Next Article in Journal
Solid Waste Analysis Using Open-Access Socio-Economic Data
Next Article in Special Issue
A Novel Approach towards Sustainability Assessment in Manufacturing and Stakeholder’s Role
Previous Article in Journal
Coverage of Disabled People in Environmental-Education-Focused Academic Literature
Previous Article in Special Issue
An Approach towards IoT-Based Predictive Service for Early Detection of Diseases in Poultry Chickens
Article

A Weighted Minimum Redundancy Maximum Relevance Technique for Ransomware Early Detection in Industrial IoT

1
Faculty of Computing, SIMAD University, Mogadishu 801, Somalia
2
School of Information Technology, Deakin University, Burwood, Melbourne 3125, Australia
3
School of Computing, Faculty of Engineering, Universiti Teknologi Malaysia (UTM), Johor Bahru 81310, Malaysia
4
College of Computer Science and Engineering, Taibah University, Al-Madinah P.O. Box 344, Saudi Arabia
5
DAAI Research Group, Department of Computing and Data Science, School of Computing and Digital Technology, Birmingham City University, Birmingham B4 7XG, UK
*
Author to whom correspondence should be addressed.
Academic Editors: Mohsin Raza, Ghufran Ahmed, Muhammad Awais and Jawad Ahmad
Sustainability 2022, 14(3), 1231; https://doi.org/10.3390/su14031231
Received: 27 November 2021 / Revised: 14 January 2022 / Accepted: 14 January 2022 / Published: 21 January 2022
(This article belongs to the Special Issue Industrial Internet of Things (IIoTs) and Industry 4.0)
Ransomware attacks against Industrial Internet of Things (IIoT) have catastrophic consequences not only to the targeted infrastructure, but also the services provided to the public. By encrypting the operational data, the ransomware attacks can disrupt the normal operations, which represents a serious problem for industrial systems. Ransomware employs several avoidance techniques, such as packing, obfuscation, noise insertion, irrelevant and redundant system call injection, to deceive the security measures and make both static and dynamic analysis more difficult. In this paper, a Weighted minimum Redundancy maximum Relevance (WmRmR) technique was proposed for better feature significance estimation in the data captured during the early stages of ransomware attacks. The technique combines an enhanced mRMR (EmRmR) with the Term Frequency-Inverse Document Frequency (TF-IDF) so that it can filter out the runtime noisy behavior based on the weights calculated by the TF-IDF. The proposed technique has the capability to assess whether a feature in the relevant set is important or not. It has low-dimensional complexity and a smaller number of evaluations compared to the original mRmR method. The TF-IDF was used to evaluate the weights of the features generated by the EmRmR algorithm. Then, an inclusive entropy-based refinement method was used to decrease the size of the extracted data by identifying the system calls with strong behavioral indication. After extensive experimentation, the proposed technique has shown to be effective for ransomware early detection with low-complexity and few false-positive rates. To evaluate the proposed technique, we compared it with existing behavioral detection methods. View Full-Text
Keywords: crypto-ransomware; Industrial Internet of Things; enhanced maximum Relevance and minimum Redundancy; TF-IDF; supervised approach crypto-ransomware; Industrial Internet of Things; enhanced maximum Relevance and minimum Redundancy; TF-IDF; supervised approach
Show Figures

Figure 1

MDPI and ACS Style

Ahmed, Y.A.; Huda, S.; Al-rimy, B.A.S.; Alharbi, N.; Saeed, F.; Ghaleb, F.A.; Ali, I.M. A Weighted Minimum Redundancy Maximum Relevance Technique for Ransomware Early Detection in Industrial IoT. Sustainability 2022, 14, 1231. https://doi.org/10.3390/su14031231

AMA Style

Ahmed YA, Huda S, Al-rimy BAS, Alharbi N, Saeed F, Ghaleb FA, Ali IM. A Weighted Minimum Redundancy Maximum Relevance Technique for Ransomware Early Detection in Industrial IoT. Sustainability. 2022; 14(3):1231. https://doi.org/10.3390/su14031231

Chicago/Turabian Style

Ahmed, Yahye A., Shamsul Huda, Bander A.S. Al-rimy, Nouf Alharbi, Faisal Saeed, Fuad A. Ghaleb, and Ismail M. Ali. 2022. "A Weighted Minimum Redundancy Maximum Relevance Technique for Ransomware Early Detection in Industrial IoT" Sustainability 14, no. 3: 1231. https://doi.org/10.3390/su14031231

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop