A study of some vulnerabilities in information security
Information security has always played a significant role in ensuring the privacy of our data is securely protected. It is built around 3 primary objectives, commonly known as CIA – Confidentiality, Integrity and Availability using various processes and tools. However, its application does not mean...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
Nanyang Technological University
2021
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/147959 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-147959 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1479592021-04-20T08:05:32Z A study of some vulnerabilities in information security Tan, Kevin Wei Loong Tay Kian Boon School of Computer Science and Engineering kianboon.tay@ntu.edu.sg Engineering::Computer science and engineering::Data::Data encryption Information security has always played a significant role in ensuring the privacy of our data is securely protected. It is built around 3 primary objectives, commonly known as CIA – Confidentiality, Integrity and Availability using various processes and tools. However, its application does not mean that there is no vulnerability to compromise the system. This may be due to poor implementation of the code written in the program, or an intentional motive made by a hacker with the goal of stealing data and information whenever it is available. This project aims to explore different types of methods to hide weak implementations in a legitimate program. These methods include the use of strong crypto algorithms. If there is any part in the cryptosystem that is weakly implemented (either ignorantly or deliberately), encrypted data using strong algorithms can still be retrieved easily without the user’s knowledge. Another method being explored, are hiding vulnerabilities in a program to allow attackers to easily take advantage of a remote command execution and having the ability to evade firewalls and avoiding antivirus programs. Thus, simulating a malicious program and the possibilities of what a hacker can do on a compromised machine. In this project, I have created a software product called, “The Knotty Chat” to test out these methods and include some recommendations based on my findings. Bachelor of Engineering (Computer Engineering) 2021-04-20T08:05:32Z 2021-04-20T08:05:32Z 2021 Final Year Project (FYP) Tan, K. W. L. (2021). A study of some vulnerabilities in information security. Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/147959 https://hdl.handle.net/10356/147959 en SCSE20-0163 application/pdf Nanyang Technological University |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering::Computer science and engineering::Data::Data encryption |
| spellingShingle |
Engineering::Computer science and engineering::Data::Data encryption Tan, Kevin Wei Loong A study of some vulnerabilities in information security |
| description |
Information security has always played a significant role in ensuring the privacy of our data is securely protected. It is built around 3 primary objectives, commonly known as CIA – Confidentiality, Integrity and Availability using various processes and tools. However, its application does not mean that there is no vulnerability to compromise the system. This may be due to poor implementation of the code written in the program, or an intentional motive made by a hacker with the goal of stealing data and information whenever it is available.
This project aims to explore different types of methods to hide weak implementations in a legitimate program. These methods include the use of strong crypto algorithms. If there is any part in the cryptosystem that is weakly implemented (either ignorantly or deliberately), encrypted data using strong algorithms can still be retrieved easily without the user’s knowledge.
Another method being explored, are hiding vulnerabilities in a program to allow attackers to easily take advantage of a remote command execution and having the ability to evade firewalls and avoiding antivirus programs. Thus, simulating a malicious program and the possibilities of what a hacker can do on a compromised machine.
In this project, I have created a software product called, “The Knotty Chat” to test out these methods and include some recommendations based on my findings. |
| author2 |
Tay Kian Boon |
| author_facet |
Tay Kian Boon Tan, Kevin Wei Loong |
| format |
Final Year Project |
| author |
Tan, Kevin Wei Loong |
| author_sort |
Tan, Kevin Wei Loong |
| title |
A study of some vulnerabilities in information security |
| title_short |
A study of some vulnerabilities in information security |
| title_full |
A study of some vulnerabilities in information security |
| title_fullStr |
A study of some vulnerabilities in information security |
| title_full_unstemmed |
A study of some vulnerabilities in information security |
| title_sort |
study of some vulnerabilities in information security |
| publisher |
Nanyang Technological University |
| publishDate |
2021 |
| url |
https://hdl.handle.net/10356/147959 |
| _version_ |
1698713721085362176 |