Securing the Industrial Internet of Things against ransomware attacks: A comprehensive analysis of the emerging threat landscape and detection mechanisms

Muna Al-Hawawreh, Mamoun Alazab, Mohamed Amine Ferrag, M. Shamim Hossain

Research output: Contribution to journalReview articlepeer-review

Abstract

Due to the complexity and diversity of Industrial Internet of Things (IIoT) systems, which include heterogeneous devices, legacy and new connectivity protocols and systems, and distributed networks, sophisticated attacks like ransomware will likely target these systems in the near future. Researchers have focused on studying and addressing ransomware attacks against various platforms in recent years. However, to the best of our knowledge, no existing study investigates the new trends of ransomware tactics and techniques and provides a comprehensive analysis of ransomware attacks and their detection techniques for IIoT systems. Therefore, this paper investigates this attack and its associated detection techniques in IIoT systems in various aspects, including recent ransomware tactics, types, infected operating systems, and platforms. Specifically, we initially discuss the evolution of the IIoT system and its common architecture. Then, we provide an in-depth examination of the development of ransomware attacks and their constituent blocks, outline recent tactics and types of ransomware, and provide an extensive overview of the latest research on detection models. We also summarize numerous significant issues that have yet to be addressed and require further research. We conclude that offensive and defensive research is urgently needed to protect IIoT against ransomware attacks.

Original languageEnglish
Article number103809
Pages (from-to)1-30
Number of pages30
JournalJournal of Network and Computer Applications
Volume223
Early online date4 Dec 2023
DOIs
Publication statusPublished - Mar 2024

Fingerprint

Dive into the research topics of 'Securing the Industrial Internet of Things against ransomware attacks: A comprehensive analysis of the emerging threat landscape and detection mechanisms'. Together they form a unique fingerprint.

Cite this