Skip to main content
SpringerLink
Log in

A Game-Theoretical Model of Ransomware

  • Conference paper
  • First Online:
Advances in Human Factors in Cybersecurity (AHFE 2018)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 782))

Included in the following conference series:

Abstract

Ransomware is a recent form of malware that encrypts the files on a target computer until a specific amount (ransom) is paid to the attacker. As a result, in addition to aggressively spreading and disrupting victim’s data and operation, differently from most cyberattacks, ransomware implements a revenue model. Specifically, it creates a hostage-like situation in which the victim is threatened with the risk of data loss and forced into a negotiation.

In this paper, we use game theory to approach this unique aspect of ransomware, and we present a model for analyzing the strategies behind decisions in dealing with human-controlled attacks. Although the game-theoretical model does not contribute to recovering encrypted files, it can be utilized to understand potential prevention measures, and it can be utilized to further investigate similar types of cybercrime.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. O’Gorman, G., McDonald, G.: Ransomware: a growing menace. Symantec Corporation (2012)

    Google Scholar 

  2. Palisse, A., Le Bouder, H., Lanet, J.L., Le Guernic, C., Legay, A.: Ransomware and the legacy crypto API. In: International Conference on Risks and Security of Internet and Systems, pp. 11–28. Springer, Cham, September 2016

    Google Scholar 

  3. Richardson, R., North, M.: Ransomware: evolution, mitigation and prevention. Int. Manag. Rev. 13(1), 10 (2017)

    Google Scholar 

  4. Hammill, A.: The rise and wrath of ransomware and what it means for society (Doctoral dissertation, Utica College) (2017)

    Google Scholar 

  5. Nieuwenhuizen, D.: A behavioural-based approach to ransomware detection. White-paper. MWR Labs Whitepaper (2017)

    Google Scholar 

  6. Tuttle, H.: Ransomware attacks pose growing threat. Risk Manag. 63(4), 4 (2016)

    Google Scholar 

  7. Hampton, N., Baig, Z.A.: Ransomware: Emergence of the cyber-extortion men-ace (2015)

    Google Scholar 

  8. Upadhyaya, R., Jain, A.: Cyber ethics and cyber crime: a deep dwelved study into legality, ransomware, underground web and bitcoin wallet. In 2016 International Conference on Computing, Communication and Automation (ICCCA), pp. 143–148. IEEE, April 2016

    Google Scholar 

  9. Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., Kirda, E.: Cutting the gordian knot: a look under the hood of ransomware attacks. In: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 3–24. Springer, Cham, July 2015

    Chapter  Google Scholar 

  10. Floridi, L.: The unsustainable fragility of the digital, and what to do about it. Philos. Technol. 30(3), 259–261 (2017)

    Article  Google Scholar 

  11. Luo, X., Liao, Q.: Awareness education as the key to ransomware prevention. Inf. Syst. Secur. 16(4), 195–202 (2007)

    Article  Google Scholar 

  12. Formby, D., Durbha, S., Beyah, R.: Out of Control: Ransomware for Industrial Control Systems (2017)

    Google Scholar 

  13. Pathak, D.P., Nanded, Y.M.: A dangerous trend of cybercrime: ransomware growing challenge. Int. J. Adv. Res. Comput. Eng. Technol. (IJARCET) 5 (2016)

    Google Scholar 

  14. Fanning, K.: Minimizing the cost of malware. J. Corp. Account. Financ. 26(3), 7–14 (2015)

    Article  Google Scholar 

  15. “No more ransomware” project. https://www.nomoreransom.org

  16. Hernandez-Castro, J., Cartwright, E., Stepanova, A.: Economic Analysis of Ransomware (2017)

    Google Scholar 

  17. Huang, C.T., Sakib, M.N., Kamhoua, C., Kwiat, K., Njilla, L.: A game theoretic approach for inspecting web-based malvertising. In: 2017 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE, May 2017

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Fort Hays State University, 600 Park Street, Hays, KS, USA

    Nicholas Caporusso, Singhtararaksme Chea & Raied Abukhaled

Authors
  1. Nicholas Caporusso
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Singhtararaksme Chea
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Raied Abukhaled
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nicholas Caporusso .

Editor information

Editors and Affiliations

  1. University of Central Florida, Orlando, Florida, USA

    Tareq Z. Ahram

  2. Soar Technology Inc., Orlando, Florida, USA

    Denise Nicholson

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Caporusso, N., Chea, S., Abukhaled, R. (2019). A Game-Theoretical Model of Ransomware. In: Ahram, T., Nicholson, D. (eds) Advances in Human Factors in Cybersecurity. AHFE 2018. Advances in Intelligent Systems and Computing, vol 782. Springer, Cham. https://doi.org/10.1007/978-3-319-94782-2_7

Download citation

Publish with us

Policies and ethics

Search

Navigation