A Mechanism Design Approach to Solve Ransomware Dilemmas

Document Type

Conference Proceeding

Publication Date



Recently ransomware attacks have caused tremendous costs for businesses and society. Although cybersecurity researchers have developed best practices to protect computer systems from hackers, it is not expected that ransomware attacks will be prohibited in a near future mainly due to their complexity and profitability. Despite the wide research studies for developing the proactive approaches to protect the systems from ransomware attacks, facilitating the negotiation between attacker and victim after a successful attack has not been well investigated yet. As the attacker does not know the victim’s true valuation for the data and the victim does not know the minimum ransom value that can satisfy the attacker, bargaining for ransom value can be time-consuming causing extra interruption cost for the victim. On the other hand, as there is no guarantee that the attacker will in turn release the decryption key after the payment of ransom, many victims are reluctant to pay the ransom and they accept the cost of data loss. Therefore, it is important to facilitate the negotiation between the attacker and victim to accelerate the release of data. To this end, first, we propose a mechanism to assist the negotiation for ransom value without a Trusted Third Party (TTP). We study the fair ransom value and investigate the development of a double-sided-blind auction mechanism to achieve the incentive-compatibility. In the second part, we propose a mechanism enforcing the victim and attacker to make the payment and release of decryption key without a TTP. To achieve this goal, we create a dynamic game and set incentives such that the subgame perfect equilibrium matches our design goal. We utilize smart-contract for the implementation of our proposed mechanisms to alleviate the TTP requirement.

Publication Title

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)


13061 LNCS

First Page


Last Page


Digital Object Identifier (DOI)