CARTT: Cyber Automated Red Team Tool
Loading...
Files
Authors
Plot, Joseph
Shaffer, Alan
Singh, Gurminder
Subjects
The Science and Engineering of Cyber Systems
cyber network
red team
security
software vulnerability
cyber network
red team
security
software vulnerability
Advisors
Date of Issue
2020-01-07
Date
2020
Publisher
HICSS
Language
Abstract
Military weapon systems are often built using embedded, non-IP (Internet Protocol) based computer systems that are not regularly updated and patched due to their isolation. As adversaries expand their capability to exploit and penetrate these systems, we must be able to verify they are not susceptible to cyber-attack. Currently, cyber red teams are employed to assess the security of systems and networks in isolated environments, however, this method can be costly and time-consuming, and the availability of red teams is limited. To +ress this need and resource shortfall, we have developed the Cyber Automated Red Team Tool (CARTT) that leverages open source software and methods to discover, identify, and conduct a vulnerability scan on a computer system’s software. The results of the vulnerability scan offer possible mitigation strategies to lower the risk from potential cyber-attacks without the need for a dedicated cyber red team operating on the target host or network.
Type
Conference Paper
Description
Proceedings of the 53rd Hawaii International Conference on System Sciences | 2020
The article of record as published may be found at https://doi.org/10.24251/HICSS.2020.820
The article of record as published may be found at https://doi.org/10.24251/HICSS.2020.820
Series/Report No
Department
Organization
Naval Postgraduate School (U.S.)
Identifiers
NPS Report Number
Sponsors
Funder
Format
10 p.
Citation
Plot, Joseph, Alan Shaffer, and Gurminder Singh. "Cartt: Cyber automated red team tool." Proceedings of the 53rd Hawaii International Conference on System Sciences. 2020.
Distribution Statement
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.