Cyberattacks on critical infrastructure and corresponding countermeasures
Vähäkainu, Petri (2023)
Vähäkainu, Petri
2023
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2023052413507
https://urn.fi/URN:NBN:fi:amk-2023052413507
Tiivistelmä
These days cyberattacks pose a growing risk to cyber-physical systems (CPSs) that act as a part of critical infrastructure (CI) that are vital to a nation’s economy and security. These attacks can disrupt vital devices and services, paralyze whole societies, and cause even life-threatening consequences. More robust and resilient infrastructure is required to combat an ever-increasing number of incoming cyberattacks, which can be divided into denial-of-service (DoS), distributed denial-of-service (DDoS), Malware, and Phishing attack domains.
The research focus was on studying some of the most common cyberattacks studied in the chapter: “Cyberattacks Against Critical Infrastructure Facilities and Corresponding Countermeasures” by Vähäkainu et al. (2022) targeting critical infrastructure facilities, machine learning defensive mechanisms to provide additional detection and defense capabilities to extend the inadequate protection of critical infrastructure facilities against cyber threats, and reviewing the detection accuracy and best fit of these mechanisms to
identify incoming cyberattacks. To reach the research objectives, information was acquired by performing database searches from various scientific databases and web pages on the internet, and comparative study methods were applied to analyze the data collected. The data gathered was used to gain an understanding of what is the best suitable machine learning classifier to detect the most common cyberattacks previously
mentioned, and with what accuracy.
The results indicated that the decision tree and random forest classifiers provided an excellent performance outperforming other classifiers compared. The random forest achieved the best accuracy among all the classifiers reviewed providing 97–99 % DDoS, 89 % FDIA, 92–99 % Malware, 96–100 % Phishing, and 99 % Ransomware attack detection accuracy, reaching the best choice of the classifiers examined. The Random Forest is a well-known and extensively utilized classifier capable of preventing overfitting, and it can
be applied in the domains previously mentioned. The results also showed that the Naïve Bayes classifier was able to provide only rather poor performance, 62–99 % DDoS, 89 % FDIA, 70–91 % Malware, 95 % Phishing, and 35 % Ransomware accuracy in most of the experiments, and hence, it is not advised to utilize it as a countermeasure against incoming cyberattacks, except possibly with FDIA attacks in some cases.
The research focus was on studying some of the most common cyberattacks studied in the chapter: “Cyberattacks Against Critical Infrastructure Facilities and Corresponding Countermeasures” by Vähäkainu et al. (2022) targeting critical infrastructure facilities, machine learning defensive mechanisms to provide additional detection and defense capabilities to extend the inadequate protection of critical infrastructure facilities against cyber threats, and reviewing the detection accuracy and best fit of these mechanisms to
identify incoming cyberattacks. To reach the research objectives, information was acquired by performing database searches from various scientific databases and web pages on the internet, and comparative study methods were applied to analyze the data collected. The data gathered was used to gain an understanding of what is the best suitable machine learning classifier to detect the most common cyberattacks previously
mentioned, and with what accuracy.
The results indicated that the decision tree and random forest classifiers provided an excellent performance outperforming other classifiers compared. The random forest achieved the best accuracy among all the classifiers reviewed providing 97–99 % DDoS, 89 % FDIA, 92–99 % Malware, 96–100 % Phishing, and 99 % Ransomware attack detection accuracy, reaching the best choice of the classifiers examined. The Random Forest is a well-known and extensively utilized classifier capable of preventing overfitting, and it can
be applied in the domains previously mentioned. The results also showed that the Naïve Bayes classifier was able to provide only rather poor performance, 62–99 % DDoS, 89 % FDIA, 70–91 % Malware, 95 % Phishing, and 35 % Ransomware accuracy in most of the experiments, and hence, it is not advised to utilize it as a countermeasure against incoming cyberattacks, except possibly with FDIA attacks in some cases.