Using Bayesian network models for early assessment of cyberattack threats to electricity generation facility
Recent trends in Ukraine and worldwide show a sharp increase in cyber incidents and cyber-attacks targeting modern critical infrastructure, particularly in the energy sector. That is why ensuring the cyber resilience of energy distribution systems has become particularly relevant. This study present...
Збережено в:
| Дата: | 2025 |
|---|---|
| Автори: | , |
| Формат: | Стаття |
| Мова: | Українська |
| Опубліковано: |
Інститут проблем реєстрації інформації НАН України
2025
|
| Теми: | |
| Онлайн доступ: | http://drsp.ipri.kiev.ua/article/view/345591 |
| Теги: |
Додати тег
Немає тегів, Будьте першим, хто поставить тег для цього запису!
|
| Назва журналу: | Data Recording, Storage & Processing |
Репозитарії
Data Recording, Storage & Processing| _version_ | 1856543237394661376 |
|---|---|
| author | Гальчинський, Л. Ю. Личик, В. В. |
| author_facet | Гальчинський, Л. Ю. Личик, В. В. |
| author_sort | Гальчинський, Л. Ю. |
| baseUrl_str | |
| collection | OJS |
| datestamp_date | 2025-12-21T03:44:45Z |
| description | Recent trends in Ukraine and worldwide show a sharp increase in cyber incidents and cyber-attacks targeting modern critical infrastructure, particularly in the energy sector. That is why ensuring the cyber resilience of energy distribution systems has become particularly relevant.
This study presents the results of research into the development of a mechanism to facilitate the detection of cyberattacks on the IT network of a critical energy infrastructure facility. Analysis of existing tools has shown that the Bayesian network model has significant advantages and capabilities for the early assessment of cyberattack threats to the electric power industry. The cyber-attack model is built on the basis of the directed acyclic graph methodology, which allowed us to build a model for assessing the level of cyber threats for the IT network of an energy facility in the form of a Bayesian network. At the same time, the CVSS metric system, which is based on real CVE vulnerabilities, was used for a priori estimates of conditional distributions.
Numerical experiments have shown good relevance on a set of attack scenarios. In particular, they demonstrate the adaptability of the final indicators to changes in the nature and configuration of the network. Using the Kjærulff and van der Gaag method, an important fact of low sensitivity of probability values to changes in distribution parameters in critical nodes of the IT network was established. These results will allow in the future to test this concept at all stages of the attack, and not only at the early stages.
Thus, it can be argued that the use of Bayesian networks is a promising approach for assessing cyberattack threats to the IT networks of energy facilities. This, in turn, paves the way for solving the problem of increasing the level of cyber resilience of infrastructure systems for further restoration to an acceptable functional state of the system and assessment of the consequences and criticality of a cyber incident. Tabl.: 2. Fig.: 2. Refs: 23 titles. |
| first_indexed | 2026-02-08T08:00:02Z |
| format | Article |
| id | drspiprikievua-article-345591 |
| institution | Data Recording, Storage & Processing |
| language | Ukrainian |
| last_indexed | 2026-02-08T08:00:02Z |
| publishDate | 2025 |
| publisher | Інститут проблем реєстрації інформації НАН України |
| record_format | ojs |
| spelling | drspiprikievua-article-3455912025-12-21T03:44:45Z Using Bayesian network models for early assessment of cyberattack threats to electricity generation facility Використання моделі мереж Баєса для раннього оцінювання загроз кібератак об’єкта електроенергетики Гальчинський, Л. Ю. Личик, В. В. : IT network of an energy facility, attack graph, Bayesian network, sensitivity, cyber resi-lience ІТ-мережа енергооб’єкта, граф атаки, баєсова мережа, чутливість, кіберстійкість Recent trends in Ukraine and worldwide show a sharp increase in cyber incidents and cyber-attacks targeting modern critical infrastructure, particularly in the energy sector. That is why ensuring the cyber resilience of energy distribution systems has become particularly relevant. This study presents the results of research into the development of a mechanism to facilitate the detection of cyberattacks on the IT network of a critical energy infrastructure facility. Analysis of existing tools has shown that the Bayesian network model has significant advantages and capabilities for the early assessment of cyberattack threats to the electric power industry. The cyber-attack model is built on the basis of the directed acyclic graph methodology, which allowed us to build a model for assessing the level of cyber threats for the IT network of an energy facility in the form of a Bayesian network. At the same time, the CVSS metric system, which is based on real CVE vulnerabilities, was used for a priori estimates of conditional distributions. Numerical experiments have shown good relevance on a set of attack scenarios. In particular, they demonstrate the adaptability of the final indicators to changes in the nature and configuration of the network. Using the Kjærulff and van der Gaag method, an important fact of low sensitivity of probability values to changes in distribution parameters in critical nodes of the IT network was established. These results will allow in the future to test this concept at all stages of the attack, and not only at the early stages. Thus, it can be argued that the use of Bayesian networks is a promising approach for assessing cyberattack threats to the IT networks of energy facilities. This, in turn, paves the way for solving the problem of increasing the level of cyber resilience of infrastructure systems for further restoration to an acceptable functional state of the system and assessment of the consequences and criticality of a cyber incident. Tabl.: 2. Fig.: 2. Refs: 23 titles. Представлено результати дослідження розробки інструменту для полегшення виявлення кібератак на ІТ-мережу енергооб’єкта. Встановлено, що модель баєсових мереж має значні перспективи для раннього оцінювання загроз кібератак об’єкта електроенергетики. Як методологію використано модель кібератаки у вигляді орієнтованого ациклічного графа, а для оцінювання рівня загроз запропоновано баєсову мережу. Для апріорного оцінювання ймовірностей використана система метрик CVSS. Проведено оцінку чутливості моделі до змін апріорних параметрів умовних розподілів. Інститут проблем реєстрації інформації НАН України 2025-09-16 Article Article application/pdf http://drsp.ipri.kiev.ua/article/view/345591 10.35681/1560-9189.2025.27.2.345591 Data Recording, Storage & Processing; Vol. 27 No. 2 (2025); 70-85 Регистрация, хранение и обработка данных; Том 27 № 2 (2025); 70-85 Реєстрація, зберігання і обробка даних; Том 27 № 2 (2025); 70-85 1560-9189 uk http://drsp.ipri.kiev.ua/article/view/345591/334394 Авторське право (c) 2025 Реєстрація, зберігання і обробка даних |
| spellingShingle | : IT network of an energy facility attack graph Bayesian network sensitivity cyber resi-lience Гальчинський, Л. Ю. Личик, В. В. Using Bayesian network models for early assessment of cyberattack threats to electricity generation facility |
| title | Using Bayesian network models for early assessment of cyberattack threats to electricity generation facility |
| title_alt | Використання моделі мереж Баєса для раннього оцінювання загроз кібератак об’єкта електроенергетики |
| title_full | Using Bayesian network models for early assessment of cyberattack threats to electricity generation facility |
| title_fullStr | Using Bayesian network models for early assessment of cyberattack threats to electricity generation facility |
| title_full_unstemmed | Using Bayesian network models for early assessment of cyberattack threats to electricity generation facility |
| title_short | Using Bayesian network models for early assessment of cyberattack threats to electricity generation facility |
| title_sort | using bayesian network models for early assessment of cyberattack threats to electricity generation facility |
| topic | : IT network of an energy facility attack graph Bayesian network sensitivity cyber resi-lience |
| topic_facet | : IT network of an energy facility attack graph Bayesian network sensitivity cyber resi-lience ІТ-мережа енергооб’єкта граф атаки баєсова мережа чутливість кіберстійкість |
| url | http://drsp.ipri.kiev.ua/article/view/345591 |
| work_keys_str_mv | AT galʹčinsʹkijlû usingbayesiannetworkmodelsforearlyassessmentofcyberattackthreatstoelectricitygenerationfacility AT ličikvv usingbayesiannetworkmodelsforearlyassessmentofcyberattackthreatstoelectricitygenerationfacility AT galʹčinsʹkijlû vikoristannâmodelímerežbaêsadlârannʹogoocínûvannâzagrozkíberatakobêktaelektroenergetiki AT ličikvv vikoristannâmodelímerežbaêsadlârannʹogoocínûvannâzagrozkíberatakobêktaelektroenergetiki |