Industrial internet of things based ransomware detection using stacked variational neural network

Muna AL-Hawawreh, Elena Sitnikova

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

14 Citations (Scopus)

Abstract

To protect the Industrial Internet of Things (IIoT) systems against ransomware attacks, their host machines systems activities need to be efficiently monitored by an efficient detection model that is able to accurately detect ransomware behavior and trigger an alarm before its impact extends to the critical control systems. However, the detection models for these hosts' machines encounter significant challenges in dealing with a high dimension data, few numbers of trained observations, and the dynamic behavior of ransomware. Therefore, there is a need for an efficient detection model that can address these challenges. In this paper, we propose a detection model based on the stacked Variational Auto-Encoder (VAE) with a fully connected neural network that is able to learn the latent structure of system activities and reveal the ransomware behavior. Further, we also come up with a data augmentation method based on VAE for generating new data that can be used in training a fully connected network in order to improve the generalized capabilities of the proposed detection model. The results showed that our proposed model achieved considerable performance in detecting ransomware activities.

Original languageEnglish
Title of host publicationBDIOT 2019 - 3rd International Conference on Big Data and Internet of Things
PublisherAssociation for Computing Machinery
Pages126-130
Number of pages5
ISBN (Electronic)9781450372466
DOIs
Publication statusPublished - 22 Aug 2019
Externally publishedYes
Event3rd International Conference on Big Data and Internet of Things, BDIOT 2019 - Melbourne, Australia
Duration: 22 Aug 201924 Aug 2019

Publication series

NameACM International Conference Proceeding Series

Conference

Conference3rd International Conference on Big Data and Internet of Things, BDIOT 2019
Country/TerritoryAustralia
CityMelbourne
Period22/08/1924/08/19

Keywords

  • API
  • Deep learning
  • Detection
  • IIoT
  • LAN
  • Ransomware
  • Windows

Fingerprint

Dive into the research topics of 'Industrial internet of things based ransomware detection using stacked variational neural network'. Together they form a unique fingerprint.

Cite this