ABSTRACT. The globalization of information exchange and the widespread introduction of information technologies in all spheres of society's life created the problem of protecting information processed in information systems from challenges and threats in the cybernetic space. The presence of important information in the functioning of the systems and objects of critical national infrastructures enables its usage by the negatively-minded elements and groupings for the implementation of unlawful actions in the cyber space by violating the integrity, availability and confidentiality of information, and inflicting damage on information resources and information systems. In this case, the possibility of using information technologies in the cybernetic space in the interests of carrying out military-political and power confrontation, terrorism and hacking cyber attacks is of a particular concern. The purpose of the article is to develop a system for recognizing cyber threats based on signature analysis, which would reduce the time of detection of an attack of a cyber defense system while the number and complexity of cyber attacks are increasing