CARTT: Cyber Automated Red Team Tool

Plot, Joseph
Shaffer, Alan
Singh, Gurminder
Journal Title
Journal ISSN
Volume Title
Military weapon systems are often built using embedded, non-IP (Internet Protocol) based computer systems that are not regularly updated and patched due to their isolation. As adversaries expand their capability to exploit and penetrate these systems, we must be able to verify they are not susceptible to cyber-attack. Currently, cyber red teams are employed to assess the security of systems and networks in isolated environments, however, this method can be costly and time-consuming, and the availability of red teams is limited. To address this need and resource shortfall, we have developed the Cyber Automated Red Team Tool (CARTT) that leverages open source software and methods to discover, identify, and conduct a vulnerability scan on a computer system’s software. The results of the vulnerability scan offer possible mitigation strategies to lower the risk from potential cyber-attacks without the need for a dedicated cyber red team operating on the target host or network.
The Science and Engineering of Cyber Systems, cyber, network, red team, security, software vulnerability
Access Rights
Email if you need this content in ADA-compliant format.