
Seja a primeira pessoa a gostar disto
O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a navegar o site, você aceita o uso de cookies. Leia nosso Contrato do Usuário e nossa Política de Privacidade.
O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a utilizar o site, você aceita o uso de cookies. Leia nossa Política de Privacidade e nosso Contrato do Usuário para obter mais detalhes.
Publicada em
Slides from Tony MartinVegue's presentation at NBTcon, San Francisco: December 03, 2016.
"Ransomware & Game Theory: To Pay, or Not to Pay?"
Abstract:
What do the San Francisco Giants, Cryptolocker and nuclear war all have in common? They all involve conflicts in which incentives, payouts and winning strategies can be analyzed with game theory. Game theory is a branch of mathematics that models conflict and cooperation between parties and is used in many realworld decision making scenarios, inside and outside the Information Security field. Game theory is particularly useful in analyzing the extortionist / victim dynamic present in ransomware infection scenarios.
Ransomware comes in many varieties and works in different ways, but the basic setting is the same: cybercriminals infect a computer with malicious software that blocks access to the system or important files until the ransom is paid.
The conventional wisdom in information security regarding ransomware is to never pay. But, why? The answer is a little more nuanced than “never pay” or “always pay.” The decision is a complex scenario of incentives and payoffs. Who stands to gain when ransomware is paid? Who gains when it is not paid?
This talk will use the familiar topic of ransomware to introduce participants to game theory concepts like rational decisionmaking, zerosum games, incentives, utility and Nash Equilibrium – all important tools that can help solve security problems. By analyzing ransomware decisionmaking with a game theory mindset, participants will learn a new set of skills and a new way of incentivedriven thinking.
Seja a primeira pessoa a gostar disto
Parece que você já adicionou este slide ao painel
Seja o primeiro a comentar