RED TEAM IN A BOX (RTIB): DEVELOPING AUTOMATED TOOLS TO IDENTIFY, ASSESS, AND EXPOSE CYBERSECURITY VULNERABILITIES IN DEPARTMENT OF THE NAVY SYSTEMS
Plot, Joseph A.
Shaffer, Alan B.
MetadataShow full item record
The U.S. Navy and Marine Corps manage a vast number of computer systems, both afloat and ashore, many of which are neither directly connected to an external Internet Protocol (IP) network nor updated regularly, but do occasionally interact with other IP-connected devices. As malicious actors advance their capabilities to exploit and penetrate computer networks, the Department of the Navy (DoN) must be able to verify whether or not its computer systems are susceptible to cyber-attacks. A current mitigation technique is to use a cyber red team to assess a friendly network in a controlled environment; however, this method of conducting assessments can be costly and time-consuming, and may not target specific critical systems. This thesis developed a proof-of-concept tool called Red Team in a Box (RTIB) that addresses the current resource limitations of cyber red teams by leveraging open source software and other methods to discover, identify, and conduct a vulnerability scan on a computer system’s software via a graphical user interface. The results of the vulnerability scan offer the RTIB user possible mitigation strategies to lower the risk from potential cyber-attacks without the need for a dedicated cyber red team operating on the target host or network. This research fundamentally provides the foundation to further develop an automated tool that Sailors and Marines with limited expertise can use to conduct a thorough cybersecurity vulnerability assessment on DoN systems.
Approved for public release. distribution is unlimited
Showing items related by title, author, creator and subject.
Establishing viable and effective information warfare capability in developing nations based on the U.S. model Niazi, Ashar Ahmed Khan (Monterey, California. Naval Postgraduate School, 2012-12);Information Warfare (IW) is a reality of the 21st century. With the advancements in computer technology and innovations in information systems and networks, information has become a forceful weapon and an element of national ...
Wical, Steven C. (Monterey, California. Naval Postgraduate School, 1994-06);Ethical conduct standards have been a great concern of the Department of Defense (DoD) for decades. This is especially true in how its employees, particularly contracting officials, use them in making an ethical business ...
Kölsch, Mathias (Monterey, California. Naval Postgraduate School, 2010);The Department of Defense's need for modeling and simulation (M&S) tools and professionals is growing at a rapid pace. From research to development, from training to acquisition, from requirements analysis to testing; M&S ...