Enhanced Dooley Graphs for Modeling, Analyzing, and Attributing Ransomware Attack

Applying computation to cyber challenges requires a way to represent the attack so that a computer can reason about it. Ransomware attacks differ from many other cyber-attacks in the interaction between perpetrator and victim. It requires the victim to know that he is under attack, interact deliberately with the attacker, and collaborate to determine the outcome of the attack. An appropriate representation for modeling, analyzing, and attributing such attacks must be able to capture the social structure of the interaction. Enhanced Dooley Graphs offer a solution to this challenge. Dooley Graphs were originally proposed by a field linguist for use in analyzing languages at the discourse level. In 1996, we adapted these graphs for modeling and analyzing patterns of interaction in manufacturing supply networks, and they have been widely adopted in the e-commerce research community. This poster proposes this formalism as a base representation for capturing and reasoning about ransomware attacks.

H. Van Dyke Parunak, President and Chief Scientist of ABC Research, LLC, is internationally known for his innovative research in multi-agent systems, and particularly swarm intelligence, at the intersection of linguistics, biology, and physics, and for applications of these techniques in intelligence, defense, and manufacturing. His full bio and bibliography are available at http://www.abcresearch.org