Combating Ransomware in Internet of Things: A Games-in-Games Approach for Cross-Layer Cyber Defense and Security Investment

Zhao, Yuhan; Ge, Yunfei; Zhu, Quanyan

doi:10.1007/978-3-030-90370-1_12

Cited by 7 publications

(6 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This spurred development of more realistic, highinteraction honeypots mimicking valuable documents or databases [53]. These decoys engage threats in more prolonged interactions to delay encryption and enable incident response [54]. Experiments have shown such decoys can detect threats early in attack chains before significant damage occurs [55,56].…”

Section: Current Decoy File Techniquesmentioning

confidence: 99%

Mitigating Data Exfiltration Ransomware through Advanced Decoy File Strategies

Liu,

Chen

2023

Preprint

View full text Add to dashboard Cite

This study introduces an advanced decoy file strategy utilizing Generative Adversarial Networks (GANs) to combat data exfiltration ransomware threats. Focused on creating highly realistic decoy documents, the system embeds these across enterprise networks, engaging ransomware threats effectively. It includes real-time monitoring for abnormal interactions and proactive response mechanisms for threat containment. Rigorous testing against various ransomware samples demonstrated high engagement rates and rapid response times, confirming the system's effectiveness. Integration across diverse network types was achieved with minimal operational overhead. This study highlights the system's adaptability in the face of evolving ransomware tactics and underscores the balance between decoy realism and deployability.

show abstract

Section: Current Decoy File Techniquesmentioning

confidence: 99%

Mitigating Data Exfiltration Ransomware through Advanced Decoy File Strategies

Liu,

Chen

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…We remark that our paper adds to a growing literature using game theory to analyse the ransomware decision process [4,5,9,13]. Prior game-theoretical studies have focused on the interaction of ransomware and victim's decision to invest in security measures like backups or insurance [2,32,36,38]. For instance, Laszka, Farhang and Grossklags [17] focused on modeling the ransomware ecosystem as a whole and how backup decisions affect the ransomware ecosystem.…”

Section: Introductionmentioning

confidence: 97%

“…The last decade has seen a rapid rise in crypto-ransomware attacks impacting individuals, businesses, charities and public organisations [7,8,11,26,27,31]. Crypto-ransomware, or ransomware for short, is broadly defined as the use of crypto-techniques to encrypt the files of a victim, after which the attackers ask for a ransom to decrypt the files [23,38]. Ransomware has proved highly profitable for criminal gangs, primarily because many victims pay the ransom in order to receive the decryption keys [25,29].…”

Section: Introductionmentioning

confidence: 99%

Double-sided Information Asymmetry in Double Extortion Ransomware

Meurs,

Cartwright,

Cartwright

2024

Preprint

View full text Add to dashboard Cite

Double extortion ransomware attacks are a form of cyber attack where the victims files are both encrypted and exfiltrated for extortion purposes. There is empirical evidence that double extortion leads to an increased willingness to pay a ransom, and higher ransoms, compared to encryption-only attacks. In this paper we model two important sources of assymetric information between victim and attacker: (a) Victims are typically uncertain whether data is exfiltrated, due to for example misconfigured monitoring systems. (b) It is hard for attackers to estimate the value of compromised files. We use game theory to analyse the payoff consequences of such private information. Specifically, we analyse a signaling game with double-sided information asymmetry: (1) attackers know whether data is exfiltrated and victims do not, and (2) victims know the value of data if it is exfiltrated, but the attackers do not. Our analysis indicates that private information substantially lowers the payoff of attackers. In interpretation, this suggests that private information is valuable to victims and a means to reduce incentives for criminals to pursue ransomware.

show abstract

“…In 2023, it was estimated that 91% of ransomware attacks involved some form of data exfiltration, highlighting a significant shift in attacker tactics [12,13,3]. This change represents a move from merely causing data inaccessibility to directly leveraging data breaches as a tool for extortion [14,11,15,16], reflecting an evolution in ransomware strategy that increasingly prioritizes data leverage over mere data denial [17,18].…”

Section: Introductionmentioning

confidence: 99%

Applying ChatGPT-Powered Game Theory in Ransomware Negotiations

Zhu,

Li,

Zhang

2023

Preprint

View full text Add to dashboard Cite

This study looks into the application of game theory and ChatGPT in the context of ransomware negotiations, providing a novel perspective on cyber threat management. Through a detailed examination of case studies, this research uncovers the intricate dynamics that govern the decision-making process in ransomware scenarios. Key findings highlight the significant role of ransomware group reputations and the strategic input provided by ChatGPT. The integration of game theory offers a structured analytical approach to predict attacker behavior and devise effective defense strategies. The study proposes the use of AI-driven tools to enhance negotiation outcomes and suggests the establishment of a database for tracking ransomware group behaviors. The exploration of these elements presents a comprehensive framework for understanding and addressing the challenges posed by ransomware, marking a significant step forward in cybersecurity strategy and preparedness.

show abstract

Combating Ransomware in Internet of Things: A Games-in-Games Approach for Cross-Layer Cyber Defense and Security Investment

Cited by 7 publications

References 17 publications

Mitigating Data Exfiltration Ransomware through Advanced Decoy File Strategies

Mitigating Data Exfiltration Ransomware through Advanced Decoy File Strategies

Double-sided Information Asymmetry in Double Extortion Ransomware

Applying ChatGPT-Powered Game Theory in Ransomware Negotiations

Contact Info

Product

Resources

About