In this paper, we consider how the development of targeted ransomware has affected the dynamics of ransomware negotiations to better understand how to respond to ransomware attacks. We construct a model of ransomware negotiations as an asymmetric non-cooperative two-player game. In particular, our model considers the investments that a malicious actor must make in order to conduct a successful targeted ransomware attack. We demonstrate how imperfect information is a crucial feature for replicating observed real-world behaviour. Furthermore, we present optimal strategies for both the malicious actor and the target, and demonstrate how imperfect information results in a non-trivial optimal strategy for the malicious actor.INDEX TERMS Cybersecurity, game theory, ransomware, threat analysis. I. INTRODUCTIONComputer security is a rapidly developing field, with new threats emerging and evolving constantly. As computer security providers develop their methods for detecting malware (malicious software), the malicious actors behind the various strains of malware are forced to refine their techniques for avoiding detection, prompting further development from the computer security industry. As a result of the interaction between these competing agendas, problems in computer security can give rise to rich dynamical behaviour. By analysing these dynamics, we can provide insights that assist in understanding phenomena observed in computer security. The current paper seeks to provide insight on recent developments in ransomware by using game theory to explore the dynamics they have introduced.Ransomware is a type of malware designed to extort a ransom from the victim [1], [2], usually by denying the victim access to their computer or data until the ransom has been paid. In the past, ransomware relied on extorting a small amount of money from a large number of victims. The ransom itself would be fixed at a price low enough that nearly anyone could pay, but was typically non-negotiable, as negotiating a small ransom with many victims would not be worth the The associate editor coordinating the review of this manuscript and approving it for publication was Wen Chen .
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.