A study of some vulnerabilities in information security
Information security has always played a significant role in ensuring the privacy of our data is securely protected. It is built around 3 primary objectives, commonly known as CIA – Confidentiality, Integrity and Availability using various processes and tools. However, its application does not mean...
Saved in:
| 主要作者: | |
|---|---|
| 其他作者: | |
| 格式: | Final Year Project |
| 語言: | English |
| 出版: |
Nanyang Technological University
2021
|
| 主題: | |
| 在線閱讀: | https://hdl.handle.net/10356/147959 |
| 標簽: |
添加標簽
沒有標簽, 成為第一個標記此記錄!
|
| 機構: | Nanyang Technological University |
| 語言: | English |
| 總結: | Information security has always played a significant role in ensuring the privacy of our data is securely protected. It is built around 3 primary objectives, commonly known as CIA – Confidentiality, Integrity and Availability using various processes and tools. However, its application does not mean that there is no vulnerability to compromise the system. This may be due to poor implementation of the code written in the program, or an intentional motive made by a hacker with the goal of stealing data and information whenever it is available.
This project aims to explore different types of methods to hide weak implementations in a legitimate program. These methods include the use of strong crypto algorithms. If there is any part in the cryptosystem that is weakly implemented (either ignorantly or deliberately), encrypted data using strong algorithms can still be retrieved easily without the user’s knowledge.
Another method being explored, are hiding vulnerabilities in a program to allow attackers to easily take advantage of a remote command execution and having the ability to evade firewalls and avoiding antivirus programs. Thus, simulating a malicious program and the possibilities of what a hacker can do on a compromised machine.
In this project, I have created a software product called, “The Knotty Chat” to test out these methods and include some recommendations based on my findings. |
|---|