威慑,备份,还是保险:勒索软件的博弈论建模

IF 0.6 Q4 ECONOMICS
Games Pub Date : 2023-02-23 DOI:10.3390/g14020020
Tongxin Yin, Armin Sarabi, Mingyan Liu
{"title":"威慑,备份,还是保险:勒索软件的博弈论建模","authors":"Tongxin Yin, Armin Sarabi, Mingyan Liu","doi":"10.3390/g14020020","DOIUrl":null,"url":null,"abstract":"In this paper, we present a game-theoretic analysis of ransomware. To this end, we provide theoretical and empirical analysis of a two-player Attacker-Defender (A-D) game, as well as a Defender-Insurer (D-I) game; in the latter, the attacker is assumed to be a non-strategic third party. Our model assumes that the defender can invest in two types of protection against ransomware attacks: (1) general protection through a deterrence effort, making attacks less likely to succeed, and (2) a backup effort serving the purpose of recourse, allowing the defender to recover from successful attacks. The attacker then decides on a ransom amount in the event of a successful attack, with the defender choosing to pay ransom immediately, or to try to recover their data first while bearing a recovery cost for this recovery attempt. Note that recovery is not guaranteed to be successful, which may eventually lead to the defender paying the demanded ransom. Our analysis of the A-D game shows that the equilibrium falls into one of three scenarios: (1) the defender will pay the ransom immediately without having invested any effort in backup, (2) the defender will pay the ransom while leveraging backups as a credible threat to force a lower ransom demand, and (3) the defender will try to recover data, only paying the ransom when recovery fails. We observe that the backup effort will be entirely abandoned when recovery is too expensive, leading to the (worst-case) first scenario which rules out recovery. Furthermore, our analysis of the D-I game suggests that the introduction of insurance leads to moral hazard as expected, with the defender reducing their efforts; less obvious is the interesting observation that this reduction is mostly in their backup effort.","PeriodicalId":35065,"journal":{"name":"Games","volume":"14 1","pages":"20"},"PeriodicalIF":0.6000,"publicationDate":"2023-02-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Deterrence, Backup, or Insurance: Game-Theoretic Modeling of Ransomware\",\"authors\":\"Tongxin Yin, Armin Sarabi, Mingyan Liu\",\"doi\":\"10.3390/g14020020\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we present a game-theoretic analysis of ransomware. To this end, we provide theoretical and empirical analysis of a two-player Attacker-Defender (A-D) game, as well as a Defender-Insurer (D-I) game; in the latter, the attacker is assumed to be a non-strategic third party. Our model assumes that the defender can invest in two types of protection against ransomware attacks: (1) general protection through a deterrence effort, making attacks less likely to succeed, and (2) a backup effort serving the purpose of recourse, allowing the defender to recover from successful attacks. The attacker then decides on a ransom amount in the event of a successful attack, with the defender choosing to pay ransom immediately, or to try to recover their data first while bearing a recovery cost for this recovery attempt. Note that recovery is not guaranteed to be successful, which may eventually lead to the defender paying the demanded ransom. Our analysis of the A-D game shows that the equilibrium falls into one of three scenarios: (1) the defender will pay the ransom immediately without having invested any effort in backup, (2) the defender will pay the ransom while leveraging backups as a credible threat to force a lower ransom demand, and (3) the defender will try to recover data, only paying the ransom when recovery fails. We observe that the backup effort will be entirely abandoned when recovery is too expensive, leading to the (worst-case) first scenario which rules out recovery. Furthermore, our analysis of the D-I game suggests that the introduction of insurance leads to moral hazard as expected, with the defender reducing their efforts; less obvious is the interesting observation that this reduction is mostly in their backup effort.\",\"PeriodicalId\":35065,\"journal\":{\"name\":\"Games\",\"volume\":\"14 1\",\"pages\":\"20\"},\"PeriodicalIF\":0.6000,\"publicationDate\":\"2023-02-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Games\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.3390/g14020020\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"ECONOMICS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Games","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3390/g14020020","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"ECONOMICS","Score":null,"Total":0}
引用次数: 0

摘要

本文对勒索软件进行了博弈论分析。为此,我们对两人攻击-防御(a-D)游戏和防御-保险(D-I)游戏进行了理论和实证分析;在后者中,攻击者被假定为非战略第三方。我们的模型假设防御者可以投资两种类型的保护措施来抵御勒索软件攻击:(1)通过威慑措施进行一般保护,降低攻击成功的可能性;(2)以追索为目的的备份措施,使防御者能够从成功的攻击中恢复。然后,攻击者决定在成功攻击的情况下的赎金金额,防御者选择立即支付赎金,或者尝试首先恢复他们的数据,同时承担恢复尝试的恢复成本。请注意,追回并不能保证成功,这可能最终导致辩护人支付所要求的赎金。我们对A-D游戏的分析表明,平衡分为三种情况之一:(1)防御者将立即支付赎金,而无需在备份方面投入任何精力;(2)防御者在支付赎金的同时,将备份作为可信的威胁,以迫使赎金需求降低;(3)防御者会试图恢复数据,只有在恢复失败时才支付赎金。我们观察到,当恢复成本过高时,备份工作将被完全放弃,从而导致(最坏的)第一种情况,即排除恢复。此外,我们对D-I游戏的分析表明,保险的引入正如预期的那样会导致道德风险,辩护人会减少他们的努力;不太明显的是有趣的观察,这种减少主要是在他们的备份工作中。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Deterrence, Backup, or Insurance: Game-Theoretic Modeling of Ransomware
In this paper, we present a game-theoretic analysis of ransomware. To this end, we provide theoretical and empirical analysis of a two-player Attacker-Defender (A-D) game, as well as a Defender-Insurer (D-I) game; in the latter, the attacker is assumed to be a non-strategic third party. Our model assumes that the defender can invest in two types of protection against ransomware attacks: (1) general protection through a deterrence effort, making attacks less likely to succeed, and (2) a backup effort serving the purpose of recourse, allowing the defender to recover from successful attacks. The attacker then decides on a ransom amount in the event of a successful attack, with the defender choosing to pay ransom immediately, or to try to recover their data first while bearing a recovery cost for this recovery attempt. Note that recovery is not guaranteed to be successful, which may eventually lead to the defender paying the demanded ransom. Our analysis of the A-D game shows that the equilibrium falls into one of three scenarios: (1) the defender will pay the ransom immediately without having invested any effort in backup, (2) the defender will pay the ransom while leveraging backups as a credible threat to force a lower ransom demand, and (3) the defender will try to recover data, only paying the ransom when recovery fails. We observe that the backup effort will be entirely abandoned when recovery is too expensive, leading to the (worst-case) first scenario which rules out recovery. Furthermore, our analysis of the D-I game suggests that the introduction of insurance leads to moral hazard as expected, with the defender reducing their efforts; less obvious is the interesting observation that this reduction is mostly in their backup effort.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Games
Games Decision Sciences-Statistics, Probability and Uncertainty
CiteScore
1.60
自引率
11.10%
发文量
65
审稿时长
11 weeks
期刊介绍: Games (ISSN 2073-4336) is an international, peer-reviewed, quick-refereeing open access journal (free for readers), which provides an advanced forum for studies related to strategic interaction, game theory and its applications, and decision making. The aim is to provide an interdisciplinary forum for all behavioral sciences and related fields, including economics, psychology, political science, mathematics, computer science, and biology (including animal behavior). To guarantee a rapid refereeing and editorial process, Games follows standard publication practices in the natural sciences.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信