METHOD OF DETERMINING ACTUAL THREATS TO INFORMATION SECURITY OF INFORMATION INFRASTRUCTURE OBJECTS Russian patent published in 2025 - IPC G06F21/57 G06N3/02 

FIELD: computer engineering.

SUBSTANCE: said result is achieved by obtaining a list of known vulnerabilities and threats; creating artificial neural networks (ANN); obtaining a set of training samples of ANN vulnerabilities; training ANN; obtaining a list of detected vulnerabilities; signals of detected vulnerabilities are supplied to ANN inputs and probability of corresponding threat realization is obtained at the output; forming a database of signs of using information technologies; obtaining a list of known threats; creating an ANN to determine the possibility of implementing threats; obtaining a set of training samples of signs of using groups of information technologies for ANN; training ANN; obtaining a list of information technology groups; signs of each group of information technologies are supplied to the input of the ANN and the probability of the implementation of the corresponding threat is obtained at the output; generating a list of potential threats ranked by probability of implementation; forming a list of actual threats to the information infrastructure object, rejecting all threats, the implementation of which requires an intruder potential higher than a given one.

EFFECT: enabling identification of actual threats to information security of information infrastructure objects.

1 cl, 3 dwg