Abstract
Due to the complexity and diversity of Industrial Internet of Things (IIoT) systems, which include heterogeneous devices, legacy and new connectivity protocols and systems, and distributed networks, sophisticated attacks like ransomware will likely target these systems in the near future. Researchers have focused on studying and addressing ransomware attacks against various platforms in recent years. However, to the best of our knowledge, no existing study investigates the new trends of ransomware tactics and techniques and provides a comprehensive analysis of ransomware attacks and their detection techniques for IIoT systems. Therefore, this paper investigates this attack and its associated detection techniques in IIoT systems in various aspects, including recent ransomware tactics, types, infected operating systems, and platforms. Specifically, we initially discuss the evolution of the IIoT system and its common architecture. Then, we provide an in-depth examination of the development of ransomware attacks and their constituent blocks, outline recent tactics and types of ransomware, and provide an extensive overview of the latest research on detection models. We also summarize numerous significant issues that have yet to be addressed and require further research. We conclude that offensive and defensive research is urgently needed to protect IIoT against ransomware attacks.
Original language | English |
---|---|
Article number | 103809 |
Pages (from-to) | 1-30 |
Number of pages | 30 |
Journal | Journal of Network and Computer Applications |
Volume | 223 |
Early online date | 4 Dec 2023 |
DOIs | |
Publication status | Published - Mar 2024 |
Bibliographical note
Funding Information:This work was supported by the Deanship of Scientific Research at King Saud University, Riyadh, Saudi Arabia, through the Vice Deanship of Scientific Research Chairs: Research Chair of Pervasive and Mobile Computing.
Publisher Copyright:
© 2023 Elsevier Ltd