The increasing penetrations of the critical infrastructure sector in the United States with intelligent digital technologies have greatly increased exposure to advanced cyber adversaries and operational vulnerabilities. AI-powered governance and automated decision-making systems are becoming a key part of the operation of critical infrastructure systems, including energy, healthcare, transportation, financial services, and communication infrastructure, in order to improve efficiency and strategic management. The growing cyber threat environment, such as Distributed Denial of Service (DDos) attacks, botnets, ransomware, and Advanced Persistent Threats (APTs) pose significant challenges to infrastructure resilience, cyber security reliability, and governance trustworthiness. In a changing attack landscape and dynamic network environment, traditional cybersecurity mechanisms can often fall short of meeting the evolving needs and protecting critical systems. This study will develop a resilient cyber risk analytics and model reliability assessment framework to support intelligent governance and decision support for cyber risk exposure in the U.S. critical infrastructure environment. This study is based on the CICIDS2017 dataset for the development and testing of intrusion detection system models and cyber risk prediction models based on machine learning. Various classifiers like XGBoost, Random Forest, and Decision Tree are used to detect malicious activities on the network and determine the level of cyber risk. Furthermore, the Explainable Artificial Intelligence (XAI) techniques are integrated to enhance transparency, interpretability, and trust in cybersecurity decision-making processes. The proposed framework presents the reliability and resilience of the model by having various performance measures such as accuracy, precision, recall, F1 score, ROC-AUC, and false positive rate.

翻译：随着美国关键基础设施领域智能化数字技术的日益渗透，其面临的高级网络攻击与运行漏洞风险显著增加。人工智能驱动的治理与自动化决策系统正成为能源、医疗、交通、金融服务及通信基础设施等关键系统运营的核心组成部分，以提升效率与战略管理水平。日益严峻的网络威胁环境（包括分布式拒绝服务攻击、僵尸网络、勒索软件及高级持续性威胁）对基础设施弹性、网络安全可靠性及治理可信度构成重大挑战。在不断变化的攻击态势与动态网络环境下，传统网络安全机制往往难以满足日益演进的需求并有效保护关键系统。本研究将构建一个弹性网络风险分析与模型可靠性评估框架，以支持美国关键基础设施环境中网络风险暴露的智能治理与决策支持。基于CICIDS2017数据集，本研究开发并测试了基于机器学习的入侵检测系统模型与网络风险预测模型。采用XGBoost、随机森林与决策树等多种分类器检测网络恶意活动并评估网络风险等级。此外，融合可解释人工智能技术以增强网络安全决策过程的透明度、可解释性与可信度。所提框架通过准确率、精确率、召回率、F1分数、ROC-AUC及假阳性率等多重性能指标验证了模型的可靠性与鲁棒性。