Nelson Shaw Design Project
Nelson Shaw (Talk | contribs) |
Nelson Shaw (Talk | contribs) |
||
| Line 26: | Line 26: | ||
=== Description of Classes === | === Description of Classes === | ||
| + | '''ControlUnit''' | ||
ControlUnit is the main class of the control module. An observer pattern is used with the GUI and Controller. | ControlUnit is the main class of the control module. An observer pattern is used with the GUI and Controller. | ||
| − | + | It contains a list of data objects which can then be displayed by the GUI. The data objects have a specified type e.g. Picture, Text, ... and so it will be up | |
| − | + | to the GUI to organise how to display them. Therefore any knowledge of the task from which the data came is unnecessary. The ControlUnit class will also | |
| − | + | have the appropriate update functions to enable an observer pattern. | |
| − | + | ||
| − | + | ||
| − | + | ||
| − | + | '''Communicator''' | |
| + | Communicator is used to set up a connection between the control and remote modules. The type of encryption can be set, by passing an EncryptionStandard object. Both the ControlUnit and Remote objects create | ||
| + | instances of the Communicator object. The main way the remote and control units will communicate, is by serializing and sending Task objects. Once an object is serialized it is then encrypted and sent. | ||
| + | When received it is first decrypted and then de-serialized. | ||
| + | |||
| + | '''Serializer''' | ||
| + | The serializer class is used to serialize task objects and return them as a byte array. It is also used to de-serialize objects. | ||
| + | |||
| + | '''EncryptionStandard''' | ||
| + | The use of EncryptionStandard with the various subclasses allows the program to be extended to incorporate various encryption types. For the current implementation, it is expected that "Unsecured" and "RSA" | ||
| + | Encryption Standards will be implemented. But in future it is possible to add say, AES encryption. By using the Strategy pattern, each subclass overrides the EncryptionStandard's functions such as encrypt and decrypt. | ||
| + | |||
| + | '''Task''' | ||
| + | By using the strategy pattern for the Task class, it allows easy modification to add new functionality to the program. Currently, Screenshot and Keylog functionality is provided, but it should be relatively simple to add more. | ||
| + | Once a task is performed by the remote program, data is added to the task which is then sent back to the control unit. The data class can be one of various types. | ||
| + | |||
| + | '''Data''' | ||
| + | Data is a class that carries information produced on the Remote host from performing a Task. It has a type attribute which describes the type of data it is, as well as a text heading. | ||
== Design Critique == | == Design Critique == | ||
| − | + | Displaying of the data by a list of Data objects in ControlUnit is perhaps not optimal? | |
| + | The GUI still has to know about the Data types that are possible, but is this an inevitable coupling? | ||
| + | |||
== Design Improvements == | == Design Improvements == | ||
Revision as of 21:58, 31 July 2010
Contents |
Trojan Project
As part of the COSC429 Information Warfare course, development of a Trojan module is required.
The software should have command and remote modules, which are connected together via sockets. Functionality such as screen capture, key log capture and remote file browsing is required.
A more formal description is shown below.
Design Study
A current log of work spent on the project can be found here Design Project Log
Requirements
- Secure - Components and communication of software should be secure and unable to modify
- Maintainability - Easy to add new functionality (e.g. Multiple remote modules)
- Extensible - Add additional software components easily (e.g. Software to deliver remote module onto target system)
Constraints
Remote and control module communication, processing speed and associated overhead costs.
Initial Design
This is my current UML diagram -- a work in progress. I think I have the basic structure, but obviously there are a few class attributes and functions missing.
Description of Classes
ControlUnit ControlUnit is the main class of the control module. An observer pattern is used with the GUI and Controller. It contains a list of data objects which can then be displayed by the GUI. The data objects have a specified type e.g. Picture, Text, ... and so it will be up to the GUI to organise how to display them. Therefore any knowledge of the task from which the data came is unnecessary. The ControlUnit class will also have the appropriate update functions to enable an observer pattern.
Communicator
Communicator is used to set up a connection between the control and remote modules. The type of encryption can be set, by passing an EncryptionStandard object. Both the ControlUnit and Remote objects create
instances of the Communicator object. The main way the remote and control units will communicate, is by serializing and sending Task objects. Once an object is serialized it is then encrypted and sent.
When received it is first decrypted and then de-serialized.
Serializer The serializer class is used to serialize task objects and return them as a byte array. It is also used to de-serialize objects.
EncryptionStandard The use of EncryptionStandard with the various subclasses allows the program to be extended to incorporate various encryption types. For the current implementation, it is expected that "Unsecured" and "RSA" Encryption Standards will be implemented. But in future it is possible to add say, AES encryption. By using the Strategy pattern, each subclass overrides the EncryptionStandard's functions such as encrypt and decrypt.
Task By using the strategy pattern for the Task class, it allows easy modification to add new functionality to the program. Currently, Screenshot and Keylog functionality is provided, but it should be relatively simple to add more. Once a task is performed by the remote program, data is added to the task which is then sent back to the control unit. The data class can be one of various types.
Data Data is a class that carries information produced on the Remote host from performing a Task. It has a type attribute which describes the type of data it is, as well as a text heading.
Design Critique
Displaying of the data by a list of Data objects in ControlUnit is perhaps not optimal? The GUI still has to know about the Data types that are possible, but is this an inevitable coupling?
Design Improvements
Possible improvements.
Thanks to User: James Ashford for the project page template.
