Development of a Framework for Describing Security Incidents

Abstract

Nowadays, the topic of security incidents is in high demand, where digital technologies play a key role in many aspects of our lives. Security incidents can lead to serious consequences, such as leakage of confidential information, disruption of services and systems, as well as financial losses. In this regard, this study developed a framework for describing security incidents. During the development process, we analyzed data on alerting, analysis, and classification of attacks and from the state machine based on our own testing. Based on this analysis, incident detection rules were developed. The result obtained will allow you to describe security incidents in an effective and structured manner, facilitating the process of their analysis and response.