Existing attack-defense tree (ADT) methods model only attacker-centric metrics and neglect defender resource constraints, leading to incomplete risk assessment. Method: We propose the first bidirectional ADT framework that systematically integrates multi-dimensional attributes of both attackers and defenders—such as cost, damage, and skill—and introduce a dual semiring encoding scheme coupled with an efficient Pareto-front computation algorithm. Our approach combines semiring-based algebraic modeling, bottom-up tree traversal, automatic ADT-to-BDD translation, and multi-objective optimization to enable resource-aware, bidirectional risk trade-off analysis. Contribution/Results: Experiments demonstrate that our algorithm computes the Pareto-optimal solution set for ADTs with hundreds of nodes in milliseconds, validating the framework’s feasibility, effectiveness, and scalability in realistic, resource-constrained security scenarios.

Effective risk management in cybersecurity requires a thorough understanding of the interplay between attacker capabilities and defense strategies. Attack-Defense Trees (ADTs) are a commonly used methodology for representing this interplay; however, previous work in this domain has only focused on analyzing metrics such as cost, damage, or time from the perspective of the attacker. This approach provides an incomplete view of the system, as it neglects to model defender attributes: in real-world scenarios, defenders have finite resources for countermeasures and are similarly constrained. In this paper, we propose a novel framework that incorporates defense metrics into ADTs, and we present efficient algorithms for computing the Pareto front between defense and attack metrics. Our methods encode both attacker and defender metrics as semirings, allowing our methods to be used for many metrics such as cost, damage, and skill. We analyze tree-structured ADTs using a bottom-up approach and general ADTs by translating them into binary decision diagrams. Experiments on randomly generated ADTS demonstrate that both approaches effectively handle ADTs with several hundred nodes.