Review of internal cyber at tacks in nuclear facili ties and an artificial neural network model for implementing internal cyberforensics

Abstract

Deployment of digital technologies within a modern shift in cyber defense systems is es sen tial for pro tect ing the en ergy pro duc tion units. One of the im por tant com po nents of defense is cyberforensics: once an at tack has been de tected to lo cate its or igin. In this pa per, a re view of well-known cyberattacks in nu clear facil ities is pro vided, with the les sons learned lead ing to the development of a machine learning approach implementing identification of internal at-tacks in the fa cil ity's data net works. Our ap proach may be seen as one of the layers in a de-fense-in-depth strat egy that iden ti fies if the at tack co mes from in side, which may re sult in iden ti fy ing faster the at tacker's or igin. The presented model ex ploits net work packet ex ami-nation to cast accurate predictions on detailing the origin of malicious network connections. The approach fuses multiple mathematical functions within an artificial neural network to pro vide a re sponse in the form of 0/1, i. e., whether the at tack is iden ti fied as in ter nal or not. The utilization of a vari ety of test cases is developed to ex plore the relevance and validity of the predictive approach. The proposed implementation is examined with network data packet vari ance, and the results ob tained ex hibit a highly ac cu rate detec tion rate.