<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="ru"><front><journal-meta><journal-id journal-id-type="publisher-id">ellibs</journal-id><journal-title-group><journal-title xml:lang="ru">Электронные библиотеки</journal-title><trans-title-group xml:lang="en"><trans-title>Russian Digital Libraries Journal</trans-title></trans-title-group></journal-title-group><issn pub-type="epub">1562-5419</issn><publisher><publisher-name>Казанский (Приволжский) федеральный университет</publisher-name></publisher></journal-meta><article-meta><article-id custom-type="elpub" pub-id-type="custom">ellibs-714</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>Статьи</subject></subj-group></article-categories><title-group><article-title>Исследование алгоритмов обработки, детекции и защиты данных с целью минимизации воздействия вредоносного по и фишинговых атак на пользователей цифровых платформ</article-title><trans-title-group xml:lang="en"><trans-title>Research of Data Processing, Detection and Protection Algorithms to Minimize the Impact of Malware and Phishing Attacks on Users of Digital Platforms</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Волокитина</surname><given-names>Татьяна Сергеевна</given-names></name><name name-style="western" xml:lang="en"><surname>Volokitina</surname><given-names>Tatiana Sergeevna</given-names></name></name-alternatives><email xlink:type="simple">tativolokitina@gmail.com</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Таныгин</surname><given-names>Максим Олегович</given-names></name><name name-style="western" xml:lang="en"><surname>Tanygin</surname><given-names>Maxim Olegovich</given-names></name></name-alternatives><email xlink:type="simple">tanygin@yandex.ru</email><xref ref-type="aff" rid="aff-1"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru"><institution>Юго-Западный государственный университет</institution></aff><aff xml:lang="en"><institution>Southwest State University</institution></aff></aff-alternatives><pub-date pub-type="collection"><year>2026</year></pub-date><pub-date pub-type="epub"><day>04</day><month>03</month><year>2026</year></pub-date><volume>29</volume><issue>1</issue><fpage>187</fpage><lpage>206</lpage><permissions><copyright-statement>Copyright &amp;#x00A9; Волокитина Т.С., Таныгин М.О., 2026</copyright-statement><copyright-year>2026</copyright-year><copyright-holder xml:lang="ru">Волокитина Т.С., Таныгин М.О.</copyright-holder><copyright-holder xml:lang="en">Volokitina T.S., Tanygin M.O.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://ellibs.elpub.ru/jour/article/view/714">https://ellibs.elpub.ru/jour/article/view/714</self-uri><abstract><p>Статья посвящена разработке научно-методического аппарата повышения эффективности защиты цифровых платформ от киберугроз путем создания алгоритмов обработки и детекции с учетом когнитивных особенностей пользователей. Предложена концептуальная модель трехэтапной системы защиты, интегрирующая технические механизмы безопасности с когнитивными моделями принятия решений. Разработан алгоритм эвристической детекции на основе машинного обучения Random Forest с анализом 47 признаков, включающих технические характеристики URL и когнитивно-семантические характеристики контента. Создана методика динамической интеграции четырех источников данных об угрозах, сокращающая время реагирования с 12–14 ч. до 2 ч. Предложен алгоритм рекурсивного анализа цепочек перенаправлений глубиной до десяти уровней для обнаружения замаскированных угроз. Экспериментальная валидация на эмпирической базе объемом около миллиона записей подтвердила точность детекции 87% при обработке ста тысяч записей в час. Разработанные решения обеспечивают соответствие требованиям ГОСТ Р 57580.1–2017 и российского законодательства в области защиты персональных данных.
</p></abstract><trans-abstract xml:lang="en"><p>The article is devoted to the development of a scientific and methodological apparatus for improving the effectiveness of protecting digital platforms from cyber threats by creating processing and detection algorithms that take into account the cognitive characteristics of users. A conceptual model of a three-stage protection system is proposed, integrating technical security mechanisms with cognitive decision-making models. A heuristic detection algorithm based on Random Forest machine learning with analysis of 47 features, including technical URL characteristics and cognitive-semantic content characteristics, has been developed. A methodology for dynamic integration of four threat data sources has been created, reducing response time from 12–14 hours to two hours. An algorithm for recursive analysis of redirection chains up to ten levels deep to detect masked threats is proposed. Experimental validation on an empirical base of approximately one million records confirmed detection accuracy of 87% when processing one hundred thousand records per hour. The developed solutions ensure compliance with the requirements of GOST R 57580.1-2017 and Russian legislation in the field of personal data protection.
</p></trans-abstract><kwd-group xml:lang="ru"><kwd>эвристическая детекция угроз</kwd><kwd>машинное обучение</kwd><kwd>когнитивная безопасность</kwd><kwd>фишинговые атаки</kwd><kwd>социальная инженерия</kwd><kwd>защита данных</kwd><kwd>интеграция источников угроз</kwd></kwd-group><kwd-group xml:lang="en"><kwd>heuristic threat detection</kwd><kwd>machine learning</kwd><kwd>cognitive security</kwd><kwd>phishing attacks</kwd><kwd>social engineering</kwd><kwd>data protection</kwd><kwd>threat source integration</kwd></kwd-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">Seliverstov V.V., Korchagin S.A. Analysis of the relevance and state of modern phishing attacks on critical information infrastructure objects // Engineering Bulletin of the Don. 2024. No. 6 (114). P. 17.</mixed-citation><mixed-citation xml:lang="en">Seliverstov V.V., Korchagin S.A. Analysis of the relevance and state of modern phishing attacks on critical information infrastructure objects // Engineering Bulletin of the Don. 2024. No. 6 (114). P. 17.</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">Group-IB. Report on cyber threats in Russia for 2023: analysis of trends and forecasts. Moscow: Group-IB, 2024. 89 p.</mixed-citation><mixed-citation xml:lang="en">Group-IB. Report on cyber threats in Russia for 2023: analysis of trends and forecasts. Moscow: Group-IB, 2024. 89 p.</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">Kaspersky Lab. Development of cyber threats in 2023: statistics and analytics of information security incidents. Moscow: Kaspersky Laboratory, 2024. 156 p.</mixed-citation><mixed-citation xml:lang="en">Kaspersky Lab. Development of cyber threats in 2023: statistics and analytics of information security incidents. Moscow: Kaspersky Laboratory, 2024. 156 p.</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">Russkikh E.I. Past, present and future of phishing attacks // BBK 1 N 34. P. 6015.</mixed-citation><mixed-citation xml:lang="en">Russkikh E.I. Past, present and future of phishing attacks // BBK 1 N 34. P. 6015.</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">Nazarov A.K. Some modern means of protection against cyber threats // Editorial and publishing council of the Krasnodar University of the Ministry of Internal Affairs of Russia. P. 76.</mixed-citation><mixed-citation xml:lang="en">Nazarov A.K. Some modern means of protection against cyber threats // Editorial and publishing council of the Krasnodar University of the Ministry of Internal Affairs of Russia. P. 76.</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">Bryukhanov V.A., Gryzunov V.V., Shestakov A.V. Identification of information security problems by the method of systematic literature review. 2024.</mixed-citation><mixed-citation xml:lang="en">Bryukhanov V.A., Gryzunov V.V., Shestakov A.V. Identification of information security problems by the method of systematic literature review. 2024.</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">Tokolov A.V. Social engineering in information security issues // Criminological Journal. 2024. No. 4. P. 175–182.</mixed-citation><mixed-citation xml:lang="en">Tokolov A.V. Social engineering in information security issues // Criminological Journal. 2024. No. 4. P. 175–182.</mixed-citation></citation-alternatives></ref><ref id="cit8"><label>8</label><citation-alternatives><mixed-citation xml:lang="ru">Gorbunova E.A., Saykinov V.E. Russian Federation The problem of phishing in the use of information systems based on cloud technologies // I74 Information Society: current state and development prospects: collection of materials of the XI international student forum. Krasnodar: KubSAU, 2018. P. 103.</mixed-citation><mixed-citation xml:lang="en">Gorbunova E.A., Saykinov V.E. Russian Federation The problem of phishing in the use of information systems based on cloud technologies // I74 Information Society: current state and development prospects: collection of materials of the XI international student forum. Krasnodar: KubSAU, 2018. P. 103.</mixed-citation></citation-alternatives></ref><ref id="cit9"><label>9</label><citation-alternatives><mixed-citation xml:lang="ru">Sergeev A.Yu., Shirokova O.V. Fraud in digital society under conditions of social change // Digital Sociology. 2023. Vol. 6, No. 1. P. 59–71.</mixed-citation><mixed-citation xml:lang="en">Sergeev A.Yu., Shirokova O.V. Fraud in digital society under conditions of social change // Digital Sociology. 2023. Vol. 6, No. 1. P. 59–71.</mixed-citation></citation-alternatives></ref><ref id="cit10"><label>10</label><citation-alternatives><mixed-citation xml:lang="ru">Mrochko V.L., Roschina T.M., Tarasov M.D. Ensuring security on the Internet: psychological and pedagogical aspects // Economic and socio-humanitarian research. 2024. No. 3 (43). P. 196–204.</mixed-citation><mixed-citation xml:lang="en">Mrochko V.L., Roschina T.M., Tarasov M.D. Ensuring security on the Internet: psychological and pedagogical aspects // Economic and socio-humanitarian research. 2024. No. 3 (43). P. 196–204.</mixed-citation></citation-alternatives></ref><ref id="cit11"><label>11</label><citation-alternatives><mixed-citation xml:lang="ru">Serik A.S. Legal foundations for preventing cybercrime: state and development prospects. 2022.</mixed-citation><mixed-citation xml:lang="en">Serik A.S. Legal foundations for preventing cybercrime: state and development prospects. 2022.</mixed-citation></citation-alternatives></ref><ref id="cit12"><label>12</label><citation-alternatives><mixed-citation xml:lang="ru">Shvetsova E.E. Types of fraud in the field of remote banking and methods of combating them // Collection of materials of the All-Russian scientific conference of young researchers with international participation INTEX-2024. 2024. P. 269–272.</mixed-citation><mixed-citation xml:lang="en">Shvetsova E.E. Types of fraud in the field of remote banking and methods of combating them // Collection of materials of the All-Russian scientific conference of young researchers with international participation INTEX-2024. 2024. P. 269–272.</mixed-citation></citation-alternatives></ref><ref id="cit13"><label>13</label><citation-alternatives><mixed-citation xml:lang="ru">Uvarov A.A. Information security of Russian citizens: current state // Lex russica. 2024. Vol. 77, No. 1 (206). P. 133–143.</mixed-citation><mixed-citation xml:lang="en">Uvarov A.A. Information security of Russian citizens: current state // Lex russica. 2024. Vol. 77, No. 1 (206). P. 133–143.</mixed-citation></citation-alternatives></ref><ref id="cit14"><label>14</label><citation-alternatives><mixed-citation xml:lang="ru">Kharisova Z.I. Genesis of crime in the field of computer information and its determinants // Society, law, statehood: retrospective and perspective. 2025. No. 1 (21). P. 57–65.</mixed-citation><mixed-citation xml:lang="en">Kharisova Z.I. Genesis of crime in the field of computer information and its determinants // Society, law, statehood: retrospective and perspective. 2025. No. 1 (21). P. 57–65.</mixed-citation></citation-alternatives></ref><ref id="cit15"><label>15</label><citation-alternatives><mixed-citation xml:lang="ru">Bityukova A.F. Directions for the development of banking electronic services and methods of ensuring their security. 2019.</mixed-citation><mixed-citation xml:lang="en">Bityukova A.F. Directions for the development of banking electronic services and methods of ensuring their security. 2019.</mixed-citation></citation-alternatives></ref><ref id="cit16"><label>16</label><citation-alternatives><mixed-citation xml:lang="ru">GOST R 57580.1-2017. Security of financial (banking) operations. Requirements for the organization and conduct of security work. Moscow: Standartinform, 2017. 26 p.</mixed-citation><mixed-citation xml:lang="en">GOST R 57580.1-2017. Security of financial (banking) operations. Requirements for the organization and conduct of security work. Moscow: Standartinform, 2017. 26 p.</mixed-citation></citation-alternatives></ref><ref id="cit17"><label>17</label><citation-alternatives><mixed-citation xml:lang="ru">Federal Law No. 152-FZ of July 27, 2006 "On Personal Data" (as amended on July 14, 2022). Access from the reference legal system "ConsultantPlus".</mixed-citation><mixed-citation xml:lang="en">Federal Law No. 152-FZ of July 27, 2006 "On Personal Data" (as amended on July 14, 2022). Access from the reference legal system "ConsultantPlus".</mixed-citation></citation-alternatives></ref><ref id="cit18"><label>18</label><citation-alternatives><mixed-citation xml:lang="ru">Federal Law No. 149-FZ of July 27, 2006 "On Information, Information Technologies and Information Protection" (as amended on July 14, 2022). Access from the reference legal system "ConsultantPlus".</mixed-citation><mixed-citation xml:lang="en">Federal Law No. 149-FZ of July 27, 2006 "On Information, Information Technologies and Information Protection" (as amended on July 14, 2022). Access from the reference legal system "ConsultantPlus".</mixed-citation></citation-alternatives></ref><ref id="cit19"><label>19</label><citation-alternatives><mixed-citation xml:lang="ru">Sheng S., Holbrook M., Kumaraguru P., Cranor L.F., Downs J. Who falls for phish? A demographic analysis of phishing susceptibility and effectiveness of interventions // Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. Atlanta, GA, USA, 2010. P. 373–382. https://doi.org/10.1145/1753326.1753383</mixed-citation><mixed-citation xml:lang="en">Sheng S., Holbrook M., Kumaraguru P., Cranor L.F., Downs J. Who falls for phish? A demographic analysis of phishing susceptibility and effectiveness of interventions // Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. Atlanta, GA, USA, 2010. P. 373–382. https://doi.org/10.1145/1753326.1753383</mixed-citation></citation-alternatives></ref><ref id="cit20"><label>20</label><citation-alternatives><mixed-citation xml:lang="ru">Guarino N. Formal ontology, conceptual analysis and knowledge representation // Int. J. of Human Computer Studies. 1995. Vol. 43 (5/6). P. 625–640.</mixed-citation><mixed-citation xml:lang="en">Guarino N. Formal ontology, conceptual analysis and knowledge representation // Int. J. of Human Computer Studies. 1995. Vol. 43 (5/6). P. 625–640.</mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
