Tyshchenko Svitlana, PhD (Pedagogy), Head of the Department of Economic Cybernetics, Computer Sciences and Information Technologies, Mykolayiv National Agrarian University, Mykolayiv, Ukraine

ORCID ID: 0000-0001-7881-8740
e-mail: tyschenko@mnau.edu.ua

Parkhomenko Oleksandr, PhD (Physics and Mathematics), Associate Professor of the Department of Economic Cybernetics, Computer Sciences and Information Technologies, Mykolayiv National Agrarian University, Mykolayiv, Ukraine

ORCID ID: 0000-0002-7940-7414
e-mail: parkhomenko@mnau.edu.ua

Darmosyuk Valentina, PhD (Physics and Mathematics), Associate Professor of the Department of Higher and Applied Mathematics, Mykolaiv National Agrarian University, Mykolaiv, Ukraine.

ORCID ID: 0000-0003-3275-8249
e-mail: darmosiuk@mnau.edu.ua

Modelling and Analysis of Cyberattack Risks on Financial Institutions Using Mathematical Statistics and Python Methods

Abstract. Introduction. This article explores the use of mathematical statistical methods and Python tools to model and analyze the cyberattack risks faced by financial institutions. The growing scale and complexity of cybersecurity threats underscores the vulnerability of these institutions, making them prime targets for cybercriminals. Traditional risk assessment methods often fail to adapt to the evolving nature of these threats, requiring new approaches such as automated analysis and predictive modeling.

Purpose. The purpose of this research is to demonstrate the applicability of mathematical statistics and the Python language to analyze cyber risks, identify key risk factors, and predict attacks.

Results. The study demonstrates how mathematical statistics and Python can identify key risk factors and predict potential attacks. A Python-based module was developed that integrates data preprocessing, correlation analysis, and machine learning modeling to improve the accuracy of threat detection. Several predictive models, including logistic regression, random forest, and gradient boosting, were evaluated on datasets such as NSL-KDD and found to be highly accurate in identifying cyber threats. The results highlight the potential of Python as a powerful tool for automated monitoring and proactive risk management in financial institutions. The proposed methods contribute to the rapid detection of suspicious activity, which improves overall cybersecurity measures. Future research directions include the integration of deep learning methods to analyze complex attack patterns and to adapt models to new cyber threats. The importance of mathematical statistics in understanding cyber risks is emphasized, as it helps to predict incidents and assess their consequences. With the increasing digitization of financial services, organizations should prioritize a robust cybersecurity framework. By using Python and statistical methods, financial institutions can develop effective strategies to mitigate risk and ensure the security of sensitive data.

Conclusions. The results obtained highlight the potential of Python as a powerful tool for analysing cyber risks in financial institutions. An approach is proposed that enables automated monitoring, faster detection of suspicious activity, and risk management. Future research should focus on integrating deep learning to analyse complex attack patterns, adapting models to new cyber threats, and expanding data sources to improve predictions.

Keywords cyberattacks; financial institutions; mathematical statistics; Python; machine learning; risk analysis; correlation analysis; modeling; cybersecurity; forecasting.

References:

1. Chainalysis. (2024, July 18). 2024 Crypto Crime Mid-Year Update: Part 1. Chainalysis Blog. https://www.chainalysis.com/blog/2024-crypto-crime-mid-year-update-part-1.
2. Metcalf, L., & Casey, W. (2016). Cybersecurity and applied mathematics. Elsevier. 190 p. https://doi.org/10.1016/c2015-0-01807-x..
3. Sanni, M. L., Akinyemi, B. O., Olalere, D. A., Olajubu, E. A., & Aderounmu, G. A. (2023). A Predictive Cyber Threat Model for Mobile Money Services. Annals of Emerging Technologies in Computing, 7(1), 40–60. https://doi.org/10.33166/aetic.2023.01.004.
4. Ieracitano, C., Vinci, A., Adeel, A., Morabito, F. C., & Hussain, A. (2018). Statistical analysis driven optimized deep learning system for intrusion detection. In Advances in Brain Inspired Cognitive Systems (pp. 759–769). Cham: Springer. https://doi.org/10.1007/978-3-030-00563-4_74.
5. Zimba, A. (2021). A Bayesian Attack-Network Modeling Approach to Mitigating Malware-Based Banking Cyberattacks. International Journal of Computer Network and Information Security, 14(1), 25–39. https://doi.org/10.5815/ijcnis.2022.01.03.
6. Giudici, P., & Raffinetti, E. (2021). Explainable AI methods in cyber risk management. Quality and Reliability Engineering International, 38(3), 1318–1326. https://doi.org/10.1002/qre.2939.
7. Alegria, A. V., Loayza, J. L. M., Montoya, A. N., & Armas-Aguirre, J. (2022). Method of Quantitative Analysis of Cybersecurity Risks Focused on Data Security in Financial Institutions. 2022 17th Iberian Conference on Information Systems and Technologies (CISTI). IEEE. https://doi.org/10.23919/cisti54924.2022.9820198. 
8. Tyshchenko, S., & Parkhomenko, O. (2024). Analysis of the Impact of Digital Threats on Financial Markets Using Methods of Probability Theory and Python. Modern Economics, 43(1), 118–124. https://doi.org/10.31521/modecon.v43(2024)-16. 
9. Tyshchenko, S., Parkhomenko, O., & Hilko, I. (2024). Modeling the Impact Of Digital Threats on Financial Markets Using Time Series Analysis and Anomaly Detection Using Python. Modern Economics, 44, 205–212. https://doi.org/10.31521/modecon.v44(2024)-30. 
10. IT Specialist. (2024, June 10). Trends in the Development of Phishing and Countermeasures. https://my-itspecialist.com/trends-in-phishing-development-and-countermeasures.
11. CyberSecureFox. (2024, November 15). Sharp Increase in Phishing Attacks on the Financial Sector: New Cybersecurity Challenges in 2024. https://cybersecurefox.com/uk/zrostannya-fishingovyh-atak-finansovyi-sektor-2024/
12. SlashNext. (2024). The State of Phishing 2023. Pleasanton, CA: SlashNext Security Products. https://slashnext.com/wp-content/uploads/2023/10/SlashNext-The-State-of-Phishing-Report-2023.pdf
13. 10Guards.  (2024, September 23). Surge in DDoS Attacks by 46% in the First Half of 2024. Cybersecurity Services (Advisory/Ethical Hacking). https://10guards.com/ua/blog/2024/09/23/surge-in-ddos-attacks-gcore-report-reveals-46-increase-in-first-half-of-2024.
14. GitHub. (2015). Jehuty4949. NSL-KDD Dataset. https://github.com/Jehuty4949/NSL_KDD.