Don't miss our weekly PhD newsletter | Sign up now Don't miss our weekly PhD newsletter | Sign up now

  Detection and prevention of ransomware attacks targeting IIoT (Industrial Internet of Things) devices and networks


   School of Computing and Information Science

  ,  Applications accepted all year round  Self-Funded PhD Students Only

About the Project

Research Group

Cyber Security and Networking Research Group

Proposed supervisory team

Dr Hossein Abroshan

Dr Erika Sanchez-Velazquez

Theme

Cyber security

Summary of the research project

The Industrial Internet of Things (IIoT) comprises diverse devices that connect and communicate over the Internet. It integrates critical infrastructure's Operational Technology (OT) systems with an enterprise's Information Technology (IT), leading to new attack surfaces. Many manufacturing companies are moving towards the smart factory, using AI, and connecting their OT (Operational Technology) networks to cloud platforms, making them more vulnerable to cyber-attacks. Consequently, advanced threats targeting critical operations, such as production devices, have arisen, making IIoT systems attractive targets for ransomware attacks. Over the past years, several OT networks have fallen victim to ransomware attacks, wherein the attackers demanded large sums in cryptocurrency to decrypt compromised data.

While IIoT technology significantly benefits industry growth and value, the potential for unplanned downtime due to ransomware poses substantial financial and reputational risks for businesses, especially manufacturers. Various techniques have been developed to reduce successful ransomware attacks. These include detection methods that rely on specific events as indicators of ransomware behaviour and models that continuously monitor user activities, such as emails, files, and traffic, to detect any potential malicious behaviour. Researchers have leveraged machine and deep learning techniques, such as Random Forest (RF), Long Short-Term Memory (LSTM), Convolutional Neural Networks (CNN), and Bayesian Belief Networks (BBN), to build models capable of uncovering ransomware attacks.

This project will investigate the challenges of IIoT (Industrial Internet of Things) ransomware security issues. It also develops, investigates, and tests examples of ransomware to target PLCs in industrial control system (ICS) networks. It will propose a solution to detect ransomware targeting ICSs using a new AI-powered system (with high accuracy and speed) with sensors in the enterprise network (before the ransomware goes to the OT network). The solution will be tested in a lab environment. It will also be tested on a real network (e.g., a manufacturer's IT network, if possible) in a passive/monitoring mode.

Where you'll study

Cambridge

Funding

This project is self-funded. Details of studentships for which funding is available are selected by a competitive process and are advertised on our jobs website as they become available.

Next steps

If you wish to be considered for this project, you will need to apply for our Computer and Information Science PhD. In the section of the application form entitled 'Outline research proposal', please quote the above title and include a research proposal.

Computer Science (8)

Register your interest for this project


Search Suggestions
Search suggestions

Based on your current searches we recommend the following search filters.