A Game Theoretical Method for Cost-Benefit Analysis of Malware Dissemination Prevention

Spyridopoulos, Theodoros; Maraslis, Konstantinos; Mylonas, Alexios; Tryfonas, Theo; Oikonomou, George

doi:10.1080/19393555.2015.1092186

Cited by 8 publications

(7 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These models are capable of capturing the relationships among nodes within a network, as well as their impact on malware dissemination. They employ game theory to calculate optimal strategies that can limit the impact of malware proliferation and decrease security costs [73].…”

Section: Modeling Virlock With Game Theorymentioning

confidence: 99%

A Comparative Analysis of VirLock and Bacteriophage ϕ6 through the Lens of Game Theory

Kostadimas,

Kastampolidou,

Andronikos

2023

Analytics

View full text Add to dashboard Cite

The novelty of this paper lies in its perspective, which underscores the fruitful correlation between biological and computer viruses. In the realm of computer science, the study of theoretical concepts often intersects with practical applications. Computer viruses have many common traits with their biological counterparts. Studying their correlation may enhance our perspective and, ultimately, augment our ability to successfully protect our computer systems and data against viruses. Game theory may be an appropriate tool for establishing the link between biological and computer viruses. In this work, we establish correlations between a well-known computer virus, VirLock, with an equally well-studied biological virus, the bacteriophage ϕ6. VirLock is a formidable ransomware that encrypts user files and demands a ransom for data restoration. Drawing a parallel with the biological virus bacteriophage ϕ6, we uncover conceptual links like shared attributes and behaviors, as well as useful insights. Following this line of thought, we suggest efficient strategies based on a game theory perspective, which have the potential to address the infections caused by VirLock, and other viruses with analogous behavior. Moreover, we propose mathematical formulations that integrate real-world variables, providing a means to gauge virus severity and design robust defensive strategies and analytics. This interdisciplinary inquiry, fusing game theory, biology, and computer science, advances our understanding of virus behavior, paving the way for the development of effective countermeasures while presenting an alternative viewpoint. Throughout this theoretical exploration, we contribute to the ongoing discourse on computer virus behavior and stimulate new avenues for addressing digital threats. In particular, the formulas and framework developed in this work can facilitate better risk analysis and assessment, and become useful tools in penetration testing analysis, helping companies and organizations enhance their security.

show abstract

Section: Modeling Virlock With Game Theorymentioning

confidence: 99%

A Comparative Analysis of VirLock and Bacteriophage ϕ6 through the Lens of Game Theory

Kostadimas,

Kastampolidou,

Andronikos

2023

Analytics

View full text Add to dashboard Cite

show abstract

“…A large-scale foliaceous epidemic model is used to estimate the best patching strategies, and an adaptive mitigation technique is developed to stop the spread of malware. In order to provide the defense with the optimum approach, the goal of "FLIPIT," a game theoretical model, is to perform a cost-benet analysis of both patching and virus eradication (i.e., anti-virus) [57,58].…”

Section: Preliminariesmentioning

confidence: 99%

“…However, the models that are adaptive mitigation method [17] as a means of slowing the spread of malware, and a broad stratifying pandemic model [15] is utilized in order to select the most eective patching rules to put into eect. [57,64] suggests using a gaming theoretical model called "FLIPIT" to perform a cost-benet analysis of both removing (also known as anti-virus software) and patching in order to provide the defense the best possible plan of action. The aws in virus scanners on a network are studied via the model described here [59].…”

Section: Mathematical Model For the Problemmentioning

confidence: 99%

Quantitative Analysis of Worm Transmission and Insider Risks in Air-Gapped Networking Using a Novel Machine Learning Approach

Sulaiman,

Khan,

Ali

et al. 2023

IEEE Access

View full text Add to dashboard Cite

Researchers and practitioners in the elds of science and engineering encounter signicant challenges when it comes to mitigating the proliferation of computer worms, owing to their rapid spread within computer and communication networks. This study delves into a comprehensive analysis of the mathematical model governing the hazard of worm propagation in such networks. Specically, the mathematical framework employed herein encompasses a system of ordinary dierential equations. In numerous instances, mathematical models have been employedto quantitatively investigate the propagation patterns of worms across computer networks. In this scholarly article, we present an enhanced Susceptible-Exposed-Infected-Quarantined-Vaccinated (SEIQV) model, denoted as Susceptible-Exposed-Infected-Quarantined-Patched (SEIQP), which eectively captures the dissemination dynamics of an insider threat within a network featuring air gaps. To facilitate the study, we leverage the power of feedforward neural networks that are trained using the backpropagated Levenberg-Marquardt optimization algorithm. These neural networks serve as surrogate tools, providing solutions to the SEIQP model. To evaluate the ecacy of our approach, we meticulously assess their performance across three distinct scenarios. Additionally, the stability of the mathematical model is examined by manipulating the probability of an insider threat removing a patch from the host, denoted as η. Our empirical ndings conclusively establish the eectiveness of the proposed approach in addressing the intricate challenges associated with insider threats within network environments.

show abstract

“…In recent years, considerable research has been done on the game theory of ransomware payments. The earliest relevant work on the topic appears to be by Spyridopoulos et al [24], who find a Nash equilibrium balancing potential costs of mitigation with the cost of a successful attack. Their model builds upon epidemiological models of malware spread and considers the benefit of a strategy under this model.…”

Section: Related Workmentioning

confidence: 99%

Winning the Ransomware Lottery: A Game-Theoretic Model for Mitigating Ransomware Attacks

Galinkin

2021

Preprint

View full text Add to dashboard Cite

Ransomware is a growing threat to individuals and enterprises alike, constituting a major factor in cyber insurance and in the security planning of every organization. Although the game theoretic lens often frames the game as a competition between equals -a profit maximizing attacker and a loss minimizing defender -the reality of many situations is that ransomware organizations are not playing a noncooperative game, they are playing a lottery. The wanton behavior of attackers creates a situation where many victims are hit more than once by ransomware operators, sometimes even by the same group. If defenders wish to combat malware, they must then seek to remove the incentives of it. In this work, we construct an expected value model based on data from actual ransomware attacks and identify three variables: the value of payments, the cost of an attack, and the probability of payment. Using this model, we consider the potential to manipulate these variables to reduce the profit motive associated with ransomware attack. Based on the model, we present mitigations to encourage an environment that is hostile to ransomware operators. In particular, we find that off-site backups and government incentives for their adoption are the most fruitful avenue for combating ransomware.

show abstract

A Game Theoretical Method for Cost-Benefit Analysis of Malware Dissemination Prevention

Cited by 8 publications

References 30 publications

A Comparative Analysis of VirLock and Bacteriophage ϕ6 through the Lens of Game Theory

A Comparative Analysis of VirLock and Bacteriophage ϕ6 through the Lens of Game Theory

Quantitative Analysis of Worm Transmission and Insider Risks in Air-Gapped Networking Using a Novel Machine Learning Approach

Winning the Ransomware Lottery: A Game-Theoretic Model for Mitigating Ransomware Attacks

Contact Info

Product

Resources

About