Abstract
Ransomware is a recent form of malware that encrypts the files on a target computer until a specific amount (ransom) is paid to the attacker. As a result, in addition to aggressively spreading and disrupting victim’s data and operation, differently from most cyberattacks, ransomware implements a revenue model. Specifically, it creates a hostage-like situation in which the victim is threatened with the risk of data loss and forced into a negotiation.
In this paper, we use game theory to approach this unique aspect of ransomware, and we present a model for analyzing the strategies behind decisions in dealing with human-controlled attacks. Although the game-theoretical model does not contribute to recovering encrypted files, it can be utilized to understand potential prevention measures, and it can be utilized to further investigate similar types of cybercrime.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
O’Gorman, G., McDonald, G.: Ransomware: a growing menace. Symantec Corporation (2012)
Palisse, A., Le Bouder, H., Lanet, J.L., Le Guernic, C., Legay, A.: Ransomware and the legacy crypto API. In: International Conference on Risks and Security of Internet and Systems, pp. 11–28. Springer, Cham, September 2016
Richardson, R., North, M.: Ransomware: evolution, mitigation and prevention. Int. Manag. Rev. 13(1), 10 (2017)
Hammill, A.: The rise and wrath of ransomware and what it means for society (Doctoral dissertation, Utica College) (2017)
Nieuwenhuizen, D.: A behavioural-based approach to ransomware detection. White-paper. MWR Labs Whitepaper (2017)
Tuttle, H.: Ransomware attacks pose growing threat. Risk Manag. 63(4), 4 (2016)
Hampton, N., Baig, Z.A.: Ransomware: Emergence of the cyber-extortion men-ace (2015)
Upadhyaya, R., Jain, A.: Cyber ethics and cyber crime: a deep dwelved study into legality, ransomware, underground web and bitcoin wallet. In 2016 International Conference on Computing, Communication and Automation (ICCCA), pp. 143–148. IEEE, April 2016
Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., Kirda, E.: Cutting the gordian knot: a look under the hood of ransomware attacks. In: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 3–24. Springer, Cham, July 2015
Floridi, L.: The unsustainable fragility of the digital, and what to do about it. Philos. Technol. 30(3), 259–261 (2017)
Luo, X., Liao, Q.: Awareness education as the key to ransomware prevention. Inf. Syst. Secur. 16(4), 195–202 (2007)
Formby, D., Durbha, S., Beyah, R.: Out of Control: Ransomware for Industrial Control Systems (2017)
Pathak, D.P., Nanded, Y.M.: A dangerous trend of cybercrime: ransomware growing challenge. Int. J. Adv. Res. Comput. Eng. Technol. (IJARCET) 5 (2016)
Fanning, K.: Minimizing the cost of malware. J. Corp. Account. Financ. 26(3), 7–14 (2015)
“No more ransomware” project. https://www.nomoreransom.org
Hernandez-Castro, J., Cartwright, E., Stepanova, A.: Economic Analysis of Ransomware (2017)
Huang, C.T., Sakib, M.N., Kamhoua, C., Kwiat, K., Njilla, L.: A game theoretic approach for inspecting web-based malvertising. In: 2017 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE, May 2017
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Caporusso, N., Chea, S., Abukhaled, R. (2019). A Game-Theoretical Model of Ransomware. In: Ahram, T., Nicholson, D. (eds) Advances in Human Factors in Cybersecurity. AHFE 2018. Advances in Intelligent Systems and Computing, vol 782. Springer, Cham. https://doi.org/10.1007/978-3-319-94782-2_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-94782-2_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-94781-5
Online ISBN: 978-3-319-94782-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)