A Novel Approach for Attack Tree to Attack Graph Transformation: Extended Version

TL;DR

This paper introduces a new method to convert attack trees into attack graphs, enhancing the flexibility and integration of cybersecurity threat models by leveraging their structural similarities.

Contribution

It presents the first approach for transforming attack trees into attack graphs, expanding the interoperability between these two threat modeling techniques.

Findings

Enables bidirectional transformation between attack trees and attack graphs

Improves versatility of threat modeling tools

Facilitates better cybersecurity analysis

Abstract

Attack trees and attack graphs are both common graphical threat models used by organizations to better understand possible cybersecurity threats. These models have been primarily seen as separate entities, to be used and researched in entirely different contexts, but recently there has emerged a new interest in combining the strengths of these models and in transforming models from one notation into the other. The existing works in this area focus on transforming attack graphs into attack trees. In this paper, we propose an approach to transform attack trees into attack graphs based on the fundamental understanding of how actions are represented in both structures. From this, we hope to enable more versatility in both structures.