{"title":"核设施内部网络攻击研究及内部网络取证的人工神经网络模型","authors":"Brandyn M. Campos, M. Alamaniotis","doi":"10.2298/ntrp2102128c","DOIUrl":null,"url":null,"abstract":"Deployment of digital technologies within a modern shift in cyber defense systems is essential for protecting the energy production units. One of the important components of defense is cyberforensics: once an attack has been detected to locate its origin. In this paper, a review of well-known cyberattacks in nuclear facilities is provided, with the lessons learned leading to the development of a machine learning approach implementing identification of internal at- tacks in the facility's data networks. Our approach may be seen as one of the layers in a defense-in-depth strategy that identifies if the attack comes from inside, which may result in identifying faster the attacker's origin. The presented model exploits network packet examination to cast accurate predictions on detailing the origin of malicious network connections. The approach fuses multiple mathematical functions within an artificial neural network to provide a response in the form of 0/1, i. e., whether the attack is identified as internal or not. The utilization of a variety of test cases is developed to explore the relevance and validity of the predictive approach. The proposed implementation is examined with network data packet variance, and the results obtained exhibit a highly accurate detection rate.","PeriodicalId":49734,"journal":{"name":"Nuclear Technology & Radiation Protection","volume":"1 1","pages":""},"PeriodicalIF":0.9000,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Review of internal cyber attacks in nuclear facilities and an artificial neural network model for implementing internal cyberforensics\",\"authors\":\"Brandyn M. Campos, M. Alamaniotis\",\"doi\":\"10.2298/ntrp2102128c\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Deployment of digital technologies within a modern shift in cyber defense systems is essential for protecting the energy production units. One of the important components of defense is cyberforensics: once an attack has been detected to locate its origin. In this paper, a review of well-known cyberattacks in nuclear facilities is provided, with the lessons learned leading to the development of a machine learning approach implementing identification of internal at- tacks in the facility's data networks. Our approach may be seen as one of the layers in a defense-in-depth strategy that identifies if the attack comes from inside, which may result in identifying faster the attacker's origin. The presented model exploits network packet examination to cast accurate predictions on detailing the origin of malicious network connections. The approach fuses multiple mathematical functions within an artificial neural network to provide a response in the form of 0/1, i. e., whether the attack is identified as internal or not. The utilization of a variety of test cases is developed to explore the relevance and validity of the predictive approach. The proposed implementation is examined with network data packet variance, and the results obtained exhibit a highly accurate detection rate.\",\"PeriodicalId\":49734,\"journal\":{\"name\":\"Nuclear Technology & Radiation Protection\",\"volume\":\"1 1\",\"pages\":\"\"},\"PeriodicalIF\":0.9000,\"publicationDate\":\"2021-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Nuclear Technology & Radiation Protection\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://doi.org/10.2298/ntrp2102128c\",\"RegionNum\":4,\"RegionCategory\":\"工程技术\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"NUCLEAR SCIENCE & TECHNOLOGY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Nuclear Technology & Radiation Protection","FirstCategoryId":"5","ListUrlMain":"https://doi.org/10.2298/ntrp2102128c","RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"NUCLEAR SCIENCE & TECHNOLOGY","Score":null,"Total":0}
Review of internal cyber attacks in nuclear facilities and an artificial neural network model for implementing internal cyberforensics
Deployment of digital technologies within a modern shift in cyber defense systems is essential for protecting the energy production units. One of the important components of defense is cyberforensics: once an attack has been detected to locate its origin. In this paper, a review of well-known cyberattacks in nuclear facilities is provided, with the lessons learned leading to the development of a machine learning approach implementing identification of internal at- tacks in the facility's data networks. Our approach may be seen as one of the layers in a defense-in-depth strategy that identifies if the attack comes from inside, which may result in identifying faster the attacker's origin. The presented model exploits network packet examination to cast accurate predictions on detailing the origin of malicious network connections. The approach fuses multiple mathematical functions within an artificial neural network to provide a response in the form of 0/1, i. e., whether the attack is identified as internal or not. The utilization of a variety of test cases is developed to explore the relevance and validity of the predictive approach. The proposed implementation is examined with network data packet variance, and the results obtained exhibit a highly accurate detection rate.
期刊介绍:
Nuclear Technology & Radiation Protection is an international scientific journal covering the wide range of disciplines involved in nuclear science and technology as well as in the field of radiation protection. The journal is open for scientific papers, short papers, review articles, and technical papers dealing with nuclear power, research reactors, accelerators, nuclear materials, waste management, radiation measurements, and environmental problems. However, basic reactor physics and design, particle and radiation transport theory, and development of numerical methods and codes will also be important aspects of the editorial policy.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
