Applied IT & Engineering
Information and engineering sciences | Online ISSN 3068-0115
31
Citations
43.9k
Views
25
Articles
Volume 2 Number 1 2024
RESEARCH ARTICLE (Open Access)
Explainable AI-Driven Cyber Risk Analytics and Model Reliability Assessment for Intelligent Governance of U.S. Critical Infrastructure: An XGBoost and SHAP-Based Intrusion Detection Framework
B. M. Taslimul Haque1*, Md. Arifur Rahman2, Md. Serajul Kabir Chowdhury Rubel3, Md. Iqbal Hossan3
Applied IT & Engineering 2 (1) 1-20 https://doi.org/10.25163/engineering.2110762
Submitted: 01 July 2024 Revised: 03 September 2024 Accepted: 09 September 2024 Published: 11 September 2024
Abstract
Background. U.S. critical infrastructure sectors — energy, healthcare, transportation, financial services, and communications — are increasingly governed by AI-driven digital technologies that, while operationally transformative, have dramatically widened the cyberattack surface. Distributed Denial of Service (DDoS) attacks, Advanced Persistent Threats (APTs), botnets, and ransomware now challenge infrastructure resilience in ways traditional, rule-based cybersecurity mechanisms were never designed to address. Despite machine learning's demonstrated promise for intrusion detection, most existing frameworks optimize narrowly for classification accuracy while neglecting the model reliability, explainability, and governance transparency that critical infrastructure operators actually require.
Methods. This study develops a resilient cyber risk analytics and model reliability assessment framework designed to support intelligent cybersecurity governance in U.S. critical infrastructure environments. Using the CICIDS2017 dataset — a realistic, labeled benchmark encompassing DDoS, brute force, botnet, web attack, and infiltration traffic — four supervised classifiers were trained and comparatively evaluated: XGBoost, Random Forest, Decision Tree, and Logistic Regression. Model performance was assessed across accuracy, precision, recall, F1-score, ROC-AUC, and false positive rate. SHAP (SHapley Additive Explanations) analysis was integrated to produce interpretable, feature-level explanations of model predictions, enabling governance actors to audit and act on classification outputs with informed confidence.
Results. The Support Vector Machine classifier achieved near-perfect discrimination on the binary DDoS versus benign classification task, with an AUC approaching 1.00, 2,571 true positives, 1,918 true negatives, and only eleven total misclassifications. Exploratory traffic analysis confirmed that flow duration, packet size, Flow Bytes/s, and destination port distribution carry substantial discriminative information for distinguishing attack from benign traffic. SHAP analysis identified the most influential network features driving model predictions, providing the feature-level transparency that governance decision-makers require.
Conclusion. Combining cyber risk analytics, machine learning, reliability evaluation, and explainable AI substantially advances cybersecurity resilience and governance trustworthiness for critical infrastructure protection — moving beyond detection accuracy toward systems that are interpretable, auditable, and operationally accountable.
Keywords: Cyber risk analytics, Explainable artificial intelligence (XAI), Critical infrastructure protection, Intrusion detection systems, Model reliability assessment.
References
Abuhasel, K. A. (2023). A linear probabilistic resilience model for securing critical infrastructure in industry 5.0. IEEE Access, 11, 80863–80873. https://doi.org/10.1109/ACCESS.2023.3300000
Alam, M. K., & Fahad, M. L. R. (2022). The digital shield: An analysis of AI's role in protecting US financial infrastructure from cyberattack. Journal of Computer Science and Technology Studies, 4(1), 112–133.
Alderson, D. L., Darken, R. P., Eisenberg, D. A., & Seager, T. P. (2022). Surprise is inevitable: How do we train and prepare to make our critical infrastructure more resilient? International Journal of Disaster Risk Reduction, 72, Article 102800. https://doi.org/10.1016/j.ijdrr.2022.102800
Almaleh, A. (2023). Measuring resilience in smart infrastructures: A comprehensive review of metrics and methods. Applied Sciences, 13(11), Article 6452. https://doi.org/10.3390/app13116452
Almaleh, A., Tipper, D., Al-Gahtani, S. F., & El-Sehiemy, R. (2022). A novel model for enhancing the resilience of smart microgrids' critical infrastructures with multi-criteria decision techniques. Applied Sciences, 12(19), Article 9756. https://doi.org/10.3390/app12199756
Alqudhaibi, A., Albarrak, M., Aloseel, A., Jagtap, S., & Salonitis, K. (2023). Predicting cybersecurity threats in critical infrastructure for industry 4.0: A proactive approach based on attacker motivations. Sensors, 23(9), Article 4539. https://doi.org/10.3390/s23094539
Ampratwum, G., Osei-Kyei, R., & Tam, V. W. (2022). Exploring the concept of public–private partnership in building critical infrastructure resilience against unexpected events: A systematic review. International Journal of Critical Infrastructure Protection, 39, Article 100556. https://doi.org/10.1016/j.ijcip.2022.100556
Argyroudis, S. A., Mitoulis, S. A., Chatzi, E., Baker, J. W., Brilakis, I., Gkoumas, K., Marinos, M., Imam, B., Vasdravellis, G., Sousa, H., & Linkov, I. (2022). Digital technologies can enhance climate resilience of critical infrastructure. Climate Risk Management, 35, Article 100387. https://doi.org/10.1016/j.crm.2021.100387
Ashfaq, S., Biswas, S., & Chowdhury, T. K. (2023). Integration of artificial intelligence and advanced computing to develop resilient cyber defense systems. Journal of Sustainable Development and Policy, 2(04), 74–107.
Ashfaq, S., & Chowdhury, T. K. (2023). Explainable artificial intelligence (XAI) approaches for cyber risk assessment in financial services. American Journal of Interdisciplinary Studies, 4(03), 96–135.
Avireneni, R. T., Koneru, S. H., Yelkoti, N. K. K. R., & Khaga, S. Y. (2023). Digital twins for infrastructure. International Journal of Emerging Research in Engineering and Technology, 4(2), 115–125.
Bouramdane, A. A. (2023). Cyberattacks in smart grids: Challenges and solving the multi-criteria decision-making for cybersecurity options, including ones that incorporate artificial intelligence, using an analytical hierarchy process. Journal of Cybersecurity and Privacy, 3(4), 662–705. https://doi.org/10.3390/jcp3040033
Canadian Institute for Cybersecurity. (2017). CICIDS2017 intrusion detection dataset [Data set]. University of New Brunswick. https://www.kaggle.com/datasets/chethuhn/network-intrusion-dataset
Cassottana, B., Roomi, M. M., Mashima, D., & Sansavini, G. (2023). Resilience analysis of cyber-physical systems: A review of models and methods. Risk Analysis, 43(11), 2359–2379. https://doi.org/10.1111/risa.14100
Chowdhury, T. K., & Biswas, S. (2022). Graph neural networks (GNNs) for modeling cyber attack patterns and predicting system vulnerabilities in critical infrastructure. American Journal of Interdisciplinary Studies, 3(04), 157–202.
Coppolino, L., Nardone, R., Petruolo, A., Romano, L., & Souvent, A. (2023, August). Exploiting digital twin technology for cybersecurity monitoring in smart grids [Conference paper]. 18th International Conference on Availability, Reliability and Security (ARES 2023), Benevento, Italy. https://doi.org/10.1145/3600160.3605043
Essien, I. A., Cadet, E., Ajayi, J. O., Erigh, E. D., Obuse, E., Ayanbode, N., & Babatunde, L. A. (2022). Optimizing cyber risk governance using global frameworks: ISO, NIST, and COBIT alignment. Journal of Frontiers in Multidisciplinary Research, 3(1), 618–629.
Garcia-Perez, A., Sallos, M. P., & Tiwasing, P. (2023). Dimensions of cybersecurity performance and crisis response in critical infrastructure organisations: An intellectual capital perspective. Journal of Intellectual Capital, 24(2), 465–486. https://doi.org/10.1108/JIC-02-2022-0042
Halliday, N. (2023). A conceptual framework for financial network resilience integrating cybersecurity, risk management and digital infrastructure stability. International Journal of Advanced Multidisciplinary Research and Studies, 3, 1253–1263.
Idima, S., Nwatu, C. E., Adim, E. M., & Okwesa, I. J. (2023). Predictive analytics for aging US electrical infrastructure: Leveraging machine learning to enhance grid resilience and reliability. World Journal of Advanced Research and Reviews, 19(2), 1595–1622.
James, U. U., Idika, C. N., & Enyejo, L. A. (2023). Zero trust architecture leveraging AI-driven behavior analytics for industrial control systems in energy distribution networks. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 9(4). https://doi.org/10.32628/CSEIT2390432
Jha, R. K. (2023). Cybersecurity and confidentiality in smart grid for enhancing sustainability and reliability. Recent Research Reviews Journal, 2(2), 215–241.
Jin, A. S., Hogewood, L., Fries, S., Lambert, J. H., Fiondella, L., Strelzoff, A., Tran, H., & Linkov, I. (2022). Resilience of cyber-physical systems: Role of AI, digital twins, and edge computing. IEEE Engineering Management Review, 50(2), 195–203. https://doi.org/10.1109/EMR.2022.3171540
Khan, R. S., Sirazy, M. R. M., Das, R., & Rahman, S. (2022). An AI and ML-enabled framework for proactive risk mitigation and resilience optimization in global supply chains during national emergencies. Sage Science Review of Applied Machine Learning, 5(2), 127–144.
Küfeoglu, S., & Akgün, A. T. (2023). Cyber resilience in critical infrastructure. CRC Press.
Kulugh, V. E., Mbanaso, U. M., & Chukwudebe, G. (2022). Cybersecurity resilience maturity assessment model for critical national information infrastructure. SN Computer Science, 3(3), Article 217. https://doi.org/10.1007/s42979-022-01105-2
Kure, H. I., Islam, S., & Mouratidis, H. (2022). An integrated cyber security risk management framework and risk predication for the critical infrastructure protection. Neural Computing and Applications, 34(18), 15241–15271. https://doi.org/10.1007/s00521-022-07812-6
Larsson, A., & Große, C. (2023). Data use and data needs in critical infrastructure risk analysis. Journal of Risk Research, 26(5), 524–546. https://doi.org/10.1080/13669877.2023.2193779
Lichte, D., Torres, F. S., & Engler, E. (2022). Framework for operational resilience management of critical infrastructures and organizations. Infrastructures, 7(5), Article 70. https://doi.org/10.3390/infrastructures7050070
Malatji, M., Marnewick, A. L., & Von Solms, S. (2022). Cybersecurity capabilities for critical infrastructure resilience. Information & Computer Security, 30(2), 255–279. https://doi.org/10.1108/ICS-06-2021-0077
Mehmood, A., Epiphaniou, G., Maple, C., Ersotelos, N., & Wiseman, R. (2023). A hybrid methodology to assess cyber resilience of IoT in energy management and connected sites. Sensors, 23(21), Article 8720. https://doi.org/10.3390/s23218720
Michalec, O., Milyaeva, S., & Rashid, A. (2022). When the future meets the past: Can safety and cyber security coexist in modern critical infrastructures? Big Data & Society, 9(1), 1–14. https://doi.org/10.1177/20539517221108369
Mintoo, A. A., Saimon, A. S. M., Bakhsh, M. M., & Akter, M. (2022). National resilience through AI-driven data analytics and cybersecurity for real-time crisis response and infrastructure protection. American Journal of Scholarly Research and Innovation, 1(01), 137–169.
Nurul, S., & Kumar, A. (2023). AI-enabled cyber-physical power systems: Review of smart grid security, optimization, and decision support. Applied IT & Engineering, 1(1), 1–9.
Ofili, B. T., Obasuyi, O. T., & Akano, T. D. (2023). Edge computing, 5G, and cloud security convergence: Strengthening USA's critical infrastructure resilience. International Journal of Computer Applications and Technology Research, 12(9), 17–31.
Okolo, F. C., Etukudoh, E. A., Ogunwole, O., Osho, G. O., & Basiru, J. O. (2023). Advances in cyber-physical resilience of transportation infrastructure in emerging economies and coastal regions. [Journal title unavailable — verification required prior to submission].
Olaonipekun, B. (2023). Enhancing cyber resilience in critical infrastructure through advanced risk assessment models (SSRN Working Paper No. 5137375). Social Science Research Network. https://ssrn.com/abstract=5137375
Osei-Kyei, R., Almeida, L. M., Ampratwum, G., & Tam, V. (2023). Systematic review of critical infrastructure resilience indicators. Construction Innovation, 23(5), 1210–1231. https://doi.org/10.1108/CI-09-2021-0175
Parraguez-Kobek, L., Stockton, P., & Houle, G. (2022). Cybersecurity and critical infrastructure resilience in North America. In J. Heine & A. Fishlow (Eds.), Forging a continental future (pp. 217–235). McGill-Queen's University Press.
Patel, R., & Patel, P. B. (2023). Mission-critical facilities: Engineering approaches for high availability and disaster resilience. Asian Journal of Computer Science and Engineering, 8(3), 1–9.
Patel, T., Jadav, N. K., Rathod, T., Tanwar, S., Garg, D., & Shahinzadeh, H. (2023, December). AI-based secure intrusion detection framework for digital twin-enabled critical infrastructure [Conference paper]. 14th International Conference on Information and Knowledge Technology (IKT 2023), Tehran, Iran. https://doi.org/10.1109/IKT60587.2023.10471281
Patriarca, R., Simone, F., & Di Gravio, G. (2022). Modelling cyber resilience in a water treatment and distribution system. Reliability Engineering & System Safety, 226, Article 108653. https://doi.org/10.1016/j.ress.2022.108653
Pursiainen, C., & Kytömaa, E. (2023). From European critical infrastructure protection to the resilience of European critical entities: What does it mean? Sustainable and Resilient Infrastructure, 8(Suppl. 1), 85–101. https://doi.org/10.1080/23789689.2022.2097155
Rashid, N. S. (2023). Intelligent distributed systems for secure data governance predictive analytics and enterprise reliability. International Journal of Science, Research and Technology, 6(6), 11002–11010.
Rezvani, S., Falcão, M. J., Komljenovic, D., & de Almeida, N. M. (2023). A systematic literature review on urban resilience enabled with asset and disaster risk management approaches and GIS-based decision support tools. Applied Sciences, 13(4), Article 2223. https://doi.org/10.3390/app13042223
Saeed, S., Suayyid, S. A., Al-Ghamdi, M. S., Al-Muhaisen, H., & Almuhaideb, A. M. (2023). A systematic literature review on cyber threat intelligence for organizational cybersecurity resilience. Sensors, 23(16), Article 7273. https://doi.org/10.3390/s23167273
Sathurshan, M., Saja, A., Thamboo, J., Haraguchi, M., & Navaratnam, S. (2022). Resilience of critical infrastructure systems: A systematic literature review of measurement frameworks. Infrastructures, 7(5), Article 67. https://doi.org/10.3390/infrastructures7050067
Sen, S. (2022). AI-enabled substation architectures for autonomous power systems: Reliability, asset intelligence, and grid-edge analytics. Energy, 3, [Article number pending verification].
Shypovskyi, V. (2023). Enhancing the factor analysis of information risk methodology for assessing cyberresilience in critical infrastructure information systems. Political Science and Security Studies Journal, 4(1), 25–33.
Sinha, S. K., Davis, C., Gardoni, P., Babbar-Sebens, M., Stuhr, M., Huston, D., Brooks, C., Kravchenko, A., Ghosn, M., Meegoda, J. N., & Vishwakarma, A. (2023). Water sector infrastructure systems resilience: A social–ecological–technical system-of-systems and whole-life approach. Cambridge Prisms: Water, 1, Article e4. https://doi.org/10.1017/wat.2023.4
Stankovic, A. M., Tomsovic, K. L., De Caro, F., Braun, M., Chow, J. H., Cukalevski, N., Kundur, D., Lasseter, R. H., McDonald, J., Paduani, C., Prosser, B., Smith, J., Vilhjalmsson, S., & Zhao, S. (2022). Methods for analysis and quantification of power system resilience. IEEE Transactions on Power Systems, 38(5), 4774–4787. https://doi.org/10.1109/TPWRS.2022.3212688
Sun, W., Bocchini, P., & Davison, B. D. (2022). Overview of interdependency models of critical infrastructure for resilience assessment. Natural Hazards Review, 23(1), Article 04021058. https://doi.org/10.1061/(ASCE)NH.1527-6996.0000509
Sundaramurthy, S. K., Ravichandran, N., Inaganti, A. C., & Muppalaneni, R. (2022). AI-powered operational resilience: Building secure, scalable, and intelligent enterprises. Artificial Intelligence and Machine Learning Review, 3(1), 1–10.
Tarek, J. H., & Rahman, W. (2022). Advanced cybersecurity architectures for resilience in US critical infrastructure control networks. Review of Applied Science and Technology, 1(04), 146–182.
Tarek, J. H., & Rahman, W. (2023). AI-driven cybersecurity, IoT networking, and resilience strategies for industrial control systems: A systematic review for US critical infrastructure protection. International Journal of Scientific Interdisciplinary Research, 4(4), 144–176.
Uzzaman, A., & Rony, M. A. (2023). Machine learning-based cybersecurity models for safeguarding industrial automation and critical infrastructure systems. International Journal of Scientific Interdisciplinary Research, 4(4), 224–264.
Vähäkainu, P., Lehto, M., & Kariluoto, A. (2022). Cyberattacks against critical infrastructure facilities and corresponding countermeasures. In M. Lehto & P. Neittaanmäki (Eds.), Cyber security: Critical infrastructure protection (pp. 255–292). Springer. https://doi.org/10.1007/978-3-030-91293-2_13
Wright, M., Chizari, H., & Viana, T. (2022). A systematic review of smart city infrastructure threat modelling methodologies: A Bayesian focused review. Sustainability, 14(16), Article 10368. https://doi.org/10.3390/su141610368
Zaman, D., & Mazinani, M. (2023). Cybersecurity in smart grids: Protecting critical infrastructure from cyber attacks. Shifra, 2023, 86–94.
Zubair, K. M., Akash, T. R., & Chowdhury, S. A. (2023). Autonomous threat intelligence aggregation and decision infrastructure for national cyber defense. Frontiers in Computer Science and Artificial Intelligence, 2(2), 26–51.
Zulqarnain, F. N. U., & Sarker, S. (2023). Intelligent climate risk modeling for robust energy resilience and national security. Journal of Sustainable Development and Policy, 2(04), 218–256.
Recommended articles
Explainable AI Framework for Detecting and Reducing Health Disparities in Healthcare Supply Chains
2
Save
Save
0
Citation
Citation
33
View
View
0
Share
Share