Collusion attack has been recognized as a key issue in e-commerce systems and increasingly attracted people’s attention for quite some time in the literatures of information security. Regardless of the wide application of security protocol, this attack has been largely ignored in the protocol analysis. There is a lack of efficient and intuitive approaches to identify this attack since it is usually hidden and uneasy to find. Thus, this article addresses this critical issue using a compact and intuitive Bayesian network (BN)-based scheme. It assists in not only discovering the secure messages that may lead to the attack but also providing the degree of dependency to measure the occurrence of collusion attack. The experimental results demonstrate that our approaches are useful to detect the collusion attack in secure messages and enhance the protocol analysis.