Using Attack Trees for Security Education and Training: Simplifying Threat Analysis
摘要
Modern cybersecurity education must prepare learners to understand how security threats can be realized and to diagnose and respond to attacks, under real-world constraints—such as incomplete or ambiguous information. This paper introduces two educational approaches. First, we adapt attack trees, a threat-modeling technique, into an intuitive framework for teaching security reasoning to non-experts, including children. By breaking down attacks into visual, step-by-step scenarios, learners systematically identify risks and countermeasures, fostering critical thinking and collaboration. Second, we propose a method to quantify the diagnosability of attacks, measuring how much information is needed to identify an attacker’s actions (which are unseen). This approach helps educators design realistic training exercises where learners prioritize evidence and act decisively under uncertainty. Finally, we discuss how this framework could be translated into a security tool accessible to a wide range of users.