A comparative Bayesian Network and machine learning framework for predicting maritime cyber-attack risks in narrow canals and straits


Kurt Y. B., TÜRKOĞLU M. M., Çınar F., Şenol Y. E., Kurt R. E., Turan O., ...Daha Fazla

Ocean Engineering, cilt.364, sa.P1, 2026 (SCI-Expanded, Scopus)

  • Yayın Türü: Makale / Tam Makale
  • Cilt numarası: 364 Sayı: P1
  • Basım Tarihi: 2026
  • Doi Numarası: 10.1016/j.oceaneng.2026.126782
  • Dergi Adı: Ocean Engineering
  • Derginin Tarandığı İndeksler: Science Citation Index Expanded (SCI-EXPANDED), Scopus, Applied Science & Technology Source, Compendex, Environment Index, Geobase, ICONDA Bibliographic, INSPEC, The International Construction Database (ICONDA), Academic Search Ultimate (EBSCO), Engineering Source (EBSCO)
  • Anahtar Kelimeler: Bayesian network, Cyber-risk prediction, GNSS spoofing, Machine learning, Maritime cybersecurity, Narrow canals and straits, Noisy-OR
  • İstanbul Gelişim Üniversitesi Adresli: Evet

Özet

This research develops a predictive framework for cyber-induced navigational risk escalation in narrow canals and straits. Restricted manoeuvring space, dense traffic, and dependence on digital navigation systems amplify the operational consequences of cyber disruption in these environments. An expert-defined Bayesian Network (BN) was constructed to represent the causal relationships between ten risk node (RN) cyber-risk indicators, three intermediate degradation states, and the top event defined as cyber-induced navigational risk escalation in narrow waters. This top event does not represent attack initiation or attack occurrence directly; rather, it denotes a navigation-level risk state arising from the interaction of cyber-relevant vulnerabilities, compromised navigation information, and incorrect situation assessment. The BN benchmark was fitted using a Noisy-OR-type formulation. It was then evaluated alongside three machine-learning (ML) baselines: logistic regression, random forest, and gradient boosting, trained on the same RN predictors. The findings demonstrate the complementary strengths of both approaches, supporting the development of more reliable and explainable cyber-risk assessment tools for safety-critical maritime operations in narrow waterways. Because the TE labels were generated through BN-consistent simulation, the results should be interpreted as a controlled methodological proof-of-concept rather than as empirical validation of real-world maritime cyber-attack prediction accuracy.