Perceiving and understanding cyber-attacks can be a difficult task, and more effective techniques are needed to aid cyber-attack perception. Attack modelling techniques (AMTs) - such as attack graphs, attack trees and fault trees, are a popular method of mathematically and visually representing the sequence of events that lead to a successful cyber-attack. These methods are useful visual aids that can aid cyber-attack perception.

This survey paper describes the fundamental theory of cyber-attack before describing how important elements of a cyber-attack are represented in attack graphs and attack trees. The key focus of the paper is to present empirical research aimed at analysing more than 180 attack graphs and attack trees to identify how attack graphs and attack trees present cyber-attacks in terms of their visual syntax.

There is little empirical or comparative research which evaluates the effectiveness of these methods. Furthermore, despite their popularity, there is no standardised attack graph visual syntax configuration, and more than seventy self-nominated attack graph and twenty attack tree configurations have been described in the literature — each of which presents attributes such as preconditions and exploits in a different way. The survey demonstrates that there is no standard method of representing attack graphs or attack trees and that more research is needed to standardise the representation.

感知和理解网络攻击可能是一项艰巨的任务，需要更有效的技术来帮助感知网络攻击。攻击建模技术（AMT）-例如攻击图，攻击树和故障树，是一种流行的方法，可以在数学上和视觉上表示导致成功网络攻击的事件序列。这些方法是有用的视觉辅助工具，可帮助您感知网络攻击。

这份调查报告先介绍了网络攻击的基本理论，然后再介绍如何在攻击图和攻击树中表示网络攻击的重要元素。本文的重点是提出实证研究，旨在分析180多个攻击图和攻击树，以识别攻击图和攻击树如何根据其视觉语法呈现网络攻击。

很少有经验或比较研究来评估这些方法的有效性。此外，尽管它们很流行，但是没有标准化的攻击图视觉语法配置，并且在文献中描述了超过70种自我指定的攻击图和二十种攻击树配置-每种都在不同的条件下提供了先决条件和漏洞利用等属性。方式。调查表明，没有表示攻击图或攻击树的标准方法，还需要更多研究来标准化表示。