Dynamics of Targeted Ransomware Negotiation

Pierce Ryan; John Fokker; Sorcha Healy; Andreas Amann

doi:10.1109/ACCESS.2022.3160748

Dynamics of Targeted Ransomware Negotiation

Pierce Ryan
, John Fokker
, Sorcha Healy
, Andreas Amann

School of Mathematical Sciences

Research output: Contribution to journal › Article › peer-review

Abstract

In this paper, we consider how the development of targeted ransomware has affected the dynamics of ransomware negotiations to better understand how to respond to ransomware attacks. We construct a model of ransomware negotiations as an asymmetric non-cooperative two-player game. In particular, our model considers the investments that a malicious actor must make in order to conduct a successful targeted ransomware attack. We demonstrate how imperfect information is a crucial feature for replicating observed real-world behaviour. Furthermore, we present optimal strategies for both the malicious actor and the target, and demonstrate how imperfect information results in a non-trivial optimal strategy for the malicious actor.

Original language	English
Pages (from-to)	32836-32844
Number of pages	9
Journal	IEEE Access
Volume	10
DOIs	https://doi.org/10.1109/ACCESS.2022.3160748
Publication status	Published - 2022

Keywords

Cybersecurity
game theory
ransomware
threat analysis

Access to Document

10.1109/ACCESS.2022.3160748

Cite this

@article{18e8bb0aaf6b49f0a535e49bd354acd9,

title = "Dynamics of Targeted Ransomware Negotiation",

abstract = "In this paper, we consider how the development of targeted ransomware has affected the dynamics of ransomware negotiations to better understand how to respond to ransomware attacks. We construct a model of ransomware negotiations as an asymmetric non-cooperative two-player game. In particular, our model considers the investments that a malicious actor must make in order to conduct a successful targeted ransomware attack. We demonstrate how imperfect information is a crucial feature for replicating observed real-world behaviour. Furthermore, we present optimal strategies for both the malicious actor and the target, and demonstrate how imperfect information results in a non-trivial optimal strategy for the malicious actor.",

keywords = "Cybersecurity, game theory, ransomware, threat analysis",

author = "Pierce Ryan and John Fokker and Sorcha Healy and Andreas Amann",

note = "Publisher Copyright: {\textcopyright} 2013 IEEE.",

year = "2022",

doi = "10.1109/ACCESS.2022.3160748",

language = "English",

volume = "10",

pages = "32836--32844",

journal = "IEEE Access",

issn = "2169-3536",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - JOUR

T1 - Dynamics of Targeted Ransomware Negotiation

AU - Ryan, Pierce

AU - Fokker, John

AU - Healy, Sorcha

AU - Amann, Andreas

PY - 2022

Y1 - 2022

N2 - In this paper, we consider how the development of targeted ransomware has affected the dynamics of ransomware negotiations to better understand how to respond to ransomware attacks. We construct a model of ransomware negotiations as an asymmetric non-cooperative two-player game. In particular, our model considers the investments that a malicious actor must make in order to conduct a successful targeted ransomware attack. We demonstrate how imperfect information is a crucial feature for replicating observed real-world behaviour. Furthermore, we present optimal strategies for both the malicious actor and the target, and demonstrate how imperfect information results in a non-trivial optimal strategy for the malicious actor.

AB - In this paper, we consider how the development of targeted ransomware has affected the dynamics of ransomware negotiations to better understand how to respond to ransomware attacks. We construct a model of ransomware negotiations as an asymmetric non-cooperative two-player game. In particular, our model considers the investments that a malicious actor must make in order to conduct a successful targeted ransomware attack. We demonstrate how imperfect information is a crucial feature for replicating observed real-world behaviour. Furthermore, we present optimal strategies for both the malicious actor and the target, and demonstrate how imperfect information results in a non-trivial optimal strategy for the malicious actor.

KW - Cybersecurity

KW - game theory

KW - ransomware

KW - threat analysis

UR - https://www.scopus.com/pages/publications/85127021643

U2 - 10.1109/ACCESS.2022.3160748

DO - 10.1109/ACCESS.2022.3160748

M3 - Article

AN - SCOPUS:85127021643

SN - 2169-3536

VL - 10

SP - 32836

EP - 32844

JO - IEEE Access

JF - IEEE Access

ER -

Dynamics of Targeted Ransomware Negotiation

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this