THE METHODOLOGY OF INFORMATION SECURITY INCIDENTS RESPONSE WITHIN DISTRIBUTED AUTOMATED INFORMATION SYSTEMS Article Swipe
Purpose of the study: to develop the unified methodology to reduce the time and effort spent by an information security incident response team to localize (contain) information security incidents occurring in distributed automated information systems. Methods of research: analysis and synthesis of existing publicly available materials and advances, including patented ones, related to information security incident response and data analysis, as well as modeling. Result(s): 1. The conceptual model and unified methodology of information security incident response are proposed, which, unlike the known ones, take into account the specifics of construction and maintenance of distributed automated information systems, focus on active counteraction to the attacker and are based on the principle of data-centricity, which reduces the time and effort spent by an information security incident response team to localize information security incidents, i.e., increase the efficiency of the activity of an information security incident response team. 2. Three methods within the proposed methodology are formulated, including the method of organizing the unified subsystem for storing information security monitoring data and information security incident data, the method of providing a mandate to perform an action to localize an information security incident, and the method of processing information security monitoring data and information security incident data. The latter method, unlike the known ones, is aimed at confirming the information security incident and making a decision on the need (lack of need) for its localization, and also provides for mandatory verification of the localization action, which allows at each stage of implementation of the proposed methodology to make a positive contribution to reducing the time and effort spent by an information security incident response team to localize information security incidents, as well as ascertain that actions to localize information security incidents were implemented. Scientific novelty: The conceptual model of response to information security incidents is based on a continuous process of data processing (data pipeline) from four different types of data sources, taking into account the attribute composition of data relevant to a particular distributed automated information system. The information security incident response methodology focuses on active counteraction to the attacker, is based on the principle of data-centricity, and provides for mandatory verification that actions to localize information security incidents were implemented.
Related Topics
Concepts
Computer science
Information security
Computer security
Information systems security
Information system
Management information systems
Engineering
Electrical engineering
Metadata
- Type
- article
- Language
- en
- Landing Page
- https://doi.org/10.21681/2311-3456-2025-4-65-72
- https://doi.org/10.21681/2311-3456-2025-4-65-72
- OA Status
- bronze
- Related Works
- 10
- OpenAlex ID
- https://openalex.org/W4413503816
All OpenAlex metadata
Raw OpenAlex JSON
- OpenAlex ID
-
https://openalex.org/W4413503816Canonical identifier for this work in OpenAlex
- DOI
-
https://doi.org/10.21681/2311-3456-2025-4-65-72Digital Object Identifier
- Title
-
THE METHODOLOGY OF INFORMATION SECURITY INCIDENTS RESPONSE WITHIN DISTRIBUTED AUTOMATED INFORMATION SYSTEMSWork title
- Type
-
articleOpenAlex work type
- Language
-
enPrimary language
- Publication year
-
2025Year of publication
- Publication date
-
2025-01-01Full publication date if available
- Authors
-
A. KuznetsovList of authors in order
- Landing page
-
https://doi.org/10.21681/2311-3456-2025-4-65-72Publisher landing page
- PDF URL
-
https://doi.org/10.21681/2311-3456-2025-4-65-72Direct link to full text PDF
- Open access
-
YesWhether a free full text is available
- OA status
-
bronzeOpen access status per OpenAlex
- OA URL
-
https://doi.org/10.21681/2311-3456-2025-4-65-72Direct OA link when available
- Concepts
-
Computer science, Information security, Computer security, Information systems security, Information system, Management information systems, Engineering, Electrical engineeringTop concepts (fields/topics) attached by OpenAlex
- Cited by
-
0Total citation count in OpenAlex
- Related works (count)
-
10Other works algorithmically related by OpenAlex
Full payload
| id | https://openalex.org/W4413503816 |
|---|---|
| doi | https://doi.org/10.21681/2311-3456-2025-4-65-72 |
| ids.doi | https://doi.org/10.21681/2311-3456-2025-4-65-72 |
| ids.openalex | https://openalex.org/W4413503816 |
| fwci | 0.0 |
| type | article |
| title | THE METHODOLOGY OF INFORMATION SECURITY INCIDENTS RESPONSE WITHIN DISTRIBUTED AUTOMATED INFORMATION SYSTEMS |
| biblio.issue | 68 |
| biblio.volume | 4 |
| biblio.last_page | 72 |
| biblio.first_page | 65 |
| topics[0].id | https://openalex.org/T14470 |
| topics[0].field.id | https://openalex.org/fields/22 |
| topics[0].field.display_name | Engineering |
| topics[0].score | 0.9848999977111816 |
| topics[0].domain.id | https://openalex.org/domains/3 |
| topics[0].domain.display_name | Physical Sciences |
| topics[0].subfield.id | https://openalex.org/subfields/2207 |
| topics[0].subfield.display_name | Control and Systems Engineering |
| topics[0].display_name | Advanced Data Processing Techniques |
| topics[1].id | https://openalex.org/T13983 |
| topics[1].field.id | https://openalex.org/fields/17 |
| topics[1].field.display_name | Computer Science |
| topics[1].score | 0.982699990272522 |
| topics[1].domain.id | https://openalex.org/domains/3 |
| topics[1].domain.display_name | Physical Sciences |
| topics[1].subfield.id | https://openalex.org/subfields/1705 |
| topics[1].subfield.display_name | Computer Networks and Communications |
| topics[1].display_name | Cybersecurity and Information Systems |
| topics[2].id | https://openalex.org/T10400 |
| topics[2].field.id | https://openalex.org/fields/17 |
| topics[2].field.display_name | Computer Science |
| topics[2].score | 0.9598000049591064 |
| topics[2].domain.id | https://openalex.org/domains/3 |
| topics[2].domain.display_name | Physical Sciences |
| topics[2].subfield.id | https://openalex.org/subfields/1705 |
| topics[2].subfield.display_name | Computer Networks and Communications |
| topics[2].display_name | Network Security and Intrusion Detection |
| is_xpac | False |
| apc_list | |
| apc_paid | |
| concepts[0].id | https://openalex.org/C41008148 |
| concepts[0].level | 0 |
| concepts[0].score | 0.6466343402862549 |
| concepts[0].wikidata | https://www.wikidata.org/wiki/Q21198 |
| concepts[0].display_name | Computer science |
| concepts[1].id | https://openalex.org/C527648132 |
| concepts[1].level | 2 |
| concepts[1].score | 0.5501009225845337 |
| concepts[1].wikidata | https://www.wikidata.org/wiki/Q189900 |
| concepts[1].display_name | Information security |
| concepts[2].id | https://openalex.org/C38652104 |
| concepts[2].level | 1 |
| concepts[2].score | 0.500481128692627 |
| concepts[2].wikidata | https://www.wikidata.org/wiki/Q3510521 |
| concepts[2].display_name | Computer security |
| concepts[3].id | https://openalex.org/C2988319471 |
| concepts[3].level | 4 |
| concepts[3].score | 0.49494069814682007 |
| concepts[3].wikidata | https://www.wikidata.org/wiki/Q189900 |
| concepts[3].display_name | Information systems security |
| concepts[4].id | https://openalex.org/C180198813 |
| concepts[4].level | 2 |
| concepts[4].score | 0.42997390031814575 |
| concepts[4].wikidata | https://www.wikidata.org/wiki/Q121182 |
| concepts[4].display_name | Information system |
| concepts[5].id | https://openalex.org/C29848774 |
| concepts[5].level | 3 |
| concepts[5].score | 0.21190425753593445 |
| concepts[5].wikidata | https://www.wikidata.org/wiki/Q61905 |
| concepts[5].display_name | Management information systems |
| concepts[6].id | https://openalex.org/C127413603 |
| concepts[6].level | 0 |
| concepts[6].score | 0.15259197354316711 |
| concepts[6].wikidata | https://www.wikidata.org/wiki/Q11023 |
| concepts[6].display_name | Engineering |
| concepts[7].id | https://openalex.org/C119599485 |
| concepts[7].level | 1 |
| concepts[7].score | 0.0 |
| concepts[7].wikidata | https://www.wikidata.org/wiki/Q43035 |
| concepts[7].display_name | Electrical engineering |
| keywords[0].id | https://openalex.org/keywords/computer-science |
| keywords[0].score | 0.6466343402862549 |
| keywords[0].display_name | Computer science |
| keywords[1].id | https://openalex.org/keywords/information-security |
| keywords[1].score | 0.5501009225845337 |
| keywords[1].display_name | Information security |
| keywords[2].id | https://openalex.org/keywords/computer-security |
| keywords[2].score | 0.500481128692627 |
| keywords[2].display_name | Computer security |
| keywords[3].id | https://openalex.org/keywords/information-systems-security |
| keywords[3].score | 0.49494069814682007 |
| keywords[3].display_name | Information systems security |
| keywords[4].id | https://openalex.org/keywords/information-system |
| keywords[4].score | 0.42997390031814575 |
| keywords[4].display_name | Information system |
| keywords[5].id | https://openalex.org/keywords/management-information-systems |
| keywords[5].score | 0.21190425753593445 |
| keywords[5].display_name | Management information systems |
| keywords[6].id | https://openalex.org/keywords/engineering |
| keywords[6].score | 0.15259197354316711 |
| keywords[6].display_name | Engineering |
| language | en |
| locations[0].id | doi:10.21681/2311-3456-2025-4-65-72 |
| locations[0].is_oa | True |
| locations[0].source.id | https://openalex.org/S4210234326 |
| locations[0].source.issn | 2311-3456 |
| locations[0].source.type | journal |
| locations[0].source.is_oa | False |
| locations[0].source.issn_l | 2311-3456 |
| locations[0].source.is_core | False |
| locations[0].source.is_in_doaj | False |
| locations[0].source.display_name | Voprosy kiberbezopasnosti |
| locations[0].source.host_organization | |
| locations[0].source.host_organization_name | |
| locations[0].license | |
| locations[0].pdf_url | https://doi.org/10.21681/2311-3456-2025-4-65-72 |
| locations[0].version | publishedVersion |
| locations[0].raw_type | journal-article |
| locations[0].license_id | |
| locations[0].is_accepted | True |
| locations[0].is_published | True |
| locations[0].raw_source_name | Voprosy kiberbezopasnosti |
| locations[0].landing_page_url | https://doi.org/10.21681/2311-3456-2025-4-65-72 |
| indexed_in | crossref |
| authorships[0].author.id | https://openalex.org/A5002910559 |
| authorships[0].author.orcid | https://orcid.org/0000-0002-1782-6584 |
| authorships[0].author.display_name | A. Kuznetsov |
| authorships[0].author_position | first |
| authorships[0].raw_author_name | Aleksandr V. Kuznetsov |
| authorships[0].is_corresponding | True |
| has_content.pdf | True |
| has_content.grobid_xml | True |
| is_paratext | False |
| open_access.is_oa | True |
| open_access.oa_url | https://doi.org/10.21681/2311-3456-2025-4-65-72 |
| open_access.oa_status | bronze |
| open_access.any_repository_has_fulltext | False |
| created_date | 2025-08-25T00:00:00 |
| display_name | THE METHODOLOGY OF INFORMATION SECURITY INCIDENTS RESPONSE WITHIN DISTRIBUTED AUTOMATED INFORMATION SYSTEMS |
| has_fulltext | False |
| is_retracted | False |
| updated_date | 2025-11-06T03:46:38.306776 |
| primary_topic.id | https://openalex.org/T14470 |
| primary_topic.field.id | https://openalex.org/fields/22 |
| primary_topic.field.display_name | Engineering |
| primary_topic.score | 0.9848999977111816 |
| primary_topic.domain.id | https://openalex.org/domains/3 |
| primary_topic.domain.display_name | Physical Sciences |
| primary_topic.subfield.id | https://openalex.org/subfields/2207 |
| primary_topic.subfield.display_name | Control and Systems Engineering |
| primary_topic.display_name | Advanced Data Processing Techniques |
| related_works | https://openalex.org/W2280699381, https://openalex.org/W4210648132, https://openalex.org/W1993328537, https://openalex.org/W1976808751, https://openalex.org/W2905702935, https://openalex.org/W3036795564, https://openalex.org/W4256082807, https://openalex.org/W4206153722, https://openalex.org/W2101394746, https://openalex.org/W1978187271 |
| cited_by_count | 0 |
| locations_count | 1 |
| best_oa_location.id | doi:10.21681/2311-3456-2025-4-65-72 |
| best_oa_location.is_oa | True |
| best_oa_location.source.id | https://openalex.org/S4210234326 |
| best_oa_location.source.issn | 2311-3456 |
| best_oa_location.source.type | journal |
| best_oa_location.source.is_oa | False |
| best_oa_location.source.issn_l | 2311-3456 |
| best_oa_location.source.is_core | False |
| best_oa_location.source.is_in_doaj | False |
| best_oa_location.source.display_name | Voprosy kiberbezopasnosti |
| best_oa_location.source.host_organization | |
| best_oa_location.source.host_organization_name | |
| best_oa_location.license | |
| best_oa_location.pdf_url | https://doi.org/10.21681/2311-3456-2025-4-65-72 |
| best_oa_location.version | publishedVersion |
| best_oa_location.raw_type | journal-article |
| best_oa_location.license_id | |
| best_oa_location.is_accepted | True |
| best_oa_location.is_published | True |
| best_oa_location.raw_source_name | Voprosy kiberbezopasnosti |
| best_oa_location.landing_page_url | https://doi.org/10.21681/2311-3456-2025-4-65-72 |
| primary_location.id | doi:10.21681/2311-3456-2025-4-65-72 |
| primary_location.is_oa | True |
| primary_location.source.id | https://openalex.org/S4210234326 |
| primary_location.source.issn | 2311-3456 |
| primary_location.source.type | journal |
| primary_location.source.is_oa | False |
| primary_location.source.issn_l | 2311-3456 |
| primary_location.source.is_core | False |
| primary_location.source.is_in_doaj | False |
| primary_location.source.display_name | Voprosy kiberbezopasnosti |
| primary_location.source.host_organization | |
| primary_location.source.host_organization_name | |
| primary_location.license | |
| primary_location.pdf_url | https://doi.org/10.21681/2311-3456-2025-4-65-72 |
| primary_location.version | publishedVersion |
| primary_location.raw_type | journal-article |
| primary_location.license_id | |
| primary_location.is_accepted | True |
| primary_location.is_published | True |
| primary_location.raw_source_name | Voprosy kiberbezopasnosti |
| primary_location.landing_page_url | https://doi.org/10.21681/2311-3456-2025-4-65-72 |
| publication_date | 2025-01-01 |
| publication_year | 2025 |
| referenced_works_count | 0 |
| abstract_inverted_index.a | 178, 221, 255, 304, 329 |
| abstract_inverted_index.1. | 65 |
| abstract_inverted_index.2. | 146 |
| abstract_inverted_index.an | 17, 121, 140, 182, 186, 266 |
| abstract_inverted_index.as | 60, 62, 277, 279 |
| abstract_inverted_index.at | 213, 244 |
| abstract_inverted_index.by | 16, 120, 265 |
| abstract_inverted_index.in | 30 |
| abstract_inverted_index.is | 211, 301, 348 |
| abstract_inverted_index.of | 1, 36, 41, 72, 89, 93, 111, 136, 139, 158, 176, 193, 227, 238, 247, 249, 295, 307, 316, 325, 353 |
| abstract_inverted_index.on | 99, 108, 223, 303, 342, 350 |
| abstract_inverted_index.to | 4, 9, 23, 52, 102, 127, 180, 184, 253, 258, 272, 283, 297, 328, 345, 362 |
| abstract_inverted_index.The | 66, 204, 292, 335 |
| abstract_inverted_index.and | 13, 39, 46, 57, 69, 91, 105, 117, 169, 190, 199, 219, 232, 262, 355 |
| abstract_inverted_index.are | 77, 106, 153 |
| abstract_inverted_index.for | 163, 229, 235, 357 |
| abstract_inverted_index.its | 230 |
| abstract_inverted_index.the | 2, 6, 11, 81, 87, 103, 109, 115, 134, 137, 150, 156, 160, 174, 191, 208, 215, 224, 239, 250, 260, 322, 346, 351 |
| abstract_inverted_index.also | 233 |
| abstract_inverted_index.data | 58, 168, 198, 308, 317, 326 |
| abstract_inverted_index.each | 245 |
| abstract_inverted_index.four | 313 |
| abstract_inverted_index.from | 312 |
| abstract_inverted_index.into | 85, 320 |
| abstract_inverted_index.make | 254 |
| abstract_inverted_index.need | 225 |
| abstract_inverted_index.take | 84 |
| abstract_inverted_index.team | 22, 126, 271 |
| abstract_inverted_index.that | 281, 360 |
| abstract_inverted_index.time | 12, 116, 261 |
| abstract_inverted_index.well | 61, 278 |
| abstract_inverted_index.were | 288, 367 |
| abstract_inverted_index.(data | 310 |
| abstract_inverted_index.(lack | 226 |
| abstract_inverted_index.Three | 147 |
| abstract_inverted_index.aimed | 212 |
| abstract_inverted_index.based | 107, 302, 349 |
| abstract_inverted_index.data, | 173 |
| abstract_inverted_index.data. | 203 |
| abstract_inverted_index.focus | 98 |
| abstract_inverted_index.i.e., | 132 |
| abstract_inverted_index.known | 82, 209 |
| abstract_inverted_index.model | 68, 294 |
| abstract_inverted_index.need) | 228 |
| abstract_inverted_index.ones, | 50, 83, 210 |
| abstract_inverted_index.spent | 15, 119, 264 |
| abstract_inverted_index.stage | 246 |
| abstract_inverted_index.team. | 145 |
| abstract_inverted_index.types | 315 |
| abstract_inverted_index.which | 113, 242 |
| abstract_inverted_index.action | 183 |
| abstract_inverted_index.active | 100, 343 |
| abstract_inverted_index.allows | 243 |
| abstract_inverted_index.effort | 14, 118, 263 |
| abstract_inverted_index.latter | 205 |
| abstract_inverted_index.making | 220 |
| abstract_inverted_index.method | 157, 175, 192 |
| abstract_inverted_index.reduce | 10 |
| abstract_inverted_index.study: | 3 |
| abstract_inverted_index.taking | 319 |
| abstract_inverted_index.unlike | 80, 207 |
| abstract_inverted_index.which, | 79 |
| abstract_inverted_index.within | 149 |
| abstract_inverted_index.Methods | 35 |
| abstract_inverted_index.Purpose | 0 |
| abstract_inverted_index.account | 86, 321 |
| abstract_inverted_index.action, | 241 |
| abstract_inverted_index.actions | 282, 361 |
| abstract_inverted_index.develop | 5 |
| abstract_inverted_index.focuses | 341 |
| abstract_inverted_index.mandate | 179 |
| abstract_inverted_index.method, | 206 |
| abstract_inverted_index.methods | 148 |
| abstract_inverted_index.perform | 181 |
| abstract_inverted_index.process | 306 |
| abstract_inverted_index.reduces | 114 |
| abstract_inverted_index.related | 51 |
| abstract_inverted_index.storing | 164 |
| abstract_inverted_index.system. | 334 |
| abstract_inverted_index.unified | 7, 70, 161 |
| abstract_inverted_index.activity | 138 |
| abstract_inverted_index.analysis | 38 |
| abstract_inverted_index.attacker | 104 |
| abstract_inverted_index.decision | 222 |
| abstract_inverted_index.existing | 42 |
| abstract_inverted_index.incident | 20, 55, 75, 124, 143, 172, 202, 218, 269, 338 |
| abstract_inverted_index.increase | 133 |
| abstract_inverted_index.localize | 24, 128, 185, 273, 284, 363 |
| abstract_inverted_index.novelty: | 291 |
| abstract_inverted_index.patented | 49 |
| abstract_inverted_index.positive | 256 |
| abstract_inverted_index.proposed | 151, 251 |
| abstract_inverted_index.provides | 234, 356 |
| abstract_inverted_index.publicly | 43 |
| abstract_inverted_index.reducing | 259 |
| abstract_inverted_index.relevant | 327 |
| abstract_inverted_index.response | 21, 56, 76, 125, 144, 270, 296, 339 |
| abstract_inverted_index.security | 19, 27, 54, 74, 123, 130, 142, 166, 171, 188, 196, 201, 217, 268, 275, 286, 299, 337, 365 |
| abstract_inverted_index.sources, | 318 |
| abstract_inverted_index.systems, | 97 |
| abstract_inverted_index.systems. | 34 |
| abstract_inverted_index.(contain) | 25 |
| abstract_inverted_index.advances, | 47 |
| abstract_inverted_index.analysis, | 59 |
| abstract_inverted_index.ascertain | 280 |
| abstract_inverted_index.attacker, | 347 |
| abstract_inverted_index.attribute | 323 |
| abstract_inverted_index.automated | 32, 95, 332 |
| abstract_inverted_index.available | 44 |
| abstract_inverted_index.different | 314 |
| abstract_inverted_index.incident, | 189 |
| abstract_inverted_index.incidents | 28, 287, 300, 366 |
| abstract_inverted_index.including | 48, 155 |
| abstract_inverted_index.mandatory | 236, 358 |
| abstract_inverted_index.materials | 45 |
| abstract_inverted_index.modeling. | 63 |
| abstract_inverted_index.occurring | 29 |
| abstract_inverted_index.pipeline) | 311 |
| abstract_inverted_index.principle | 110, 352 |
| abstract_inverted_index.proposed, | 78 |
| abstract_inverted_index.providing | 177 |
| abstract_inverted_index.research: | 37 |
| abstract_inverted_index.specifics | 88 |
| abstract_inverted_index.subsystem | 162 |
| abstract_inverted_index.synthesis | 40 |
| abstract_inverted_index.Result(s): | 64 |
| abstract_inverted_index.Scientific | 290 |
| abstract_inverted_index.conceptual | 67, 293 |
| abstract_inverted_index.confirming | 214 |
| abstract_inverted_index.continuous | 305 |
| abstract_inverted_index.efficiency | 135 |
| abstract_inverted_index.incidents, | 131, 276 |
| abstract_inverted_index.monitoring | 167, 197 |
| abstract_inverted_index.organizing | 159 |
| abstract_inverted_index.particular | 330 |
| abstract_inverted_index.processing | 194, 309 |
| abstract_inverted_index.composition | 324 |
| abstract_inverted_index.distributed | 31, 94, 331 |
| abstract_inverted_index.formulated, | 154 |
| abstract_inverted_index.information | 18, 26, 33, 53, 73, 96, 122, 129, 141, 165, 170, 187, 195, 200, 216, 267, 274, 285, 298, 333, 336, 364 |
| abstract_inverted_index.maintenance | 92 |
| abstract_inverted_index.methodology | 8, 71, 152, 252, 340 |
| abstract_inverted_index.construction | 90 |
| abstract_inverted_index.contribution | 257 |
| abstract_inverted_index.implemented. | 289, 368 |
| abstract_inverted_index.localization | 240 |
| abstract_inverted_index.verification | 237, 359 |
| abstract_inverted_index.counteraction | 101, 344 |
| abstract_inverted_index.localization, | 231 |
| abstract_inverted_index.implementation | 248 |
| abstract_inverted_index.data-centricity, | 112, 354 |
| cited_by_percentile_year | |
| corresponding_author_ids | https://openalex.org/A5002910559 |
| countries_distinct_count | 0 |
| institutions_distinct_count | 1 |
| citation_normalized_percentile.value | 0.46756408 |
| citation_normalized_percentile.is_in_top_1_percent | False |
| citation_normalized_percentile.is_in_top_10_percent | False |