Reactive defense mechanisms, such as intrusion detection systems, have made significant
efforts to secure a system or network for the last several decades. However, the nature of …

Perceiving and understanding cyber-attacks can be a difficult task, and more effective
techniques are needed to aid cyber-attack perception. Attack modelling techniques (AMTs) …

Enterprise systems are growing in complexity, and the adoption of cloud and mobile
services has greatly increased the attack surface. To proactively address these security …

This paper presents the current state of the art on attack and defense modeling approaches
that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical …

Software Defined Networking (SDN) has been proposed as a drastic shift in the networking
paradigm, by decoupling network control from the data plane and making the switching …

Threats are potential events, intentional or not, that compromise the confidentiality, integrity,
and/or availability of information systems. Defending against threats and attacks requires …

Abstract The Internet of Things (IoT) is enabling innovative applications in various domains.
Due to its heterogeneous and wide-scale structure, it introduces many new security issues …

We introduce and give formal definitions of attack–defense trees. We argue that these trees
are a simple, yet powerful tool to analyze complex security and privacy problems. Our …

Digital technologies are increasingly being adopted in modern supply chains for product
traceability, enabling data sharing amongst trading partners, quick availability of product …

Attack–defense trees are a novel methodology for graphical security modelling and
assessment. They extend the well-known formalism of attack trees by allowing nodes that …