A Template-based Method for the Generation of Attack Trees

Research output: Chapter in Book/Report/Conference proceedingConference proceeding


Attack trees are used in cybersecurity analysis to give an analyst a view of all the ways in which an attack can be carried out. Attack trees can become large, and developing them by hand can be tedious and error-prone. In this paper the automated generation of attack trees is considered. The method proposed is based on a library of attack templates – parameterisable patterns of attacks such as denial of service or eavesdropping – and that also uses an abstract model of the network
architecture under attack. A pseudocode implementation of the method is also presented. The example application given is from the automotive domain and using an architecture consisting of linked CAN networks – a network configuration found in virtually every current vehicle.
Original languageEnglish
Title of host publicationInformation Security Theory and Practice - 13th IFIP WG 11.2 International Conference, WISTP 2019, Proceedings
EditorsMaryline Laurent, Thanassis Giannetsos
PublisherSpringer, Cham
Number of pages11
ISBN (Electronic)978-3-030-41702-4
ISBN (Print)978-3-030-41701-7
Publication statusE-pub ahead of print - 2 Mar 2020
EventInternational Conference on Information Security Theory and Practice - Paris, France
Duration: 11 Dec 201912 Dec 2019

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12024 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


ConferenceInternational Conference on Information Security Theory and Practice
Abbreviated titleWISTP
Internet address


  • Attack trees
  • Automotive
  • Cybersecurity
  • Generation

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'A Template-based Method for the Generation of Attack Trees'. Together they form a unique fingerprint.

Cite this