Machine Learning Assesses Cyber Risks in Construction

By Nidhi DhullReviewed by Susha Cheriyedath, M.Sc.Nov 26 2024

A recent article published in Developments in the Built Environment proposed a machine learning (ML) method to assess common cyber risks for construction projects. The approach involved three components: a Monte Carlo-simulated dataset for risk prediction, an ML-based analysis of risk factors, and a greedy optimization algorithm to address high-risk factors efficiently.

Background

While digital advancements have enhanced the efficiency and productivity of the construction sector, they have also increased cybersecurity vulnerabilities, resulting in significant delays, financial losses, and reputational damage in construction projects. The construction sector is lagging behind other industries in cybersecurity, encountering rising cyber incidents over the past decade.

Five types of cyber risks are mainly associated with the construction sector: ransomware attacks on blueprints and financial records, phishing to deceive individuals into revealing sensitive information, insider attacks to maliciously sabotage key resources, data breaches for unauthorized access to sensitive digital data, and supply chain attacks.

Equipping project managers with predictive tools to forecast cyber risks across project phases can proactively address these risks. This enables the managers to employ mitigation strategies, reducing or completely averting risks. A dynamic risk assessment tool that captures real-time project data and uses predictive models to evaluate cyber risk levels is preferable.

Methods

Developing an ML-centric approach for construction risk analysis involved multiple steps. Step 1 outlined the feature sources for the ML models derived from the identified risk factors. Step 2 involved generating datasets through Monte Carlo simulation and using an ensemble labeling approach combining fault tree analysis with criteria-based labeling.

Step 3 described the two-phase model development strategy, including determining the best model for each risk and optimal weight combination for various labeling methods. Step 4 employed an ML feature analysis to identify significant risk factors. Finally, step 5 introduced a greedy optimization algorithm to formulate efficient risk reduction strategies.

The above steps yielded a dynamic cyber risk assessment tool with three main modules: trained ML models for risk degree prediction (steps 1–3), risk factor analysis (step 4), and (3) risk reduction strategy formulation (step 5).

The ML model was based on the identified construction risk factors. Therefore, a systematic and rigorous process was employed to ensure the risk factors’ comprehensiveness, relevance, accuracy, and suitability. This involved a systematic literature review, the Delphi method for expert evaluation, and a detailed questionnaire survey.

Finally, a case study was conducted on a real construction project in the United Arab Emirates to demonstrate the practical applicability of the developed approach with three modules. This was a project for a leading engineering and contracting firm.

Results and Discussion

Among various analyzed risk factors, the insider attack risk consistently achieved near-perfect determination coefficient (R²) values across all ML models, indicating an almost linear relationship and making basic models suitable for prediction. Similarly, supply chain attack risk demonstrated high R² values with simpler models, confirming linearity. Notably, the complex models overfitted in cases of obvious linearity and underperformed on test data; therefore, simpler models were chosen for these risks.

All ML models achieved high R² values for ransomware attacks, but complex models like neural networks outperformed simpler ones, suggesting more non-linearity. A similar pattern was observed for phishing and data breach risks. The latter exhibited the lowest R² values across all models, indicating significant non-linearity and the limited effectiveness of sophisticated models. Thus, complex models were more suitable for these risks.

Almost all identified risks exhibited some non-linearities, denoting their complex relation with cyber risks. Therefore, construction project managers should comprehensively understand these risk factors to analyze cyber risks. This requires a holistic approach and commitment to cybersecurity. Additionally, different cyber risks demonstrated unique non-linear relationships with the corresponding risk factors. Thus, effectively addressing each type of cyber risk might need specifically tailored strategies.

The developed ML models successfully predicted the incidence of cyber risks in two expert-labeled projects and a real construction project. These outcomes further demonstrated the efficacy and validity of the models. Notably, the models could predict cyber risk status at any stage of a construction project, allowing project managers to employ immediate risk reduction strategies. The model’s greedy optimization algorithm governed these strategies to maximize resource allocation efficiency.

Conclusion

Overall, the researchers successfully developed an ML-based approach to assess the five most common cyber risks in construction projects: ransomware, insider attacks, data breaches, phishing, and supply chain attacks. 

However, the study suffered significant limitations due to the lack of an existing dataset. Therefore, a simulated dataset based on defined probability distributions was used to train the ML models. Despite expert review and validation, these distributions may not fully replicate real-world scenarios, probably introducing variance in the model results.

The researchers plan to conduct sensitivity analyses to refine these distributions and expand the expert panel for data simulation. Additionally, they are actively collaborating with local companies to collect authentic data for model validation and access real-world data.

Journal Reference

Yao, D., & de Soto, G. (2024). Assessing Cyber Risks in Construction Projects: A Machine Learning-Centric Approach. Developments in the Built Environment, 100570. DOI: 10.1016/j.dibe.2024.100570, https://www.sciencedirect.com/science/article/pii/S2666165924002515

Disclaimer: The views expressed here are those of the author expressed in their private capacity and do not necessarily represent the views of AZoM.com Limited T/A AZoNetwork the owner and operator of this website. This disclaimer forms part of the Terms and conditions of use of this website.