In particular, the results of our analysis indicate that with the accumulation of large data sets (properties, conditions, influencing factors, consequences) it will be possible immediately obtain more accurate results about possible security events and thus reduce the amount of spent working time by at least 50%, taking into account costs time to eliminate the consequences of erroneous information security decisions that are of a subjective nature. The security administrator will reduce the time spent on risk analysis and prioritization, and will be able to start processing them almost immediately, which will increase the effectiveness of existing information protection mechanisms.
According to the tasks, a model of a comprehensive phishing prevention system has been developed, which consists of a Telegram bot, a mobile application, a website, a browser extension, a shared database, and a DNS server.
In this structure, the data collection processes are improved by increasing the number of participants in their formation. Data processing becomes faster due to automation, and data exchange is characterized by the standardization of the source. The system can also be used for the early detection of mass mailings. Such detection is based on estimating the number of transitions from one network to one link in a unit of time.
The use of the system data will contribute to the safety of users and increase the effectiveness of CERT-UA, the Cyber Police, the National Bank of Ukraine, and the National Cybersecurity Coordination Center in the process of their operational interaction.
The prospects for further research include the integration of artificial intelligence methods (BERT model) into the developed neural network infrastructure to improve the algorithms for identifying malicious resources. The development of the infrastructure also involves creating an API and its further use in messaging services (messengers, web resources with messaging function).
Key words: cyber security, phishing, cyber risk.
