Ransomware Threats in Industrial Internet of Things Networks: A Detection Approach

Abstract

The Industrial Internet of Things (IIoT) is a challenging environment for ransomware threats, and it requires robust detection mechanisms to protect critical infrastructures. This study explores the complex landscape of ransomware attacks in IIoT and suggests proactive detection strategies. To develop an advanced detection model, this research uses the CATBoost algorithm that can handle categorical features by leveraging a comprehensive dataset that captures various attributes of ransomware incidents. The study also enhances the interpretability of the model by incorporating SHAP (SHapley Additive exPlanations) which explains how individual features affect ransomware identification in IIoT environments. Empirical evaluation demonstrates that the model can accurately classify ransomware instances with high precision and recall rates. Moreover, SHAP explanation reveals important features that influence the decisions made by the model thereby improving its interpretability and trustworthiness. The experimental results indicate that customized detection approaches are important and highlight the effectiveness of CATBoost algorithm in strengthening IIoT systems against ransomware attacks.