Graph models for Cybersecurity -- A Survey
Jasmin Wachter
TL;DR
This survey reviews and categorizes various attack graph models used in cybersecurity, providing a taxonomy to help researchers select appropriate models for analyzing cyber threats and automating attack graph generation.
Contribution
The paper introduces a comprehensive taxonomy of 70 attack graph formalisms, analyzing their semantics, agents, and analysis features, and discusses automatic generation from raw data.
Findings
Developed a taxonomy for attack graph formalisms
Analyzed 70 models based on semantics and features
Identified models supporting automatic graph generation
Abstract
Graph models are helpful means of analyzing computer networks as well as complex system architectures for security. In this paper we evaluate the current state of research for representing and analysing cyber-attack using graph models, i.e. attack graph (AG) formalisms. We propose a taxonomy on attack graph formalisms, based on 70 models, which we analysed with respect to their \textit{graph semantic}, involved agents and analysis features. Additionally, we adress which formalisms allow for automatic attack graph generation from raw or processes data inputs. Our taxonomy is especially designed to help users and applied researchers identify a suitable AG model for their needs. A summary of the individual AG formalisms is provided as supplementary material.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInformation and Cyber Security · Complex Network Analysis Techniques · Advanced Software Engineering Methodologies