POSTER: Construct macOS Cyber Range for Red/Blue Teams

More and more malicious apps and APT attacks now target macOS, making it crucial for researchers to develop threat countermeasures on macOS. In this paper, we attempt to construct a macOS cyber range for the evaluation of red team and blue team performances. Our proposed system is composed of three fundamental components: an attack-defense association graph, a Go language-based red team emulation tool, and a toolkit for blue team performance evaluation. We demonstrate the effectiveness of our proposed cyber range with real-world scenarios, and believe it will stimulate more research innovations on threat analysis for macOS.