POSTER: Construct macOS Cyber Range for Red/Blue Teams

Yi Hsien Chen; Yen Da Lin; Chung Kuan Chen; Chin Laung Lei; Chun Ying Huang

doi:10.1145/3320269.3405449

POSTER: Construct macOS Cyber Range for Red/Blue Teams

Yi Hsien Chen, Yen Da Lin, Chung Kuan Chen, Chin Laung Lei, Chun Ying Huang

資訊工程學系

研究成果: Conference contribution › 同行評審

2 引文斯高帕斯（Scopus）

摘要

More and more malicious apps and APT attacks now target macOS, making it crucial for researchers to develop threat countermeasures on macOS. In this paper, we attempt to construct a macOS cyber range for the evaluation of red team and blue team performances. Our proposed system is composed of three fundamental components: an attack-defense association graph, a Go language-based red team emulation tool, and a toolkit for blue team performance evaluation. We demonstrate the effectiveness of our proposed cyber range with real-world scenarios, and believe it will stimulate more research innovations on threat analysis for macOS.

原文	English
主出版物標題	Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020
發行者	Association for Computing Machinery, Inc
頁面	934-936
頁數	3
ISBN（電子）	9781450367509
DOIs	https://doi.org/10.1145/3320269.3405449
出版狀態	Published - 5 10月 2020
事件	15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020 - Virtual, Online, 台灣持續時間: 5 10月 2020 → 9 10月 2020

出版系列

名字	Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020

Conference

Conference	15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020
國家/地區	台灣
城市	Virtual, Online
期間	5/10/20 → 9/10/20

存取文件

10.1145/3320269.3405449

其它文件與鏈接

Link to publication in Scopus

引用此

Chen, Y. H., Lin, Y. D., Chen, C. K., Lei, C. L., & Huang, C. Y. (2020). POSTER: Construct macOS Cyber Range for Red/Blue Teams. 於 Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020 (頁 934-936). (Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020). Association for Computing Machinery, Inc. https://doi.org/10.1145/3320269.3405449

Chen, Yi Hsien ; Lin, Yen Da ; Chen, Chung Kuan 等. / POSTER : Construct macOS Cyber Range for Red/Blue Teams. Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020. Association for Computing Machinery, Inc, 2020. 頁 934-936 (Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020).

@inproceedings{2ebd620b9a9342e88608d4c1d5737133,

title = "POSTER: Construct macOS Cyber Range for Red/Blue Teams",

abstract = "More and more malicious apps and APT attacks now target macOS, making it crucial for researchers to develop threat countermeasures on macOS. In this paper, we attempt to construct a macOS cyber range for the evaluation of red team and blue team performances. Our proposed system is composed of three fundamental components: an attack-defense association graph, a Go language-based red team emulation tool, and a toolkit for blue team performance evaluation. We demonstrate the effectiveness of our proposed cyber range with real-world scenarios, and believe it will stimulate more research innovations on threat analysis for macOS. ",

keywords = "blue team, cyber range, forensic, macos security, penetration testing, red team",

author = "Chen, {Yi Hsien} and Lin, {Yen Da} and Chen, {Chung Kuan} and Lei, {Chin Laung} and Huang, {Chun Ying}",

note = "Publisher Copyright: {\textcopyright} 2020 Owner/Author. Copyright: Copyright 2020 Elsevier B.V., All rights reserved.; 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020 ; Conference date: 05-10-2020 Through 09-10-2020",

year = "2020",

month = oct,

day = "5",

doi = "10.1145/3320269.3405449",

language = "English",

series = "Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020",

publisher = "Association for Computing Machinery, Inc",

pages = "934--936",

booktitle = "Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020",

}

Chen, YH, Lin, YD, Chen, CK, Lei, CL & Huang, CY 2020, POSTER: Construct macOS Cyber Range for Red/Blue Teams. 於 Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020. Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020, Association for Computing Machinery, Inc, 頁 934-936, 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020, Virtual, Online, 台灣, 5/10/20. https://doi.org/10.1145/3320269.3405449

POSTER: Construct macOS Cyber Range for Red/Blue Teams. / Chen, Yi Hsien; Lin, Yen Da; Chen, Chung Kuan 等.
Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020. Association for Computing Machinery, Inc, 2020. p. 934-936 (Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020).

研究成果: Conference contribution › 同行評審

TY - GEN

T1 - POSTER

T2 - 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020

AU - Chen, Yi Hsien

AU - Lin, Yen Da

AU - Chen, Chung Kuan

AU - Lei, Chin Laung

AU - Huang, Chun Ying

PY - 2020/10/5

Y1 - 2020/10/5

N2 - More and more malicious apps and APT attacks now target macOS, making it crucial for researchers to develop threat countermeasures on macOS. In this paper, we attempt to construct a macOS cyber range for the evaluation of red team and blue team performances. Our proposed system is composed of three fundamental components: an attack-defense association graph, a Go language-based red team emulation tool, and a toolkit for blue team performance evaluation. We demonstrate the effectiveness of our proposed cyber range with real-world scenarios, and believe it will stimulate more research innovations on threat analysis for macOS.

AB - More and more malicious apps and APT attacks now target macOS, making it crucial for researchers to develop threat countermeasures on macOS. In this paper, we attempt to construct a macOS cyber range for the evaluation of red team and blue team performances. Our proposed system is composed of three fundamental components: an attack-defense association graph, a Go language-based red team emulation tool, and a toolkit for blue team performance evaluation. We demonstrate the effectiveness of our proposed cyber range with real-world scenarios, and believe it will stimulate more research innovations on threat analysis for macOS.

KW - blue team

KW - cyber range

KW - forensic

KW - macos security

KW - penetration testing

KW - red team

UR - http://www.scopus.com/inward/record.url?scp=85096386639&partnerID=8YFLogxK

U2 - 10.1145/3320269.3405449

DO - 10.1145/3320269.3405449

M3 - Conference contribution

AN - SCOPUS:85096386639

T3 - Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020

SP - 934

EP - 936

BT - Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020

PB - Association for Computing Machinery, Inc

Y2 - 5 October 2020 through 9 October 2020

ER -

Chen YH, Lin YD, Chen CK, Lei CL, Huang CY. POSTER: Construct macOS Cyber Range for Red/Blue Teams. 於 Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020. Association for Computing Machinery, Inc. 2020. p. 934-936. (Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020). doi: 10.1145/3320269.3405449

POSTER: Construct macOS Cyber Range for Red/Blue Teams

摘要

出版系列

Conference

存取文件

其它文件與鏈接

指紋

引用此