Papers
Topics
Authors
Recent
Search
2000 character limit reached

Attack Tree Distance: a practical examination of tree difference measurement within cyber security

Published 4 Mar 2025 in cs.CR | (2503.02499v1)

Abstract: CONTEXT. Attack treesare a recommended threat modeling tool, but there is no established method to compare them. OBJECTIVE. We aim to establish a method to compare "real" attack trees, based on both the structure of the tree itself and the meaning of the node labels. METHOD. We define four methods of comparison (three novel and one established) and compare them to a dataset of attack trees created from a study run on students (n = 39). These attack trees all follow from the same scenario, but have slightly different labels. RESULTS. We find that applying semantic similarity as a means of comparing node labels is a valid approach. Further, we find that treeedit distance (established) and radical distance (novel) are themost promising methods of comparison in most circumstances. CONCLUSION. We show that these two methods are valid as means of comparing attack trees, and suggest a novel technique for using semantic similarity to compare node labels. We further suggest that these methods can be used to compare attack trees in a real-world scenario, and that they can be used to identify similar attack trees.

Summary

No one has generated a summary of this paper yet.

Paper to Video (Beta)

No one has generated a video about this paper yet.

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Continue Learning

We haven't generated follow-up questions for this paper yet.

Collections

Sign up for free to add this paper to one or more collections.