Developing an Effective Detection Framework for Targeted Ransomware Attacks in Brownfield Industrial Internet of Things

The Industrial Internet of Things (IIoT) is being interconnected with many critical industrial activities, creating major cyber security concerns. The key concern is with edge systems of Brownfield IIoT, where new devices and technologies are deployed to interoperate with legacy industrial control systems and leverage the benefits of IoT. These edge devices, such as edge gateways, have opened the way to advanced attacks such as targeted ransomware. Various pre-existing security solutions can detect and mitigate such attacks but are often ineffective due to the heterogeneous nature of the IIoT devices and protocols and their interoperability demands. Consequently, developing new detection solutions is essential. The key challenges in developing detection solutions for targeted ransomware attacks in IIoT systems include 1) understanding attacks and their behaviour, 2) designing accurate IIoT system models to test attacks, 3) obtaining realistic data representing IIoT systems' activities and connectivities, and 4) identifying attacks. This thesis provides important contributions to the research focusing on investigating targeted ransomware attacks against IIoT edge systems and developing a new detection framework. The first contribution is developing the world's first example of ransomware, specifically targeting IIoT edge gateways. The experiments' results demonstrate that such an attack is now possible on edge gateways. Also, the kernel-related activity parameters appear to be significant indicators of the crypto-ransomware attacks' behaviour, much more so than for similar attacks in workstations. The second contribution is developing a new holistic end-to-end IIoT security testbed (i.e., Brown-IIoTbed) that can be easily reproduced and reconfigured to support new processes and security scenarios. The results prove that Brown-IIoTbed operates efficiently in terms of its functions and security testing. The third contribution is generating a first-of-its-kind dataset tailored for IIoT systems covering targeted ransomware attacks and their activities, called X-IIoTID. The dataset includes connectivity- and device-agnostic features collected from various data sources. The final contribution is developing a new asynchronous peer-to-peer federated deep learning framework tailored for IIoT edge gateways for detecting targeted ransomware attacks. The framework's effectiveness has been evaluated against pre-existing datasets and the newly developed X-IIoTID dataset

Edge Learning for 6G-enabled Internet of Things: A Comprehensive Survey of Vulnerabilities, Datasets, and Defenses

The ongoing deployment of the fifth generation (5G) wireless networks constantly reveals limitations concerning its original concept as a key driver of Internet of Everything (IoE) applications. These 5G challenges are behind worldwide efforts to enable future networks, such as sixth generation (6G) networks, to efficiently support sophisticated applications ranging from autonomous driving capabilities to the Metaverse. Edge learning is a new and powerful approach to training models across distributed clients while protecting the privacy of their data. This approach is expected to be embedded within future network infrastructures, including 6G, to solve challenging problems such as resource management and behavior prediction. This survey article provides a holistic review of the most recent research focused on edge learning vulnerabilities and defenses for 6G-enabled IoT. We summarize the existing surveys on machine learning for 6G IoT security and machine learning-associated threats in three different learning modes: centralized, federated, and distributed. Then, we provide an overview of enabling emerging technologies for 6G IoT intelligence. Moreover, we provide a holistic survey of existing research on attacks against machine learning and classify threat models into eight categories, including backdoor attacks, adversarial examples, combined attacks, poisoning attacks, Sybil attacks, byzantine attacks, inference attacks, and dropping attacks. In addition, we provide a comprehensive and detailed taxonomy and a side-by-side comparison of the state-of-the-art defense methods against edge learning vulnerabilities. Finally, as new attacks and defense technologies are realized, new research and future overall prospects for 6G-enabled IoT are discussed

Present Status and Challenges in Cloud Monitoring Framework: A Survey

In the context of an increase in cloud computing facilities in recent years, continuous monitoring of the system plays a crucial role in enhancing the quality of cloud services. Development of suitable cloud monitoring tool is determined by the challenges faced in cloud computing environment, for example data storage, and security of on demand services. A cloud monitoring tool can provide a visually appealing, intuitive interface to allow system administrators to view network data and results, and identify problems or bottlenecks. Therefore, this article provides a review of the cloud computing tools, which are used for monitoring performance of cloud infrastructure at consumers and providers end

An explainable ensemble of multi-view deep learning model for fake review detection

Online reviews significantly impact consumers who are purchasing or seeking services via the Internet. Businesses and review platforms need to manage these online reviews to avoid misleading customers through fake ones. This necessitates developing intelligent solutions to detect these fake reviews and prevent their negative impact on businesses and customers. Therefore, many fake review detection models have been proposed to help distinguish fake reviews from genuine ones. However, these techniques depend on a limited perspective of features, mainly review content, to detect fake reviews, leading to poor performance in discovering the new patterns of fake review content and the dynamic behaviour of spammers. Therefore, there is still a need to develop new solutions to detect the new patterns of fake reviews. Hence, this paper proposes an explainable multi-view deep learning model to identify fake reviews based on different feature perspectives and classifiers. The proposed model can extract essential features from different perspectives, including review content, reviewer data, and product description. Moreover, we employ an ensemble approach that combines three popular deep learning algorithms: Bi-LSTM, CNN, and DNN, to enhance the performance of the fake review detection model. The results of two real-life datasets presented demonstrated the efficiency of our proposed model, where it outperformed the state-of-the-art methods with improvements ranging from 1% to 7% in terms of the AUC metric. To provide visibility into the outcomes of our proposed model and demonstrate the trust and transparency in the obtained results, we also offer a comprehensive explanation for our model results using Shapely Additive Explanations (SHAP) method and attention techniques. The experimental results prove that our proposed model can provide reasonable explanations that help users understand why specific reviews are classified as fake