Cyber resilience in supply chain system security using machine learning for threat predictions

Yeboah-Ofori, Abel ORCID: https://orcid.org/0000-0001-8055-9274, Swart, Cameron, Opoku-Boateng, Francisca and Islam, Shareeful (2022) Cyber resilience in supply chain system security using machine learning for threat predictions. Continuity & Resilience Review. ISSN 2516-7502

[img]
Preview
PDF
Yeboah-Ofori_et_al_2022.pdf - Accepted Version

Download (1MB) | Preview

Abstract

Purpose
Cyber resilience in cyber supply chain (CSC) systems security has become inevitable as attacks, risks and vulnerabilities increase in real-time critical infrastructure systems with little time for system failures. Cyber resilience approaches ensure the ability of a supply chain system to prepare, absorb, recover and adapt to adverse effects in the complex CPS environment. However, threats within the CSC context can pose a severe disruption to the overall business continuity. The paper aims to use machine learning (ML) techniques to predict threats on cyber supply chain systems, improve cyber resilience that focuses on critical assets and reduce the attack surface.

Design/methodology/approach
The approach follows two main cyber resilience design principles that focus on common critical assets and reduce the attack surface for this purpose. ML techniques are applied to various classification algorithms to learn a dataset for performance accuracies and threats predictions based on the CSC resilience design principles. The critical assets include Cyber Digital, Cyber Physical and physical elements. We consider Logistic Regression, Decision Tree, Naïve Bayes and Random Forest classification algorithms in a Majority Voting to predicate the results. Finally, we mapped the threats with known attacks for inferences to improve resilience on the critical assets.

Findings
The paper contributes to CSC system resilience based on the understanding and prediction of the threats. The result shows a 70% performance accuracy for the threat prediction with cyber resilience design principles that focus on critical assets and controls and reduce the threat.

Research limitations/implications
Therefore, there is a need to understand and predicate the threat so that appropriate control actions can ensure system resilience. However, due to the invincibility and dynamic nature of cyber attacks, there are limited controls and attributions. This poses serious implications for cyber supply chain systems and its cascading impacts.

Practical implications
ML techniques are used on a dataset to analyse and predict the threats based on the CSC resilience design principles.

Social implications
There are no social implications rather it has serious implications for organizations and third-party vendors.

Originality/value
The originality of the paper lies in the fact that cyber resilience design principles that focus on common critical assets are used including Cyber Digital, Cyber Physical and physical elements to determine the attack surface. ML techniques are applied to various classification algorithms to learn a dataset for performance accuracies and threats predictions based on the CSC resilience design principles to reduce the attack surface for this purpose.

Item Type: Article
Additional Information: Copyright © 2022, Emerald Publishing Limited Yeboah-Ofori, A., Swart, C., Opoku-Boateng, F.A. and Islam, S. (2022), "Cyber resilience in supply chain system security using machine learning for threat predictions", Continuity & Resilience Review, Vol. ahead-of-print No. ahead-of-print. https://doi.org/10.1108/CRR-10-2021-0034
Uncontrolled Keywords: Cyber Resilience, Cyber Supply Chain, Cyber Security, Cyber Threat Prediction, Machine Learning
Subjects: Computing > Information security > Cyber security
Related URLs:
Depositing User: Dr Abel Yeboah-Ofori
Date Deposited: 24 Feb 2022 03:58
Last Modified: 04 Mar 2022 14:26
URI: http://repository.uwl.ac.uk/id/eprint/8808

Downloads

Downloads per month over past year

Actions (login required)

View Item View Item

Menu