Restructuring attack trees to identify incorrect or missing relationships between nodes

Hua Cai, Hironori Washizaki, Yoshiaki Fukazawa, Takao Okubo, Haruhiko Kaiya, Nobukazu Yoshioka

Research output: Contribution to journalConference articlepeer-review


Attack trees are often used to analyze a system or detect application programs attacks. To aid in software design, a method to create safe and stable systems should be created. An attack tree has multiple levels and is composed of different nodes, including root nodes, internal nodes, and leaf nodes. These nodes can be separated into parent nodes and child nodes when discussing their relation. Child nodes are defined as conditions that must be satisfied to make their direct parent nodes true. Although an attack tree can express vertical relationships between nodes well, it usually ignores parallel relationships of different branch nodes. Moreover, the relation between parent-child nodes may be inaccurate due to a poorly designed attack tree. To solve these problems, we present a new way to derive an attack tree system in which the initial attack tree is reconstructed into a new attack tree using Interpretive Structural Modeling (abbr. ISM). The proposed method can easily correct the relation between parent-child nodes and identify horizontal relationships. Finally, the proposed method derives a clear attack tree for more precise system's threat analysis and better defensive measures.

Original languageEnglish
Pages (from-to)18-25
Number of pages8
JournalCEUR Workshop Proceedings
Publication statusPublished - 2021
Event2018 International Workshop on Evidence-Based Security and Privacy in the Wild and the 1st International Workshop on Machine Learning Systems Engineering, WESPr-iMLSE 2018 - Nara, Japan
Duration: 2018 Dec 4 → …


  • Attack tree
  • ISM
  • Model
  • Security

ASJC Scopus subject areas

  • Computer Science(all)


Dive into the research topics of 'Restructuring attack trees to identify incorrect or missing relationships between nodes'. Together they form a unique fingerprint.

Cite this