal staff shall be evaluated and a staff competenly information security responsibility is found to eliminate internal attack behaviours of employees and ensure the security of information systems and information manage-ment.Consequently information security competency evaluation for internal staff is an important issue .Under the analysis of the characteristics of the aggressive behavior from internal staff and a comprehensive summary of the competency research , internal staff information security competency evaluation index system is built .On this base , organization internal staff information security competency evaluation model is proposed .Based on safety and risk prevention thinking , the model divides the evaluation into two stages and takes into account the person-ality advantage of the decision makers in decision-making preferences and individuality advantage , which more realistically reflects the difference between the team members .Finally, the effectiveness and practicality of the evaluation model is verified through case analysis .

Marek Amanowicz,Mariusz Kamola

DOI: https://doi.org/10.3390/electronics11223835

IF: 2.9

2022-11-22

Electronics

Abstract:Protection against a growing number of increasingly sophisticated and complex cyberattacks requires the real-time acquisition of up-to-date information on identified threats and their potential impact on an enterprise's operation. However, the complexity and variety of IT/OT infrastructure interdependencies and the business processes and services it supports significantly complicate this task. Hence, we propose a novel solution here that provides security awareness of critical infrastructure entities. Appropriate measures and methods for comprehensively managing cyberspace security and resilience in an enterprise are provided, and these take into account the aspects of confidentiality, availability, and integrity of the essential services offered across the underlying business processes and IT infrastructure. The abstraction of these entities as business objects is proposed to uniformly address them and their interdependencies. In this paper, the concept of modeling the cyberspace of interdependent services, business processes, and systems and the procedures for assessing and predicting their attributes and dynamic states are depicted. The enterprise can build a model of its operation with the proposed formalism, which takes it to the first level of security awareness. Through dedicated simulation procedures, the enterprise can anticipate the evolution of actual or hypothetical threats and related risks, which is the second level of awareness. Finally, simulation-driven analyses can serve in guiding operations toward improvement with respect to resilience and threat protection, bringing the enterprise to the third level of awareness. The solution is also applied in the case study of an essential service provider.

engineering, electrical & electronic,computer science, information systems,physics, applied

D.A. Kurmanova,D.R. Sultangareev,L.R. Khabibullina,,,

DOI: https://doi.org/10.17122/2541-8904-2020-2-32-82-91

2020-01-01

Bulletin USPTU Science education economy Series economy

Abstract:Cyber incidents continue to move up in the rating of possible threats and occupy the second position in the ranking of risks in the activities of companies (40 %). Five years ago, they were on the fifteenth line. Like a natural disaster or pandemic, a cyber attack can have a negative impact on hundreds of companies, and the number of such incidents is growing. So-called "cyber incidents",when hackers interfere with the activities of a large number of companies, using the dependencies of their shared Internet infrastructure, occur more often. This reflects the fact that today's world of risk management is more volatile than ever. At the same time, with the upcoming entry into force of the General data protection regulation (GDPR), which has been in effect throughout Europe since may 2018, the prospects of imposing more and larger fines on companies that do not comply with it have already become real. Actions taken by the company in light of a data integrity violation directly affect the final cost of such a violation. Reputational damage is inevitable if the response to a cyber incident is inadequate. New risks require new tools to respond to their potential impacts and mitigate them. This article discusses the possible risks of financial technologies, draws attention to cyber threats, the frequency of which is increasing, and offers a model for identifying and evaluating cyber risks.

Iryna Shtanhret,

DOI: https://doi.org/10.32782/easterneurope.41-17

2023-01-01

Abstract:The creation of a system of economic security of the enterprise in the conditions of each enterprise should be accompanied by the awareness of the fact of the need for its development to maintain the ability to respond in a timely manner to changes in the significance of the impact of key threats and to prepare the basis for the most effective use of each new opportunity. The issue of information provision is exacerbated by the exponential increase in information messages, only a limited portion of which is suitable for use in security activities. The purpose of the research is to develop a model of the information support subsystem as an important component of the enterprise's economic security system. In order to form the theoretical basis for the development of the enterprise's economic security system, the following methods were applied: induction and deduction, comparison and systematization – in the study of the essential characteristics of the term "information provision"; synthesis and analysis – to form the content of each component subsystem of the information support system of the enterprise's economic security; morphological analysis – to clarify the nature of changes in the information support system of enterprise management, which will allow to form a subsystem of information support for the implementation of security activities in the conditions of the enterprise; graphic – for visual representation of theoretical and methodical material; abstract-logical – for theoretical generalizations and research conclusions. The construction of the information support subsystem requires the modification of certain parameters of the information support system of enterprise management, based on the tasks that are set before the security subjects. A model has been developed that outlines the purpose and tasks of the information support subsystem, contains functions and principles, and also defines the objects and subjects that are activated within the mechanism of information processing, which involves receiving, checking, supplementing, processing, sending and saving information messages. The practical application of the developed model of the information support subsystem will make it possible to form an information basis for the development of the enterprise's economic security system based on tracking trends in the digital transformation of the economy and the enterprise, as well as the results of security activities.

Oleksandr Khrapkin,

DOI: https://doi.org/10.25140/2411-5215-2023-4(36)-86-94

2023-01-01

Abstract:The article deals with the peculiarities of ensuring strategic management of information security of modern enterprises. Nowadays, information security systems are designed to ensure the full function-ing of an enterprise's information infrastructure using various types of information services, automation of financial and production activities, as well as its business processes.The basic provisions of information security are formalized and enshrined in the Information Security Strategy of Ukraine. Other regulatory documents and standards of enterprises must comply with the laws and regulatory framework of Ukraine, international law, industry standards and EU and NATO directives.The article considers the need to form an information security management system, which is caused by the existence of internal and external threats, their destructive consequences for the activities and image of an enterprise. The tasks of information security are analyzed: data confidentiality, integ-rity, availability, ensuring the reliability of information, ensuring the legal significance of information, ensuring the untraceability of user actions. Information security management involves identifying po-tential risks to an enterprise, assessing the potential impact, developing and implementing strategies to eliminate problems designed to minimize risks with the available resources.The main stages of developing an information security policy are identified: complete registration of all information resources that require protection; formation of a list of possible threats to each re-source from the list; assessment of the probability of occurrence of each threat; application of actions for the effective protection of each resource. The basic principles of an information security management system for an enterprise are outlined: ease of use, full control, open architecture, access limits, least privileges, sufficient stability, and minimization of duplication. It is also about storing and processing significant amounts of information of varying degrees of confidentiality, so the issue of protecting im-portant enterprise information data from various internal and external threats is relevant

Vladimír Bolek,Anita Romanová,František Korček

DOI: https://doi.org/10.4018/jgim.316833

2023-01-20

Journal of Global Information Management

Abstract:Enterprises trading on the electronic markets are exposed to security risks due to the active use of ICT in several transformation process activities. Realized risks cause particular damage to the enterprises that lack ISMS (information security management systems) or a basic process approach to IS management. In this article, the authors identify similarities and differences in information security management models from various aspects. The scientific article compares the presented models, their essence, goal, focus, and starting points. Based on advantages and disadvantages, the authors evaluate the possibilities of applying models in electronic business, which determines which models can be applied to all processes or only to specific processes of e-business. The representative data set was obtained from a sample of e-commerce enterprises using the Slovak electronic market. Research hypotheses based on scientific assumptions and statistical analysis are verified. The research conclusions provide an insight into practice of ISMS and an information security management system in e-commerce.

information science & library science

A Novokhrestov,A Konev,A Shelupanov,A Buymov

DOI: https://doi.org/10.1088/1742-6596/1488/1/012002

2020-03-01

Journal of Physics: Conference Series

Abstract:Abstract The paper discusses methods for constructing threat models of information systems and computer networks. The disadvantages of existing approaches are highlighted. The authors propose an approach to building a computer network model, as well as describing threats to information and the system. The proposed approach takes into account the identified shortcomings of existing solutions and is aimed at reducing the impact of the subjective opinion of an expert when compiling lists of threats.

English Else

Liubomyr S. Sikora,Nataliia K. Lysa,Yevhen I. Tsikalo,Olga Yu. Fedevych

DOI: https://doi.org/10.13052/jcsm2245-1439.123.7

2023-05-18

Journal of Cyber Security and Mobility

Abstract:The complication of technological processes due to the modernization of complex technological processes aggregates with a distributed spatial infrastructure requires the use of new control systems and computer and information network technologies. Accordingly, this poses the problem of revising the basic concepts of information-measuring systems building, developing software and hardware for the implementation of the target management process. This requires development of new approaches to presentation, processing, and display of data about the aggregates state of energy-active objects and the entire information structure. For management under threat conditions, it is necessary to take into account the features of the information infrastructure, data selection and processing methods, methods and algorithms for classifying the situation, which are formed from blocks of data obtained from each unit and the technological process as a whole. Information about the current state of system and infrastructure is necessary for the formation, adoption and implementation of management decisions which is the basis for coordination strategies synthesis. Appropriate target orientation, reasonable indicators of real process trajectories divergence from the target state determine the probability of object attack. Knowledge and decision-making procedures for the coordination of managerial actions is based on the strategic target orientation of the structure, their professionalism and the level of intellectual, cognitive and scientific training which is the basis for correct situation interpretation of countermeasures against threats formation. In the event of active threats complex on man-made systems in a certain region (resource, cognitive, system, information) and natural disasters or military operations, the threats lead to active destruction or failure of the production process. In order to functionally withstand related production structures, when loyal to the industrial relations concept, they need to integrate at the strategic management level on common goal basis to reduce risks. If necessary, to increase sustainability, they can be integrated at operational management level using interconnections at the production and resource levels. To do this, it is necessary to develop a strategic and goal-oriented management system behaviour line, which requires informational and intelligent data processing at the highest level using cognitive creative methods. For each level of the infrastructure hierarchy, oriented towards strategic goals in the global infrastructure dynamic environment, methods of assessing the situation to detect failures and the actions of attacks have been developed, based on which countermeasures are formed depending on the type of threats.

Volodymyr DZHULIY,Natalia PETLIAK,Yuri KHMELNYTSKYI,Oleksandr PAKHAR,

DOI: https://doi.org/10.31891/2307-5732-2022-313-5-294-300

2022-10-27

Abstract:The tasks of analysis and classification of detection of existing mechanisms for the implementation of attacks and threats to information security, which can lead to unauthorized access to confidential information, disruption of the functioning of information systems, are relevant and prioritized at the current stage. The importance of the problems is connected with the following main factors: growth of variety and quantity of means of computer technology and spheres of human activity; a high level of trust in information and search systems for data processing and management; the growth of the number of users of the information space of interaction; accumulation of large volumes of various types of information, intensive exchange of data flow in the network between users, using a wide range of access mechanisms to confidential resources, information processes; industrial espionage and competitive struggle in the sphere of information services of society; insufficient number at the present stage of highly qualified specialists in the field of information security, market relations in the field of software development, maintenance, distribution, production of computing equipment for the implementation of information security. The presented model of the flow of text messages of thematic Internet resources of the information security forecasting system and the information model of the forum database of the thematic Internet resource, which differs from the known ones in its universality, allows to analyze and study the data flow of Internet forums implemented on the basis of popular software platforms for the development of discussion information thematic resources The model of the flow of text messages of thematic Internet forums allows statistical analysis and semantic filtering of messages, taking into account authorship, author rating, forum, time of creation, number of messages, forum topic, allows analysis and research of text messages of thematic Internet resources. Solving the set tasks will allow: to improve the quality of decisions made in the process of identifying and counteracting malicious information; sort information objects of influence for the operator by priority; set the input data settings of the system of detection and countermeasures against the spread of malicious information in networks.