Mathematical modelling and neural networks in the context of railway cybersecurity
Serhii YevdokymovRailway communication networks based on Ethernet and Wi-Fi are increasingly becoming targets of cyber threats that can disrupt data exchange, control systems operation, and information security. The growing volume of transmitted data and the integration of intelligent control systems raise new requirements for cybersecurity, prompting the need for advanced approaches to threat detection and mitigation. This study aimed to enhance the cybersecurity of railway communication systems through the integration of algebraic modelling and machine learning techniques, including neural networks and a neuro-symbolic approach. The research included a vulnerability assessment of railway networks and the development of mathematical models for optimising rolling stock routing, infrastructure management, and cyber threat detection. Algorithms for identifying anomalies in railway network traffic based on autoencoders are proposed, enabling the detection of data flow deviations in real time. Experimental modelling was conducted using a dataset that included real and simulated traffic associated with cyberattacks. The results demonstrated a 35% reduction in network load, a 22% improvement in threat blocking efficiency, and an anomaly detection accuracy of 82.3%. In addition, over 87% of potentially malicious requests were automatically blocked without operator intervention. The system achieved a false positive rate of 6.2% and a false negative rate of 5.1%, confirming the effectiveness of combining neural networks with symbolic rule sets. The proposed methods also enabled traffic route optimisation and network load balancing. The practical significance of the study lies in the development of adaptive cybersecurity mechanisms for railway communication systems that enhance resilience against emerging threats, including protocol-level attacks. The integration of artificial intelligence methods with algebraic modelling improves the accuracy of cyber threat prediction, enables traffic routing optimisation, and supports the creation of adaptive incident response strategies
References
[1] Alaghbari, K.A., Lim, H.-S., Saad, M.H.M., & Yong, Y.S. (2023). Deep autoencoder-based integrated model for anomaly detection and efficient feature extraction in IoT networks. IoT, 4(3), 345-365. doi: 10.3390/iot4030016.
[2] Alcaraz, C., & López, J. (2023). Protecting digital twin networks for 6G-Enabled Industry 5.0 ecosystems. IEEE Network, 37(2), 302-308. doi: 10.1109/MNET.004.2200529.
[3] Attari, M.T., Nawaz, M.A., & Rehman, M. (2023). Importance of assembly language in cyber security and reverse engineering. In Proceedings of the 1st international conference on recent advances in computing, AI and data science (CAIDS-2023). Islamabad: Riphah International University.
[4] Audibert, J., Michiardi, P., Guyard, F., Marti, S., & Zuluaga, M.A. (2022). Do deep neural networks contribute to multivariate time series anomaly detection? Pattern Recognition, 132, article number 108945. doi: 10.1016/j. patcog.2022.108945.
[5] Birihanu, E., Soullami, A., & Lendák, I. (2025). Enhancing industrial control systems security: Real-time anomaly detection with uncertainty estimation. In Discovery science: 27th international conference (pp. 99-114). Pisa: ACM. doi: 10.1007/978-3-031-78980-9_7.
[6] Carter, J., Nelson, S., Roberts, E., Collins, M., & James, C. (2025). Neuro-symbolic AI for real-time anti-money-laundering systems. Retrieved from https://www.researchgate.net/publication/391185029.
[7] Cui, Y., Liu, Z., & Lian, S. (2023). A survey on unsupervised anomaly detection algorithms for industrial images. IEEE Access, 11, 55297-55315. doi: 10.1109/ACCESS.2023.3282993
[8] Ghiasi, R., Khan, M.A., Sorrentino, D., Diaine, C., & Malekjafarian, A. (2024). An unsupervised anomaly detection framework for on-board monitoring of railway track geometrical defects using one-class support vector machine. Engineering Applications of Artificial Intelligence, 133, article number 108167. doi: 10.1016/j.engappai.2024.108167.
[9] Goetz, C., & Humm, B.G. (2025). A hybrid and modular integration concept for anomaly detection in industrial control systems. AI, 6(5), article number 91. doi: 10.3390/ai6050091.
[10] Grujic, Z., & Grujic, B. (2025). Optimal routing in urban road networks: A graph-based approach using Dijkstra’s algorithm. Applied Sciences, 15(8), article number 4162. doi: 10.3390/app15084162.
[11] He, C., Shi, H., Li, R., Li, J., & Yu, Z. (2024). Interpretable modulated differentiable STFT and physics-informed balanced spectrum metric for freight train wheelset bearing cross-machine transfer fault diagnosis under speed fluctuations. Advanced Engineering Informatics, 62(A), article number 102568. doi: 10.1016/j.aei.2024.102568.
[12] Islam, U., Malik, R.Q., Al-Johani, A.S., Khan, M.R., Daradkeh, Y.I., Ahmad, I., Alissa, K.A., Abdul-Samad, Z., & Tag-Eldin, E.M. (2022). A novel anomaly detection system on the internet of railways using extended neural networks. Electronics, 11, article number 2813. doi: 10.3390/electronics11182813.
[13] Jiang, W., Han, H., Zhang, Y., Wang, J., He, M., Gu, W., Mu, J., & Cheng, X. (2024). Graph neural networks for routing optimization: Challenges and opportunities. Sustainability, 16(21), article number 9239. doi: 10.3390/su16219239.
[14] Liu, H., Liu, C., Wu, X., Qu, Y., & Liu, H. (2024). An automated penetration testing framework based on hierarchical reinforcement learning. Electronics, 13(21), article number 4311. doi: 10.3390/electronics13214311.
[15] Liu, J., Xie, G., Wang, J., Li, S., Wang, C., Zheng, F., & Jin, Y. (2024). Deep industrial image anomaly detection: A survey. Machine Intelligence Research, 21, 104-135. doi: 10.1007/s11633-023-1459-z.
[16] Nunes, J., Cruz, T., & Simões, P. (2024). Railway infrastructure cybersecurity: An overview. In M. Lehto & M. Karjalainen (Eds.), Proceedings of the 23rd European conference on cyber warfare and security (pp. 331-340). Jyvaskyla: ACI. doi: 10.34190/eccws.23.1.2296.
[17] Qi, J., & Wang, J. (2025). Bridging artificial intelligence and railway cybersecurity: A comprehensive anomaly detection review. Transportation Research Record, 2679(5), 232-255. doi: 10.1177/03611981241302335.
[18] Sewak, M., Sahay, S.K., & Rathore, H. (2021). LSTM hyper-parameter selection for malware detection: Interaction effects and hierarchical selection approach. In Proceedings of the 2021 international joint conference on neural networks (pp. 1-9). Shenzhen: IEEE. doi: 10.1109/IJCNN52387.2021.9533323.
[19] Skandylas, C., & Asplund, M. (2024). Automated penetration testing: Formalization and realization. ArXiv. doi: 10.48550/arXiv.2412.12745.
[20] Tuli, S., Casale, G., & Jennings, N.R. (2022). TranAD: Deep transformer networks for anomaly detection in multivariate time series data. Proceedings of the VLDB Endowment, 15, 1201-1214. doi: 10.14778/3514061.3514067.
[21] Wang, T., Zhang, Z., Yang, F., & Tsui, K.-L. (2021). Intelligent railway foreign object detection: A semi-supervised convolutional autoencoder based method. ArXiv. doi: 10.48550/arXiv.2108.02421.
[22] Zhang, C., Lao, Y.-Y., Deng, C.-L., & Li, Y. (2025). Fault detection for high-speed-train traction systems using autoencoder – fréchet inception distance. Measurement Science and Technology, 36, article number 046205. doi: 10.1088/1361-6501/adbde7.
[23] Zhang, Y., Wang, S., Chen, B., Cao, J., & Huang, Z. (2021). TrafficGAN: Network-scale deep traffic prediction with generative adversarial nets. IEEE Transactions on Intelligent Transportation Systems, 22(1), 219-230. doi: 10.1109/ TITS.2019.2955794.