Nuclear Technology and Radiation Protection (Jan 2021)

Review of internal cyber attacks in nuclear facilities and an artificial neural network model for implementing internal cyberforensics

  • Campos Brandyn M.,
  • Alamaniotis Miltiadis

DOI
https://doi.org/10.2298/NTRP2102128C
Journal volume & issue
Vol. 36, no. 2
pp. 128 – 138

Abstract

Read online

Deployment of digital technologies within a modern shift in cyber defense systems is essential for protecting the energy production units. One of the important components of defense is cyberforensics: once an attack has been detected to locate its origin. In this paper, a review of well-known cyberattacks in nuclear facilities is provided, with the lessons learned leading to the development of a machine learning approach implementing identification of internal at- tacks in the facility's data networks. Our approach may be seen as one of the layers in a defense-in-depth strategy that identifies if the attack comes from inside, which may result in identifying faster the attacker's origin. The presented model exploits network packet examination to cast accurate predictions on detailing the origin of malicious network connections. The approach fuses multiple mathematical functions within an artificial neural network to provide a response in the form of 0/1, i. e., whether the attack is identified as internal or not. The utilization of a variety of test cases is developed to explore the relevance and validity of the predictive approach. The proposed implementation is examined with network data packet variance, and the results obtained exhibit a highly accurate detection rate.

Keywords