Pay or Not Pay? A Game-Theoretical Analysis of Ransomware Interactions Considering a Defender’s Deception Architecture
Author
Abstract

Malware created by the Advanced Persistent Threat (APT) groups do not typically carry out the attacks in a single stage. The “Cyber Kill Chain” framework developed by Lockheed Martin describes an APT through a seven stage life cycle [5] . APT groups are generally nation state actors [1] . They perform highly targeted attacks and do not stop until the goal is achieved [7] . Researchers are always working toward developing a system and a process to create an environment safe from APT type attacks [2] . In this paper, the threat considered is ransomware which are developed by APT groups. WannaCry is an example of a highly sophisticated ransomware created by the Lazurus group of North Korea and its level of sophistication is evident from the existence of a contingency plan of attack upon being discovered [3] [6] . The major contribution of this research is the analysis of APT type ransomware using game theory to present optimal strategies for the defender through the development of equilibrium solutions when faced with APT type ransomware attack. The goal of the equilibrium solutions is to help the defender in preparedness before the attack and in minimization of losses during and after the attack.

Year of Publication
2022
Conference Name
2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume (DSN-S)
Google Scholar | BibTeX