摘要翻译：
近年来，勒索软件已成为全球最受关注的网络风险之一，给全球造成了数百万美元的经济损失。它通常要求在有限的时间内支付一定数量的赎金来解密加密的受害者的文件。本文从贝叶斯博弈的角度出发，在一个新的博弈模型中探讨了勒索软件是否应该支付的问题。特别地，新模型在不完全信息的框架下分析了黑客和受害者的赎金支付策略。我们的结果表明，在一些温和的条件下，对于黑客和受害者，存在纯贝叶斯纳什均衡和随机贝叶斯纳什均衡。给出了当组织受到勒索软件攻击时，支付赎金的充分条件。我们进一步研究了破解或恢复的成本和概率如何影响均衡中黑客和受害者的预期收益。特别是，发现计算机文件备份选项并不总是有益的，这实际上取决于相关费用。此外，发现假勒索软件可能比预期的更多，因为潜在的高回报。文中还给出了数值算例加以说明。
---
英文标题：
《Should the Ransomware be Paid?》
---
作者：
Rui Fang, Maochao Xu, and Peng Zhao
---
最新提交年份：
2020
---
分类信息：

一级分类：Economics        经济学
二级分类：General Economics        一般经济学
分类描述：General methodological, applied, and empirical contributions to economics.
对经济学的一般方法、应用和经验贡献。
--
一级分类：Mathematics        数学
二级分类：Probability        概率
分类描述：Theory and applications of probability and stochastic processes: e.g. central limit theorems, large deviations, stochastic differential equations, models from statistical mechanics, queuing theory
概率论与随机过程的理论与应用：例如中心极限定理，大偏差，随机微分方程，统计力学模型，排队论
--
一级分类：Quantitative Finance        数量金融学
二级分类：Economics        经济学
分类描述：q-fin.EC is an alias for econ.GN. Economics, including micro and macro economics, international economics, theory of the firm, labor economics, and other economic topics outside finance
q-fin.ec是econ.gn的别名。经济学，包括微观和宏观经济学、国际经济学、企业理论、劳动经济学和其他金融以外的经济专题
--

---
英文摘要：
  Ransomware has emerged as one of the most concerned cyber risks in recent years, which has caused millions of dollars monetary loss over the world. It typically demands a certain amount of ransom payment within a limited timeframe to decrypt the encrypted victim's files. This paper explores whether the ransomware should be paid in a novel game-theoretic model from the perspective of Bayesian game. In particular, the new model analyzes the ransom payment strategies within the framework of incomplete information for both hacker and victim. Our results show that there exist pure and randomized Bayesian Nash equilibria under some mild conditions for the hacker and victim. The sufficient conditions that when the ransom should be paid are presented when an organization is compromised by the ransomware attack. We further study how the costs and probabilities of cracking or recovering affect the expected payoffs of the hacker and the victim in the equilibria. In particular, it is found that the backup option for computer files is not always beneficial, which actually depends on the related cost. Moreover, it is discovered that fake ransomware may be more than expected because of the potential high payoffs. Numerical examples are also presented for illustration.
---
PDF链接：
https://arxiv.org/pdf/2010.06700