A Game-Theoretical Model of Ransomware

Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 782)


Ransomware is a recent form of malware that encrypts the files on a target computer until a specific amount (ransom) is paid to the attacker. As a result, in addition to aggressively spreading and disrupting victim’s data and operation, differently from most cyberattacks, ransomware implements a revenue model. Specifically, it creates a hostage-like situation in which the victim is threatened with the risk of data loss and forced into a negotiation.

In this paper, we use game theory to approach this unique aspect of ransomware, and we present a model for analyzing the strategies behind decisions in dealing with human-controlled attacks. Although the game-theoretical model does not contribute to recovering encrypted files, it can be utilized to understand potential prevention measures, and it can be utilized to further investigate similar types of cybercrime.


Game theory Cybersecurity Ransomware 


  1. 1.
    O’Gorman, G., McDonald, G.: Ransomware: a growing menace. Symantec Corporation (2012)Google Scholar
  2. 2.
    Palisse, A., Le Bouder, H., Lanet, J.L., Le Guernic, C., Legay, A.: Ransomware and the legacy crypto API. In: International Conference on Risks and Security of Internet and Systems, pp. 11–28. Springer, Cham, September 2016Google Scholar
  3. 3.
    Richardson, R., North, M.: Ransomware: evolution, mitigation and prevention. Int. Manag. Rev. 13(1), 10 (2017)Google Scholar
  4. 4.
    Hammill, A.: The rise and wrath of ransomware and what it means for society (Doctoral dissertation, Utica College) (2017)Google Scholar
  5. 5.
    Nieuwenhuizen, D.: A behavioural-based approach to ransomware detection. White-paper. MWR Labs Whitepaper (2017)Google Scholar
  6. 6.
    Tuttle, H.: Ransomware attacks pose growing threat. Risk Manag. 63(4), 4 (2016)Google Scholar
  7. 7.
    Hampton, N., Baig, Z.A.: Ransomware: Emergence of the cyber-extortion men-ace (2015)Google Scholar
  8. 8.
    Upadhyaya, R., Jain, A.: Cyber ethics and cyber crime: a deep dwelved study into legality, ransomware, underground web and bitcoin wallet. In 2016 International Conference on Computing, Communication and Automation (ICCCA), pp. 143–148. IEEE, April 2016Google Scholar
  9. 9.
    Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., Kirda, E.: Cutting the gordian knot: a look under the hood of ransomware attacks. In: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 3–24. Springer, Cham, July 2015CrossRefGoogle Scholar
  10. 10.
    Floridi, L.: The unsustainable fragility of the digital, and what to do about it. Philos. Technol. 30(3), 259–261 (2017)CrossRefGoogle Scholar
  11. 11.
    Luo, X., Liao, Q.: Awareness education as the key to ransomware prevention. Inf. Syst. Secur. 16(4), 195–202 (2007)CrossRefGoogle Scholar
  12. 12.
    Formby, D., Durbha, S., Beyah, R.: Out of Control: Ransomware for Industrial Control Systems (2017)Google Scholar
  13. 13.
    Pathak, D.P., Nanded, Y.M.: A dangerous trend of cybercrime: ransomware growing challenge. Int. J. Adv. Res. Comput. Eng. Technol. (IJARCET) 5 (2016)Google Scholar
  14. 14.
    Fanning, K.: Minimizing the cost of malware. J. Corp. Account. Financ. 26(3), 7–14 (2015)CrossRefGoogle Scholar
  15. 15.
    “No more ransomware” project.
  16. 16.
    Hernandez-Castro, J., Cartwright, E., Stepanova, A.: Economic Analysis of Ransomware (2017)Google Scholar
  17. 17.
    Huang, C.T., Sakib, M.N., Kamhoua, C., Kwiat, K., Njilla, L.: A game theoretic approach for inspecting web-based malvertising. In: 2017 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE, May 2017Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Fort Hays State UniversityHaysUSA

Personalised recommendations