🤖 AI Summary
Attack scenario descriptions in cybersecurity automation lack formal semantic foundations, hindering systematic analysis and automation. Method: This paper proposes an abstract, formal model based on UML class diagrams, enabling the first unified modeling of attack context and attack scenarios. The model supports structured input, automated processing, and cross-process reuse, directly facilitating two core tasks: attack analysis and automated attack script generation. Contribution/Results: Evaluated on real-world attack analysis and cybersecurity training script generation, the model demonstrates strong feasibility and effectiveness. It fills a critical gap in formal attack scenario modeling and establishes a scalable, verifiable semantic foundation for security process automation—enhancing interoperability, reproducibility, and formal reasoning in cyber defense systems.
📝 Abstract
Organizations face an ever-changing threat landscape. They must continuously dedicate significant efforts to protect their assets, making their adoption of increased cybersecurity automation inevitable. However, process automation requires formalization of input data. Through this paper, we address this need for processes that use attack scenarios as input. Among these processes, one can mention both the generation of scripts for attack simulation and training purposes, as well as the analysis of attacks. Therefore, the paper's main research contribution is a novel formal model that encompasses the attack's context description and its scenario. It is abstracted using UML class model. Once the description of our model done, we will show how it could serve an upstream attack analysis process. We will show also its use for an automatic generation of attack scripts in the context of cybersecurity training. These two uses cases constitute the second contribution of this present research work.