POSTER: Construct macOS Cyber Range for Red/Blue Teams

POSTER: Construct macOS Cyber Range for Red/Blue Teams

연구 분야: Strategies

학회: ASIA CCS '20: Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

More and more malicious apps and APT attacks now target macOS, making it crucial for researchers to develop threat countermeasures on macOS. In this paper, we attempt to construct a macOS cyber range for the evaluation of red team and blue team performances. Our proposed system is composed of three fundamental components: an attack-defense association graph, a Go language-based red team emulation tool, and a toolkit for blue team performance evaluation. We demonstrate the effectiveness of our proposed cyber range with real-world scenarios, and believe it will stimulate more research innovations on threat analysis for macOS.