Cyber attack is a sensitive issue in the world of Internet security. Governments and business organisations around the world are providing enormous effort to secure their data. They are using various types of tools and techniques to keep the business running, while adversaries are trying to breach security and send malicious software such as botnets, viruses, trojans etc., to access valuable data. Everyday the situation is getting worse because of new types of malware emerging to attack networks. It is important to understand those attacks both before and after they happen in order to provide better security to our systems. Understanding attack models provide more insight into network vulnerability, which in turn can be used to protect the network from future attacks. In the cyber security world, it is difficult to predict a potential attack without understanding the vulnerability of the network. So, it is important to analyse the network to identify top possible vulnerability list, which will give an intuitive idea to protect the network. Also, handling an ongoing attack poses significant risk on the network and valuable data, where prompt action is necessary. Proper utilisation of attack modelling techniques provide advance planning, which can be implemented rapidly during an ongoing attack event. This paper aims to analyse various types of existing attack modelling techniques to understand the vulnerability of the network, and the behaviour and goals of the adversary. The ultimate goal is to handle cyber attack in efficient manner using attack modelling techniques.
