A study of some vulnerabilities in information security
Information security has always played a significant role in ensuring the privacy of our data is securely protected. It is built around 3 primary objectives, commonly known as CIA – Confidentiality, Integrity and Availability using various processes and tools. However, its application does not mean...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
Nanyang Technological University
2021
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/147959 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | Information security has always played a significant role in ensuring the privacy of our data is securely protected. It is built around 3 primary objectives, commonly known as CIA – Confidentiality, Integrity and Availability using various processes and tools. However, its application does not mean that there is no vulnerability to compromise the system. This may be due to poor implementation of the code written in the program, or an intentional motive made by a hacker with the goal of stealing data and information whenever it is available.
This project aims to explore different types of methods to hide weak implementations in a legitimate program. These methods include the use of strong crypto algorithms. If there is any part in the cryptosystem that is weakly implemented (either ignorantly or deliberately), encrypted data using strong algorithms can still be retrieved easily without the user’s knowledge.
Another method being explored, are hiding vulnerabilities in a program to allow attackers to easily take advantage of a remote command execution and having the ability to evade firewalls and avoiding antivirus programs. Thus, simulating a malicious program and the possibilities of what a hacker can do on a compromised machine.
In this project, I have created a software product called, “The Knotty Chat” to test out these methods and include some recommendations based on my findings. |
|---|