Exploiting Internet of Things (IoT) Data Streams – An Adversarial AI/ML Perspective

Paul Plachinda - Idaho National Laboratory (INL) BEA
Gustavo Reyes - Idaho National Laboratory (INL) BEA
Internet of things (IoT) describes the network of physical objects - “things” - that are embedded with sensors, actuators, software, communication technologies, etc. for the purpose of connecting and exchanging data with other devices and systems over the internet or private networks. Over the past decade thanks to major progress in semiconductors the IoT experienced a connectivity boom. The IoT ecosystem now embraces everything from industrial robots to dog tags. Artificial intelligence (AI) models use data coming from the IoT sensors to train the neural networks, and later predict future behavior of the trained model based on precursor data. When applied to International Nuclear Safeguards, AI is widely used to create a digital twin of assets or processes providing a way of automatically triaging the very large and disparate amounts of remotely transmitted safeguards data analyzed by the International Atomic Energy Agency (IAEA) as part of its nuclear non-proliferation treaty (NPT) mandate. This same data stream can be intercepted and altered by a rogue man-in-the-middle eventually causing Machine Learning predictions to differ from actual operational parameters, providing a non-compliant State a means of masking diversion or misuse activities, for example. A cyber-physical model is offered as a testbed to explore potential threats emerging from this vulnerability.