A study of some vulnerabilities in information security
Information security has always played a significant role in ensuring the privacy of our data is securely protected. It is built around 3 primary objectives, commonly known as CIA – Confidentiality, Integrity and Availability using various processes and tools. However, its application does not mean...
محفوظ في:
| المؤلف الرئيسي: | |
|---|---|
| مؤلفون آخرون: | |
| التنسيق: | Final Year Project |
| اللغة: | English |
| منشور في: |
Nanyang Technological University
2021
|
| الموضوعات: | |
| الوصول للمادة أونلاين: | https://hdl.handle.net/10356/147959 |
| الوسوم: |
إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| المؤسسة: | Nanyang Technological University |
| اللغة: | English |
| الملخص: | Information security has always played a significant role in ensuring the privacy of our data is securely protected. It is built around 3 primary objectives, commonly known as CIA – Confidentiality, Integrity and Availability using various processes and tools. However, its application does not mean that there is no vulnerability to compromise the system. This may be due to poor implementation of the code written in the program, or an intentional motive made by a hacker with the goal of stealing data and information whenever it is available.
This project aims to explore different types of methods to hide weak implementations in a legitimate program. These methods include the use of strong crypto algorithms. If there is any part in the cryptosystem that is weakly implemented (either ignorantly or deliberately), encrypted data using strong algorithms can still be retrieved easily without the user’s knowledge.
Another method being explored, are hiding vulnerabilities in a program to allow attackers to easily take advantage of a remote command execution and having the ability to evade firewalls and avoiding antivirus programs. Thus, simulating a malicious program and the possibilities of what a hacker can do on a compromised machine.
In this project, I have created a software product called, “The Knotty Chat” to test out these methods and include some recommendations based on my findings. |
|---|