Graph models for Cybersecurity -- A Survey (2311.10050v1)

Abstract: Graph models are helpful means of analyzing computer networks as well as complex system architectures for security. In this paper we evaluate the current state of research for representing and analysing cyber-attack using graph models, i.e. attack graph (AG) formalisms. We propose a taxonomy on attack graph formalisms, based on 70 models, which we analysed with respect to their \textit{graph semantic}, involved agents and analysis features. Additionally, we adress which formalisms allow for automatic attack graph generation from raw or processes data inputs. Our taxonomy is especially designed to help users and applied researchers identify a suitable AG model for their needs. A summary of the individual AG formalisms is provided as supplementary material.