INFORMATION SYSTEM FOR THE COLLECTION AND ANALYSIS OF DATA ON HACKER GROUP ACTIVITIES

Authors

  • Artem Mykytiuk Institute of Special Communications and Information Protection National Technical University of Ukraine“Igor Sikorsky Kyiv Polytechnic Institute” https://orcid.org/0000-0002-8307-9978
  • Ivan Horniichuk Institute of Special Communications and Information Protection National Technical University of Ukraine“Igor Sikorsky Kyiv Polytechnic Institute” https://orcid.org/0000-0001-6754-4764
  • Viktoriia Polishchuk Institute of Special Communications and Information Protection National Technical University of Ukraine“Igor Sikorsky Kyiv Polytechnic Institute” https://orcid.org/0009-0003-4596-1219
  • Oleksandra Bychkovska Institute of Special Communications and Information Protection National Technical University of Ukraine“Igor Sikorsky Kyiv Polytechnic Institute” https://orcid.org/0009-0004-2896-0545

DOI:

https://doi.org/10.28925/2663-4023.2025.29.893

Keywords:

information system, cybersecurity, hacker groups, knowledge base, data filtering, cyber threat analysis

Abstract

The modern world’s growing dependence on information systems and technologies requires robust protection against cyberattacks. This has become particularly relevant amid the increasing activity of hacker groups. Attacks targeting state and private organizations encompass not only critical infrastructure but also the theft of confidential information, financial fraud, and destabilizing actions in cyberspace. In particular, hacker groups, using the latest techniques, tools, and software, pose a significant threat to the information security of individual organizations and entire states. They operate covertly, adapt quickly to new conditions, and have a high level of coordination, which complicates the detection and mitigation of their activities. This necessitates focused monitoring, continuous analysis of their activities, as well as the systematization and accumulation of the information obtained to create a unified knowledge base about their operations. Such groups often operate at an international level, affecting stability and security in various regions of the world, particularly in Ukraine. This article addresses the absence of a comprehensive tool for collecting, structuring, and analyzing data on hacker groups. This tool would enable filtering by group type, geography of activity, time periods of activity, as well as the techniques and tools used. Special attention is paid to the development of an information system that not only stores and analyzes information about the activities of hacker groups but also allows specialists to adapt data to local needs. The implementation of such a system requires the use of modern approaches to data collection, normalization, and analysis. Given the dynamic changes in cyberspace, the effective processing of information about attack operations requires the implementation of algorithms for filtering, clustering, and statistical analysis, which allows for the automated identification of trends in the use of attack techniques. A distinctive feature of this system is its adaptation to the Ukrainian context, considering the specifics of the local cyberspace, linguistic features, typical attack scenarios, and national security priorities. This, in turn, contributes to increasing the effectiveness of the analytical work of Ukrainian specialists, strengthening cyber defense, and developing a resilient model for responding to cyber threats.

Downloads

Download data is not yet available.

References

Operational Center for Response to Cyber Incidents of the State Center for Cyber Defense of the SSSCIP. (2023). Report on the work of the Vulnerability Detection and Response to Cyber Incidents and Cyberattacks System for 2023. https://scpc.gov.ua/api/files/9c21855d-74da-45d1-90f9-5d4f6795996a

Operational Center for Response to Cyber Incidents of the State Center for Cyber Defense of the SSSCIP. (2024). Report on the work of the Vulnerability Detection and Response to Cyber Incidents and Cyberattacks System for 2024. https://scpc.gov.ua/api/files/72e13298-4d02-40bf-b436-46d927c88006

National Security and Defense Council of Ukraine. (2024). Annual analytical review: Key events, trends, and challenges in cybersecurity in 2024. https://www.rnbo.gov.ua/files/2024/NATIONAL_CYBER_SCC/20250109/Year%20in%20review_UKR_upd.pdf

Bernaldo, M. (2024, March 21). The 15 most common hacking techniques. Ciberseguridad y servicios informáticos (soluciones IT) | ESED. https://www.esedsl.com/en/blog/the-15-most-common-hacking-techniques

HackerOne. (n.d.). What is hacking? https://www.hackerone.com/knowledge-center/what-hacking-black-hat-white-hat-blue-hat-and-more

Hackr.io. (n.d.). The best ethical hacking tools in 2025 | Full guide. https://hackr.io/blog/best-hacking-tools

State Service for Special Communications and Information Protection of Ukraine. (n.d.). EU Directive NIS2: What is it, for what needs was it developed and why is Ukraine implementing it. https://cip.gov.ua/ua/news/direktiva-yes-nis2-sho-ce-take-dlya-yakikh-potreb-rozroblena-ta-dlya-chogo-ukrayina-yiyi-implementuye

National Security and Defense Council of Ukraine. (2024). Cyber digest: Overview of events in the field of cybersecurity, April 2024. https://www.rnbo.gov.ua/files/НКЦК/Cyber%20digest_Apr_2024_UA.pdf

MITRE. (n.d.). MITRE ATT&CK®. https://attack.mitre.org/

MITRE. (n.d.). CAPEC - Common Attack Pattern Enumeration and Classification (CAPEC™). https://capec.mitre.org

MITRE. (n.d.). CWE - Common Weakness Enumeration. https://cwe.mitre.org

National Institute of Standards and Technology. (n.d.). NVD - General. https://nvd.nist.gov/general

MITRE. (n.d.). CVE - CVE. https://cve.mitre.org

Recorded Future. (n.d.). Advanced cyber threat intelligence. https://www.recordedfuture.com

Cynet. (n.d.). Quick guide to MITRE ATT&CK: Matrices, tactics, techniques & more. https://www.cynet.com/network-attacks/quick-guide-to-mitre-attck-matrices-tactics-techniques-more/#heading-1

MITRE. (n.d.). Techniques - Enterprise | MITRE ATT&CK®. https://attack.mitre.org/techniques/enterprise

Polishchuk, V., Puchkov, O., Subach, I., Mykytiuk, A., & Onishchenko, V. (2024). Certificate of registration of copyright for the work: Computer program “Information system for recording data on hacker groups ‘ISHG’” (Copyright certificate No. 129603). Ukrainian National Office of Intellectual Property and Innovation.

Polishchuk, V., Puchkov, O., Subach, I., Mykytiuk, A., & Onishchenko, V. (2025). Certificate of registration of copyright for the work: Computer program “Analytical subsystem of the information system for accounting data on hacker groups ‘AIS’” (Copyright certificate No. 136635). Ukrainian National Office of Intellectual Property and Innovation.

Codecademy. (n.d.). MVC architecture explained: Model, View, Controller. https://www.codecademy.com/article/mvc

Polishchuk, V. R., & Mykytiuk, A. V. (2024). Information system for recording data on hacker groups. In VII scientific and practical conference of cadets (students), postgraduates, doctoral candidates and young scientists "Current issues of the application of special information and communication systems" (pp. 412–413). Igor Sikorsky Kyiv Polytechnic Institute.

CODE Magazine. (n.d.). Dependency injection and service container in Laravel. https://www.codemag.com/Article/2212041/Dependency-Injection-and-Service-Container-in-Laravel

Downloads


Abstract views: 16

Published

2025-09-26

How to Cite

Mykytiuk, A., Horniichuk, I., Polishchuk , V., & Bychkovska, O. (2025). INFORMATION SYSTEM FOR THE COLLECTION AND ANALYSIS OF DATA ON HACKER GROUP ACTIVITIES. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 1(29), 508–524. https://doi.org/10.28925/2663-4023.2025.29.893

Issue

Vol. 1 No. 29 (2025): Cybersecurity: Education, Science, Technique

Section

Articles

License

Copyright (c) 2025 Артем Микитюк, Іван Горнійчук, Вікторія Поліщук, Олександра Бичковська

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.