Co
m
pu
ter Sci
ence a
nd Inf
or
mat
i
on
Tec
h
no
lo
gies
Vo
l.
1
,
No.
3
,
Novem
ber
2020
, p
p.
98
~
105
IS
S
N:
27
22
-
3221
,
DOI: 10
.11
591
/
csi
t.v
1i
3
.p
98
-
105
98
Journ
al h
om
e
page
:
http:
//
ia
esprime
.com/i
ndex.
php/csit
Modific
ation
dat
a atta
ck i
nsid
e comp
uter systems:
A
criti
cal
revi
ew
Vahid K
avian
i J,
Par
vin
Ahm
ad
i
Dov
al
A
mi
ri
, Fa
rs
ad
Z
ama
ni Br
uj
e
ni, N
im
a Akhl
aghi
Depa
rtment
o
f
E
ngine
er
ing, Islam
ic
Aza
d
Unive
rsit
y
,
Isfah
an
(K
hora
sgan)
Br
anch,
Isfah
an, I
ran
Art
ic
le
In
f
o
ABSTR
A
CT
Art
ic
le
history:
Re
cei
ved
J
a
n
23
, 2
0
2
0
Re
vised
Ma
y
28
, 2
0
2
0
Accepte
d
J
un
1
6,
20
2
0
Thi
s pa
p
er
is
a
r
evi
ew
of
t
y
pes
o
f
m
odifi
cation
d
at
a attac
k
base
d
on
computer
s
y
stems
and
i
t
expl
or
es
the
vulne
r
abi
liti
es
and
m
it
ig
at
io
ns.
Alte
r
ing
informati
on
is
a
kind
of
c
y
ber
-
at
t
ac
k
dur
ing
whi
c
h
int
rud
ers
inter
fer
e,
c
atch,
al
t
er,
ta
k
e
or
er
ase
cr
it
i
cal
d
at
a
on
th
e
PC
s
an
d
applications
t
hrough
using
net
work e
xp
loi
t
or
b
y
running
m
al
i
ci
ou
s e
x
ec
u
table code
s on
vi
ctim
'
s s
y
st
em.
One
of
th
e
m
ost
diffi
cu
lt
and
tr
en
d
y
areas i
n
infor
m
at
ion
sec
ur
ity
i
s to
protect
the
sensit
ive
inf
orm
at
ion
and
se
cur
e
dev
ices
from
an
y
kind
of
th
rea
ts.
Lates
t
adva
nc
ements
in
informati
on
t
echnolog
y
in
th
e
f
ie
ld
of
inf
orm
at
i
on
sec
ur
i
t
y
rev
eal
hug
e
am
ount
of
budg
et
funde
d
for
an
d
spent
on
dev
el
oping
and
addr
essing
se
cur
ity
threat
s
to m
itigate
the
m
.
Thi
s
hel
ps
in
a v
ariet
y
of
settings
such
as
m
il
i
ta
r
y
,
business,
sci
enc
e
,
and
ent
er
ta
inment
.
Consi
der
ing
all
conc
ern
s,
th
e
se
cur
ity
issues
a
l
m
ost
al
wa
y
s
co
m
e
at
first
as
th
e
m
ost
cr
it
i
cal
conc
ern
s
in
th
e
m
oder
n
ti
m
e
.
As
a
m
atter
of
fa
ct
,
th
ere
is
no
ultim
at
e
sec
uri
t
y
soluti
on;
a
lt
houg
h
rec
en
t
dev
el
op
m
ent
s
in
sec
urity
an
aly
sis
ar
e
fi
nding
da
i
l
y
vulne
rab
il
i
ti
es,
t
her
e
are
m
an
y
m
ot
iva
ti
ons
to
spend
billions
of
doll
ars
to
ensure
the
re
are
vulne
r
abilities
wait
ing
for
an
y
kind
of
bre
ac
h
or
expl
o
it
to
pene
tr
at
e
in
to
th
e
s
y
s
te
m
s
and
n
et
works
and
a
ch
ie
ve
par
ti
cu
la
r
i
nte
rests.
In
te
rm
s
of
m
odif
y
i
ng
da
ta
and
infor
m
at
ion,
from
old
-
fashione
d
atta
c
ks
to
recen
t
c
y
b
er
ones,
al
l
o
f
th
e
atta
cks
are
using
th
e
sam
e
s
igna
tur
e:
e
it
her
cont
rollin
g
dat
a
str
ea
m
s
to
ea
sil
y
br
each
s
y
stem
prote
ctions
or
using
non
-
c
ontrol
-
da
t
a
at
t
ac
k
appr
o
ac
h
es.
Bo
th
m
e
tho
ds
ca
n
d
amage
appl
i
ca
t
ions
whi
ch
work
on
dec
ision
-
m
aki
ng
da
ta
,
user
inpu
t
dat
a
,
conf
igur
at
i
on
da
ta
,
or
user
i
dent
ity
d
ata
to
a
la
rge
exten
t.
In
thi
s
rev
ie
w
pape
r
,
we
h
ave
tri
ed
to
expr
es
s
tre
nds
of
vulne
rab
il
i
ti
es
in
the network pro
toc
ols’
appl
i
cati
ons.
Ke
yw
or
d
s
:
Com
pu
te
r
sec
uri
ty
Con
tr
ol
data at
ta
ck
Mem
or
y sec
uri
ty
Mod
ific
at
io
n
Non
-
co
ntr
ol d
a
ta
att
ack
This
is an
open
acc
ess arti
cl
e
un
der
the
CC
B
Y
-
SA
l
ic
ense
.
Corres
pond
in
g
Aut
h
or
:
Vah
i
d Kav
ia
ni
J
,
Dep
a
rtm
ent o
f En
gin
eeri
ng,
Islam
ic
A
zad
Un
i
ver
sit
y,
Isfahan (
K
horas
ga
n) Bra
nch, Isf
ahan,
Ir
a
n
.
Em
a
il
:
kav
ia
ni@kh
uisf.
ac
.ir
1.
INTROD
U
CTION
By
the r
ise
in
the num
ber
o
f
c
om
pu
te
rs
an
d netw
orks,
a
nd u
po
n
seeki
ng
m
or
e secur
it
y and
as
suranc
e
si
m
ultaneou
sly
,
the
area
of
s
ecur
it
y
ha
s
be
com
e
bo
th
m
or
e
inter
est
ing
and
chall
e
ng
i
ng.
I
n
fact
,
a
ggressors
at
tem
pt
to
acc
ess
delic
at
e
ba
sic
res
ources
t
o
e
xp
l
oit
them
.
A
s
with
num
erous
i
nspirat
ion
s
,
t
her
e
are
a
lot
of
new
s
broa
dcas
ts
co
ncernin
g
abuse
of
data
and
at
ta
cks
on
syst
em
s
al
l
ov
er
the
glo
be.
Alth
ough
a
l
ot
of
researc
hes
a
nd
stu
dies
ha
ve
been
la
un
c
he
d
to
sec
ur
e
networks
a
nd
su
c
cessf
ully
prev
ent
a
la
r
ge
nu
m
ber
of
at
ta
cks,
t
her
e
are
m
any
va
riet
ie
s
of
at
ta
cks
,
m
os
t
of
wh
ic
h
a
re
sti
ll
new
an
d
ope
n
t
o
f
ur
t
her
stu
dies.
In
this
su
r
vey
pa
per,
an
at
te
m
pt
has
bee
n
m
ade
to
el
aborate
m
or
e
on
the
m
et
ho
ds
a
nd
to
ols
at
ta
cker
s
us
e
to
m
od
i
fy
inf
or
m
at
ion
and
data.
Evaluation Warning : The document was created with Spire.PDF for Python.
Com
pu
t. Sci.
I
nf. Tec
hnol.
Mo
difi
cation d
ata
attack i
ns
i
de
c
omp
uter sy
ste
ms:
a cri
ti
cal revi
ew
… (
Vah
i
d
K
avia
ni J
)
99
2.
DEFI
NITIO
N
O
F
ATTACK
In
te
rm
s
of
defi
niti
on
,
a
n
at
ta
cker
is
the
pe
rs
on
w
ho
ca
n
m
al
ic
iou
sly
inter
cept,
inter
rupt,
sn
iff
,
al
te
r,
ste
al
,
or
rem
ov
e
i
m
po
rtant
data
inside
a
c
om
pu
te
r
or
a
ppli
cat
ion
by
breac
hi
ng
the
netw
ork
or
thr
ough
br
eac
hing
to
the
syst
em
d
irect
ly
,
li
ke
run
ning
an
e
xec
utable
co
de
on
th
e
ta
rg
et
com
pute
r.
Data
m
od
if
ic
at
ion
has
dif
f
eren
t
ty
pes.
I
ntr
uder
s
m
isuse
di
ff
e
r
ent
res
ources
of
victi
m
s
to
re
ach
thei
r
go
al
s
.
S
pecifica
ll
y,
they
ex
plo
it
s
oft
war
e
vu
l
ner
a
bili
ti
es
or
hardw
a
re
w
eakn
e
sses
to
pe
netrate
t
he
syst
e
m
[1
]
.
I
n
t
hi
s
sur
vey,
we
hav
e
trie
d
t
o
s
how
the
tre
nd
s
of
m
od
i
ficat
ion
dat
a
at
ta
ck.
In
the
fo
ll
owin
g
rev
ie
w,
t
he
m
ann
er
in
w
hich
these
kinds
of
at
ta
ck
s
will
ta
ke
place
and
their c
ounterm
easur
e
s ar
e
exp
la
ined.
2.1.
Def
ini
ti
on
of
prob
le
m
(
d
ata
mo
di
fica
tion
atta
c
k)
Gen
e
rall
y,
m
os
t
of
the
intr
ude
rs
kn
ow
that
th
ere
is
a
br
eac
h,
or
bette
r
to
sa
y,
insecu
re
ap
pl
ic
at
ion
on
so
m
e
PCs.
T
he
y
can
m
isuse
insec
ur
e
s
of
t
war
e
a
nd
syst
e
m
s
to
do
t
he
m
od
ific
at
ion
.
This
a
ppr
oac
h
is
cal
le
d
con
t
ro
l
-
base
d a
tt
ack,
in
whic
h an
intr
uder
m
i
su
ses
a
m
e
m
or
y flaw,
s
uch as
a
buff
e
r o
verfl
ow or
us
e
-
afte
r
-
f
ree,
to
over
wr
it
e
c
ontr
ol
-
data
s
uc
h
as
a
retu
r
n
ad
dress o
r
functi
on
pointe
r
an
d
t
her
e
by
m
od
ifies
the
co
ntr
ol
-
fl
ow
of
the
pro
gr
am
.
I
n
orde
r
to
get
the
co
ntr
ol
of
a
n
ap
plica
ti
on
,
wh
ic
h
is
ref
e
rred
to
as
hij
a
c
ki
ng
[2
]
,
pr
im
aril
y
it
is
necessa
ry
to
inj
ect
s
pecific
data
w
hich
ca
n
be
r
un
t
o
ge
t
the
co
ntro
l
of
syst
em
.
This
m
et
ho
d
is
known,
i
n
the
cy
be
r
wor
ld,
as
co
ntr
ol
-
data
at
ta
ck.
A
no
t
her
ty
pe
of
m
od
ific
at
ion
data
at
ta
ck
re
su
lt
s
in
t
he
run
of
com
pu
ta
ti
on
w
hich
is
kn
own
as
non
-
co
ntr
ol
-
data
at
ta
ck.
T
his
ty
pe
of
at
ta
ck
,
w
hich
in
j
ect
s
wrong
data
in
s
yst
e
m
cal
l,
nee
ds
to
i
nj
ect
in
valid
c
ode
by
co
rru
ptin
g
t
he
data
or
usi
ng
a
valid
c
od
e
wit
h
i
nv
al
id
data
e
ntry
or
th
rou
gh
enterin
g
a
n
in
va
li
d
path
by
co
rrup
ti
on. I
n
or
der
to d
et
ect
th
os
e
at
ta
cks,
a
nom
aly
-
based
a
naly
sis
is
us
ed
in
IDS
to lo
ok for any
f
la
w
fro
m
a p
a
tt
ern
wh
ic
h
s
hows
irre
gula
rity
f
r
om
n
or
m
al
b
eha
vior
of the
progr
am
s [
3].
Most
of
the
se
cur
it
y
syst
em
s
la
un
c
h
t
his
kind
of
detect
ion
in
local
syst
em
s
an
d
buil
d
th
e
ir
pa
tt
ern
s
us
in
g
se
quence
s
of
syst
em
calls.
This
ap
proa
ch
ca
n
detect
va
rio
us
c
on
t
ro
l
-
data
at
ta
cks;
howe
ve
r,
m
os
t
of
th
e
non
-
co
ntr
ol
-
da
ta
ones
e
va
de
t
hat
procedu
re
[
4].
Mo
dificat
io
ns
data
is
t
he
w
ay
known
by
c
on
t
ro
l
-
data
-
at
t
ackers
wh
ic
h
al
te
rs
th
e
flo
w
of
pr
ogram
s.
That
m
e
ans
it
m
od
ifie
s
us
er
c
ha
racter
ist
ic
s,
con
fi
gur
at
ion
,
a
nd
us
e
r
input
data
to
ac
hieve
at
ta
cker
’s
goal
s
[5]
.
Stat
e
d
th
at
non
-
c
ontrol
data
at
ta
cks
ar
e
of
a
se
rio
us
na
ture.
T
hey
ca
n
be
a
threat
agai
ns
t
m
any
real
appl
ic
at
ion
s.
Mo
r
eov
e
r,
se
r
ver
s
ide
ap
plica
ti
ons
widely
inclu
de
the
i
nfrastr
uctu
re
need
e
d
for
this
ty
pe
of
at
ta
ck.
Since
the
rece
nt
co
unte
rm
eas
ur
es
,
wh
ic
h
ha
ve
been
de
velo
ped
agai
ns
t
co
ntr
ol
-
base
d
at
ta
ck
s,
ha
ve
s
uccee
ded,
t
he
ex
pa
ns
io
n
rate
of
no
n
-
c
ontrol
data
at
ta
cks
h
as
bee
n
inc
r
eased
dr
am
at
ic
ally
[6]
.
In
recent
ye
ar
s
,
a
lot
of
ex
pe
rts
an
d
sci
entis
ts
hav
e
bee
n
a
ddresse
d
to
fin
d
out
the
way
to
m
it
igate
con
t
ro
l
-
base
d
-
at
ta
cks.
O
ne
of
the
m
os
t
sig
nificant
resea
r
ches
i
n
t
his
sc
op
e
,
w
hich
is
a
pa
rt
of
governm
ental
afford
to
de
ve
lop
a
f
or
m
al
m
od
el
of
for
assessi
ng
inte
gr
it
y
of
c
on
tr
ol
-
fl
ow,
us
e
d
t
his
m
od
el
to
f
ind
t
he
correct
ness
of
def
e
ns
es
a
gai
nst
an
at
ta
cke
r
[7
]
.
Shuo
Chen
at
al.
i
nd
ic
at
ed
that
th
os
e
c
ounterm
easur
es
wh
ic
h
address
c
on
tr
ol
-
base
d
-
at
ta
cks
will
not
pr
e
ve
nt
non
-
c
on
tr
ol
-
da
ta
at
ta
c
ks
[5]
.
Th
os
e
i
ntr
ud
e
r
s
w
ho
a
re
us
i
ng
no
n
-
con
t
ro
l
ap
proa
ch
ca
n
eva
de
the
de
fen
se
sys
tem
.
For
e
xam
ple,
t
hose
w
ho
us
e
m
i
m
ic
ry
at
ta
cks
ca
n
e
va
de
t
he
secur
it
y
m
echan
ism
and
s
uc
h
kind
of
at
ta
ck
ca
n
po
te
ntial
ly
bypass
sec
uri
ty
.
Se
ver
al
im
pr
ov
em
ents
of
this
appr
o
ach
ha
ve
been
offer
e
d,
nota
bly
by
ad
ding
i
nfor
m
at
ion
a
vaila
ble
at
t
he
s
yst
e
m
le
vel,
suc
h
as
the
pa
ram
et
ers
of
t
he
syst
em
cal
ls
or
thei
r
e
xecu
ti
on
c
onte
xt.
T
he
detect
ion
of
c
on
tr
ol
-
data
at
ta
cks
is
enh
a
nce
d
in
not
only
accuracy
but al
so
c
om
plete
ness,
ho
wever
,
no
n
-
c
ontrol
-
data
at
ta
cks
rem
ai
n
m
os
tly undetect
ed
[
8].
Most
of
m
od
if
ic
at
ion
s
in
m
e
m
or
y
data
flow
at
ta
cks
[
9
-
10]
wh
ic
h
are
e
m
erg
ed
by
pe
ne
trat
ion
s
a
nd
worm
s,
are
known
as
the
c
on
trol
-
data
at
ta
ck
.
W
it
h
re
cent
a
dv
a
ncem
ent
in
secur
it
y
areas,
exp
l
oiti
ng
netw
ork
and
c
om
pu
te
r
syst
e
m
s
is
beco
m
ing
m
or
e
to
ugh;
he
nce
,
it
is
essenti
al
f
or
intruder
s
to
ge
t
enough
i
nform
at
ion
form
victim
s’
dev
ic
es
a
nd
ap
plica
ti
on
s,
a
nd
they
m
us
t
be
e
qu
i
pp
e
d
with
powe
rful
to
ols
a
nd
e
noug
h
ex
pe
rtise
to
r
un
s
uccess
f
ul
cy
be
r
-
at
ta
ck
s
agai
n
st
se
ns
it
ive
data
a
nd
ne
twork
in
fr
ast
r
uc
ture.
I
ntr
uder
s
m
os
tl
y
exp
lo
it
th
e
com
pu
te
r
syst
e
m
s
by
br
eac
hing
the
sec
uri
ty
vu
lne
ra
bili
ti
es
su
ch
as
integer
over
flo
w,
f
orm
at
strin
g
vu
l
ner
a
bili
ty
,
and
buf
fer
over
flo
w
an
d
l
ow
-
le
vel
m
e
m
or
y
c
orrupti
on
fla
w
s.
T
hese
vu
l
ne
rab
il
it
ie
s
are
not
th
e
on
ly
ap
proac
h.
Ther
e
a
re
othe
r
ty
pes
of
vu
l
ner
a
bili
ty
su
ch
as
m
a
lwares,
zom
bie
bo
ts
a
nd
root
kits
whic
h
can
cause
de
nial o
f
servic
e (
D
DoS)
at
ta
ck
[11
]
or etc
.
Ther
e
is
m
uch
m
or
e
detai
l
abo
ut
the
se
tre
nds
of
at
ta
c
ks
w
hi
ch
is
inclu
ded
in
these
pap
e
rs
[12
-
13]
an
d
can
broa
dly
be
f
ound
on
the
In
te
r
net.
A
nother
s
or
t
of
m
od
ific
at
ion
at
ta
ck,
w
hich
cau
se
s
breac
h
by
m
e
m
or
y
corrupti
on,
use
s
a
sim
i
la
r
patt
ern
that
is
known
as
c
on
tr
ol
-
data
-
at
ta
ck.
It
al
te
rs
the
strea
m
of
inst
ru
ct
io
n
of
a
pro
gr
am
by
m
eans
of
c
hangi
ng
re
gistry
c
ounte
r
wh
il
e
fa
ci
ng
pro
gram
error.
T
his
ca
us
es
a
c
hange
in
t
he
addressi
ng
of
f
low
pro
gram
inside
the
proces
so
r
.
All
these
c
ou
l
d
ha
pp
e
n
th
rou
gh
la
unc
hing
m
al
ic
iou
s
pr
ogram
wh
ic
h
co
ntains
har
m
fu
l
co
des
.
The
at
ta
ck
s
m
os
t
ly
occur
in
s
yst
e
m
calls
or
et
c.
A
quic
k
stud
y
of
t
he
U
S
CER
T
(Com
pu
te
r
Em
erg
e
ncy
Re
spo
ns
e
Team
)
,
show
n
in
Fig
ur
e
1,
s
uggests
se
cur
it
y
poli
ci
es
in
[14,
15]
an
d
the
Mi
cro
s
of
t
ass
urance
re
port
in
[16]
sho
ws
th
at
con
tr
ol
-
data
at
ta
ck
is
an
im
portant
vu
l
ner
a
bil
it
y
and
s
houl
d
be
cl
assifi
ed
as c
r
it
ic
al
d
ang
e
r.
Evaluation Warning : The document was created with Spire.PDF for Python.
IS
S
N
:
2722
-
3221
Com
pu
t. Sci.
I
nf. Tec
hnol.
,
V
ol.
1
, N
o.
3
,
N
ov
em
ber
20
20
:
98
–
105
100
Figure
1. N
umber
of
ICS
-
CE
RT
re
ported
vu
lnera
bili
ti
es
by
sect
or
3.
RELATE
D
W
ORKS
Cole
Sch
le
singe
r
et
al
.
u
sed
s
pe
ci
al
har
dwar
e
arch
it
ect
ure
know
n
as
the
Mi
no
s.
It
can
pr
e
ve
nt
tho
s
e
at
ta
cks t
hat
are
cause
d
by
m
e
m
or
y
cor
r
upti
on
a
nd
hi
j
ack
in
syst
e
m
s
li
ke c
on
t
ro
l
data
at
ta
cks a
nd
s
om
e
of
no
n
-
con
t
ro
l
data
on
es
[
17
]
.
Mo
reover
,
in
or
der
to
m
it
igate
con
tr
ol
data
at
ta
cks
,
w
hich
can
in
j
e
ct
m
a
li
ci
ou
s
co
des
t
o
change
the
pro
cesso
r
c
ounter
,
it
protect
s
m
e
m
or
y
fr
om
an
y
kind
of
vio
l
at
ion
of
sa
fety
.
T
he
Mi
no
s
c
hecks
the
integ
rity
of
al
l
data
in
m
e
m
or
y.
Another
relat
ed
w
ork
i
n
[
18]
pap
e
r
w
hich
is
relat
e
d
to
the
pre
ven
ti
on
of
bot
h
non
-
co
ntr
ol
data
a
nd
c
ontr
ol
da
ta
at
ta
cks
is
kn
own
a
s
Y
ARRA
.
Y
ARRA
is
a
no
t
her
exte
ns
io
n
of
C+
+
com
piler
wh
ic
h
protect
s
im
portant
unsa
fe
com
po
ne
nts,
sensiti
ve
dat
a
ty
pe
and
oth
er
vu
l
ner
a
bili
ty
in
interp
retat
ion
be
tween
highe
r
l
evel
la
ngua
ges
to
lo
wer
le
ve
l.
It
is
al
so
pro
ve
d
that
t
his
pr
oject
can
s
uccess
fu
ll
y
assess
an
d
vali
date
the
res
ults
of
im
ple
m
entat
ion
s
in
real
env
i
ronm
ent
syst
e
m
s
wh
ic
h
wer
e
vu
l
ner
a
bl
e
to
a
var
ie
ty
of m
e
m
or
y c
orr
up
ti
on
at
ta
cks.
4.
CUR
RENT T
REN
DS
IN
NON
-
D
ATA
&
CONTR
OL D
ATA ATT
A
C
KERS
Re
cent
achie
ve
m
ents
in
m
i
ti
gation
of
c
ontr
ol
-
data
at
ta
cks
ha
ve
offer
e
d
m
a
ny
uns
ur
e
a
ppr
oach
e
s.
It
is
m
or
e
log
ic
al
t
o
in
vestigat
e
t
he
im
pact
and
dom
ai
n
of
c
ontr
ol
-
data
at
ta
cks.
Most
of
hack
e
r
s,
due
t
o
c
om
plica
te
d
pen
et
rati
on
processes
a
nd
la
ck
of
kn
ow
le
dge,
p
re
fer
to
r
un
non
-
co
ntr
ol
-
data
at
ta
cks
a
gainst
their
vi
ct
i
m
s.
Althou
gh
sk
il
l
fu
l
int
rude
rs
hav
e
en
ough
knowle
dge
a
nd
e
xp
e
rience
to
pen
et
rate
by
con
tr
ol
data
at
ta
ck
appr
oach
es
,
t
he
en
ha
ncem
ent
s
in
intr
us
io
n
de
te
ct
ion
syst
e
m
s
has
pus
hed
m
any
at
ta
cker
s
to
f
ocu
s
a
nd
pe
netrate
ta
kin
g
a
dv
a
nta
ge
of
non
-
c
ontr
ol
-
data
vuln
era
bili
ty
[1
9].
I
f
it
is
co
ns
ide
red
a
s
fact,
an
d
if
t
he
breac
he
s
of
c
on
t
ro
l
flo
w becom
e im
po
ssible t
o p
enetrate
, i
ntr
uders wil
l be m
otivate
d
to
gai
n
a
ccess o
f
t
he vict
i
m
s’
syst
e
m
s.
So
m
e researc
h
and
st
ud
ie
s
ha
ve fig
ured
ou
t
that t
he
c
ounte
r
m
easur
es
for
m
e
m
or
y co
rru
ptions a
re
not
well
ad
dr
e
ssed
an
d
it
is
sti
ll
a
prob
le
m
at
ha
nd.
The
ne
ed
for
m
or
e
r
esearch
proj
ec
ts
in
t
his
area
seem
s
inevita
ble.
Ty
pe
s of att
acks
u
s
ing
sp
eci
fic m
em
or
y add
re
ssin
g vu
l
ner
a
b
il
it
ies
su
c
h
as:
Stac
k Gu
a
r
d
[
20]
Libra
ry safe
[2
1]
Fo
rm
at
G
ua
rd
[22]
5.
SOM
E
SOP
H
ISTIC
ATED
ATTA
CKS
A
ND
E
X
PL
OI
TS
As
a
re
su
lt
of
r
eviewin
g
relat
ed
pa
pe
rs
in
this
area,
it
is
co
nc
lud
e
d
that
in
te
rm
s
of
durati
on
and
im
pact
of
at
ta
ck
s,
a
l
arg
e
num
ber
of
at
ta
ck
s
m
is
us
e
d
the
a
ppli
cat
ion
vu
l
ner
a
bili
ti
es
wh
ic
h
al
lowed
intr
ud
ers
t
o
ov
e
r
wr
it
e
rand
om
l
y
in
m
e
m
or
y
an
d
t
he
a
ddre
ss
of
a
pote
ntia
l
ap
plica
ti
on
.
S
om
e
rem
ark
able
sam
ples
are
know
n
as m
e
m
or
y flaw in
j
ect
io
n, int
eger o
verflo
w,
form
at
string
a
nd stack
over
fl
ow.
5.1.
Low
-
le
vel s
oft
w
are
Most
of
the
pe
netrati
ons
ta
ke
place
by
outsi
de
intr
uders
and
m
os
t
of
t
he
c
om
pu
te
r
vi
ct
i
m
s
wer
e
br
eac
he
d
t
hro
ugh
c
ontrolli
ng
s
of
tw
are
behavio
r.
N
orm
all
y,
this
kind
of
at
ta
ck
ca
n
pa
ss
th
r
ough
co
m
m
on
netw
ork
c
omm
un
ic
at
io
ns
a
nd
injec
t
m
alici
ou
s
c
ode
int
o
t
he
m
e
m
or
y
by
low
-
le
vel
la
ngua
ge
vulne
ra
bili
ti
es.
Thro
ugh
a
busi
ng
this
wea
kn
e
ss,
these
lo
w
-
le
vel
breac
hes
ca
n
th
reaten
the
e
xecu
ti
on
of
the
pro
gr
am
and
hi
j
ac
k
Evaluation Warning : The document was created with Spire.PDF for Python.
Com
pu
t. Sci.
I
nf. Tec
hnol.
Mo
difi
cation d
ata
attack i
ns
i
de
c
omp
uter sy
ste
ms:
a cri
ti
cal revi
ew
… (
Vah
i
d
K
avia
ni J
)
101
con
t
ro
l
ove
r
it
s
beh
a
vior.
L
ow
le
vel
vu
l
ner
a
bi
li
t
ie
s
in
la
ng
ua
ges
s
uch
as
C+
+
and
C
m
us
t
be
addresse
d
to
t
ackle
these
sec
ur
it
y
issues.
Wh
e
never
hi
gh
le
vel
la
ngua
ges
a
re
int
erprete
d
t
o
lo
w
-
le
vel
ones
,
it
cou
l
d
be
a
po
t
entia
l
risk
for
in
j
ect
ion.
T
he
only
ben
e
fit
of
un
protect
ed
i
nter
pret
at
ion
is
sa
vin
g
m
or
e
m
e
m
or
y
a
nd
delibe
rati
on
s
.
So
ft
war
e
de
velop
e
rs
s
how
t
he
ir
aim
util
izing
the
ref
le
ct
io
ns
of
m
or
e
el
eva
te
d
la
ngua
ges.
If
thes
e
ref
le
ct
ions
are
not
sa
ved
i
n
l
ow
-
le
vel
exe
cutions,
the
n
t
hi
s
erro
r
ca
n
le
ad
t
he
pro
duct
t
o
act
in
sur
pr
isi
ng
ways.
Fr
e
qu
ently
,
an
a
ggress
or
w
il
l
hav
e
t
he
ca
pa
ci
ty
to
ex
plo
it
this
e
rror
,
a
nd
red
irect
the
l
ow
-
le
vel
exec
ut
ion
of
the
product
to
perform
arb
it
ra
ry fun
ct
io
nalit
ie
s of the
att
ack
er’
s
choice
[1
7]
.
5.2.
Data pr
op
er
ties
Fil
e
set
ti
ng
s
a
r
e
us
e
d
e
xtensi
vely
by
m
any
web
ap
plica
ti
on
s.
For
i
ns
ta
nc
e,
in
orde
r
to
m
anag
e
a
nd
config
ur
e
se
ve
ral
c
on
fig
ur
at
i
on
s
of
apac
he
web
ser
ve
r,
it
can
be
c
onfi
gured
by
the
fr
a
m
ewo
r
k
m
anag
er
us
i
ng
httpd.co
nf.
A
dm
in
can
m
anage
an
d
s
pecify
t
he
a
ddress
of
da
ta
an
d
e
xecu
ta
ble
file
s,
sec
ur
i
ty
po
li
ci
es
a
nd
acce
ss
con
t
ro
l
par
am
et
ers.
T
he
sam
e
co
nf
i
gurati
on
and
file
s
a
re
use
d
i
n
FT
P,
S
SH
[23],
a
nd
oth
e
r
netw
ork
serv
e
r
app
li
cat
io
ns
. Mo
st
of
se
r
ver
ap
ps process
c
onfig
ur
at
io
n
file
s
at
ve
ry
early
ste
ps
of p
r
ogr
a
m
execu
ti
on
i
n
ord
e
r
to
la
unch
i
ntern
al
data
struc
tures.
D
ur
i
ng
the
proces
s,
a
bove
s
ources
are
util
iz
ed
to
m
anag
e
a
n
d
con
t
r
ol
the
beh
a
vior
of
ser
ver
a
pp
li
ca
ti
on
s
a
nd
rar
el
y
the
se
r
vice
c
hain
of
ser
ver
cou
l
d
break
or
change
once
it
enters
the
proce
ss.
At
ta
cker
s
ta
ke
c
ontr
ol
of
victi
m
s
’
be
ha
vior
by
m
od
ify
ing
co
nfi
gurati
on
data
structu
res.
The
ser
ver
app
li
cat
io
n
at
r
un
ti
m
e
process
ca
n
fin
d
file
pa
th
of
data
an
d
e
xecu
ta
ble
file
s.
As
a
m
at
te
r
of
fact,
a
we
b
s
erv
e
r
can
preve
nt
a
ny
m
a
li
ci
ou
s
act
ivit
y
by
a
CG
I
pro
gr
am
,
w
hich
is
a
pat
h
direc
ti
ve.
C
onfig
ur
a
ti
on
file
s
a
re
i
nc
lud
e
d
in
a
li
st
of
tr
us
t
ed
an
d
sec
ured
pro
gr
am
s
wh
ic
h
s
p
eci
fy
the
lo
cat
ion
of
e
xec
ut
able
ap
ps
.
If
t
he
co
nfi
gurati
on
file
is m
anipu
la
te
d t
hroug
h
m
e
m
o
ry, it ca
n p
oten
ti
al
l
y l
ead att
ackers
to bypa
ss
acce
ss contr
ol
[24].
5.3.
User da
ta pr
oper
t
y
Durin
g
e
xecu
ti
on
of
a
uth
e
ntica
ti
on
process
for
init
ia
li
zi
ng
rem
ote
us
e
r,
se
cu
rity
proto
cols
vali
date
the
us
e
r
data
id
entifi
cat
ion
s
suc
h
as
ID
an
d
gro
up
I
D
acce
s
s
pr
i
vileges
w
hich
are
cach
ed
t
hro
ugh
m
e
m
or
y
for
gr
a
ntin
g
acce
s
s.
Re
m
ote
access
decisi
on
util
iz
es
cached
inf
or
m
at
ion
f
or
da
ta
identific
at
ion.
T
he
una
uthorize
d
acce
ss
c
oul
d
ha
pp
e
n
by
c
hangin
g
t
he
ide
ntit
y
of
t
he
us
e
r
a
nd
m
od
ify
in
g
cache
inf
orm
ation
pre
viously
store
d
in
the
m
e
m
or
y
[25].
T
he
i
m
pact
of
this
process
usual
ly
ta
kes
place
unde
r
Bo
olean
var
ia
ble
on
a
sing
l
e
reg
ist
er
of m
e
m
or
y
.
5.4.
Decisi
on
-
m
ak
i
ng
data
Decisi
on
m
aking
f
or
aut
hen
ti
cat
ion
c
onsist
s
of
m
ulti
ple
ste
ps
.
A
uth
e
ntica
ti
on
of
us
e
rs
is
a
crit
ic
al
decisi
on
wh
ic
h
ca
n
res
ult
in
granti
ng
acce
ss
an
d
aut
hori
zi
ng
ei
ther
the
rig
ht
us
e
rs
or
intr
ud
e
rs.
H
oweve
r,
m
anipu
la
ti
ng
unpr
otect
ed
m
e
m
or
y wit
h
bi
na
ry co
des
is
not
an
eas
y a
ppr
oa
ch fo
r
at
ta
cke
r
s [17
]
.
5.5.
User inp
ut str
ing
Anothe
r
ap
pro
ach
f
or
intr
ud
ers
t
o
l
un
c
h
a
suc
cessf
ul
at
t
ack
is
to
us
e
non
-
co
ntr
ol
-
da
ta
at
ta
ck
by
changin
g
us
e
r
entry. I
n
orde
r
to
preve
nt
this kind o
f
at
ta
ck
, v
al
idati
ng
of
in
pu
ts
is vita
l
an
d
play
s
a
key
r
ole
i
n
reinfo
rcin
g
s
ec
ur
it
y
po
li
ci
es.
In
tr
uder
would
gai
n
co
ntr
ol
of
syst
em
wh
e
n
m
od
ific
at
ion
s
on
use
r
in
put
ta
kes
place
after
the
validat
io
n
proc
ess.
The
f
ollowi
ng
ste
p
will
be
purs
ued
i
n
an
at
ta
ck:
1
-
Fir
st,
le
gitim
at
e
data
entry
is
us
ed t
o p
r
oc
eed
th
rou
gh
t
he
validat
io
n p
r
ocess
of
a
n a
pp. 2
-
I
nj
ect
i
on
a
nd
m
od
ific
at
io
n o
f c
ac
hed
i
nput
data
is
perform
ed.
3
-
Fi
nally
,
m
o
dified
data
is
r
un
a
nd
us
e
d
to
be
co
ns
id
ere
d
as
le
gitim
at
e
us
er
data.
T
his
ty
pe
of
at
ta
ck
is k
now
n
as
TO
CT
O
U, i.e. Tim
e o
f
C
heck to
Tim
e o
f
U
se [1
8].
5.6.
Vu
lner
ab
il
itie
s of ser
ver
app ser
vices
Ther
e
wa
s
a
quic
k
i
nv
e
sti
gation
done
by
C
ERT
in
2015
wh
ic
h
sta
te
d
87
m
e
m
or
y
vu
l
ner
a
bili
ti
es.
The
Most
well
-
known
of
t
hese
w
eak
nesses
a
r
e
inte
ger
ov
e
rf
l
ow,
f
or
m
at
string
a
nd
buf
fer
over
flo
w,
a
nd
et
c.
In
the
stud
y
of
[
18
]
it
was
re
ve
al
ed
that
fro
m
87
wea
kn
e
s
ses,
73
of
the
m
are
capab
le
of
e
xp
l
oits
w
hich
are
m
entioned in
the
fo
ll
owin
g:
18%
vu
l
ner
a
bili
ti
es o
f HTTP
s
erv
ic
e,
10%
vu
l
ner
a
bili
ti
es o
f data
bas
e ser
vice,
8% v
uln
era
bili
ti
es in r
em
ote log
i
n,
5% v
uln
era
bili
ti
es in m
ail ser
vice,
and 4%
vu
l
nerabil
it
ie
s in
FT
P service
.
Ther
e
a
re
m
any
ty
pes
of
m
e
m
or
y
flaws
an
d
c
orr
up
ti
ons
.
Althou
gh
a
si
gn
i
ficant
porti
on
of
thes
e
vu
l
ner
a
bili
ti
es
are
il
lustrate
d
in
the
Fig
ur
e
2
,
wh
ic
h
sho
w
s
tren
ds
of
inc
idents,
th
er
e
a
re
m
any
un
co
ver
e
d
weaknesse
s in
non
-
co
ntr
ol
-
da
ta
att
acks th
at
need to
be
i
nve
sti
gated
f
urt
he
r
.
Evaluation Warning : The document was created with Spire.PDF for Python.
IS
S
N
:
2722
-
3221
Com
pu
t. Sci.
I
nf. Tec
hnol.
,
V
ol.
1
, N
o.
3
,
N
ov
em
ber
20
20
:
98
–
105
102
Figure
2.
In
ci
de
nt
re
ported
to
the
U.
S
.
c
om
pu
te
r
em
erg
ency
read
li
nes
s
Tea
m
b
y
fed
eral
a
gen
ci
es
,
fiscal
ye
a
rs
2006 th
r
ough
2014
5.7.
Heap corr
up
tion
att
acks
Mem
or
y
corr
upti
on
vulne
rabi
li
t
ie
s
cou
l
d
ha
pp
e
n
by
TEL
N
ET
an
d
HTTP
daem
on
.
I
f
the
daem
on
is
run
a
s
root,
HT
TP
or
Tel
net
da
e
m
on
le
t
m
anipu
la
ti
on
on
c
onfi
gurati
on
data
us
e
r
ta
ke
pla
ce
an
d
le
t
the
i
ntr
ude
r
get
root
s
hells.
The
point
is
t
ha
t
so
m
e
HTT
P
daem
on
s
c
a
n
be
la
unche
d
as
a
n
unpri
vilege
d
us
er
, i
.e
. a
us
er
with
sp
eci
al
per
m
is
sion
s
s
uc
h
as
t
he
a
dm
inist
rator.
In
this
case
,
the
root
pri
vilege
c
om
pr
om
i
ses
the
whole
s
yst
e
m
,
wh
et
her the att
ack is a
contr
ol
-
data at
ta
ck
or
a non
-
c
on
tr
ol
da
ta
att
ack [25
]
.
5.8.
St
ac
k bu
f
fer
overfl
ow
att
ack a
ga
ins
t user i
nput d
ata
A
no
t
her
sam
ple
of
sta
c
k
buf
f
er
over
flo
w
we
akn
e
sses
c
ould
pote
ntial
ly
be
GH
T
TP
an
d
H
TTP,
w
hich
hav
e
buf
fer
over
flo
w
vu
l
nerabil
it
y
in
their
log
i
n
process
es.
I
n
c
om
par
ison
with
ot
he
r
ty
pes
of
m
e
m
or
y
corrupti
on,
t
he
sta
ck
over
flo
w
does
no
t
in
je
ct
the
cod
e
i
n
rando
m
m
e
m
o
ry
locat
ion
s
.
T
he
unsec
ur
e
bu
ff
e
r
on
the
sta
c
k
is
the
m
os
t
popu
la
r
s
po
t
to
ex
pl
oit.
This
vulne
rab
il
it
y,
wh
ic
h
is
known
as
sta
ck
s
m
ashing
m
et
ho
d,
ca
n
inj
ect
m
al
ic
iou
s codes t
o be
w
ritt
en
in stac
k
i
n
a
retu
rn ad
dr
ess and ca
us
e
roo
t c
om
pr
om
is
e [
26
]
.
5.9.
Atta
c
king
nu
ll
httpd
Anothe
r
ty
pe
of
m
e
m
or
y
cor
r
up
ti
on
is
N
ull
HTTPD
w
hich
is
a
we
b
se
r
ve
r
in
Lin
ux
[
1].
Ther
e
is
a
n
avail
able
vulne
rab
il
it
y
wh
ic
h
can
be
e
xploit
ed
by
ov
e
rwrit
in
g
on
heap
m
e
m
or
y
w
hile
the
e
n
try
f
un
ct
io
n
is
us
in
g
the
buf
fer.
When
the
c
orr
up
te
d
he
ap
buf
fer
i
s
inj
ect
e
d,
t
he
pro
gr
am
con
tr
ol
jum
ps
to
m
a
li
ci
ou
s
co
des
a
nd
t
he
root is c
om
pr
om
ise
d.
6.
PURPOS
IN
G
COUNTE
RME
AS
U
RE TE
CHNIQ
UES
Re
viewin
g
al
l
stud
ie
s
a
nd
res
earch
pro
j
ect
s
sh
ows
t
hat
se
ve
ral
ser
ver
a
pp
li
cat
ion
s
m
us
t
be
protect
ed
du
e
to
their
vul
ner
a
bili
ti
es.
Th
ere
a
re
se
ver
al
p
r
otect
ive
m
eth
ods
w
hich
are
pro
posed
in
th
e
f
ollow
i
ng. As
in a
cond
ucted
st
udy
[26],
the
co
unte
rm
easur
es
a
re
cat
eg
or
iz
e
d
in
two
m
ai
n
m
et
hods
:
1
-
sec
uri
ty
so
ftwar
e
,
w
hich
can
secu
re
a
nd
cov
e
r
m
e
m
or
y
-
safety
from
cor
ruptio
n.
2.
Pr
e
ven
ti
ng
m
e
m
or
y
ov
er
flo
w.
In
the
fo
ll
owi
ng
pl
enty
avail
able sec
uri
ty
m
easur
es to
avoid m
os
t o
f t
he
no
vel att
acks a
re
pr
ese
nte
d:
So
m
e secur
it
y m
easur
es a
re
ba
sed o
n pr
act
ic
al
p
r
otect
ion i
n belo
w
a
rr
a
n
ge
m
ents, su
c
h
a
s:
po
i
nter rest
rict
ion [
27]
rand
om
sp
ace addressi
ng [28]
Othe
r
ty
pes o
f sec
ur
it
y m
easur
es a
re
based o
n
inte
gr
it
y ex
pl
oits in c
ontrol
fl
ow
att
ack
s,
s
uc
h
as:
syst
e
m
call
b
ased
on intr
us
io
n detec
ti
on a
ppr
oach
e
s [2
9
-
31]
con
t
ro
l
data
protect
ion
ap
pro
aches
[32
-
34]
non
-
exec
utable
-
m
e
m
or
y
-
based
protect
ion
s
[35
]
6.1.
Securi
t
y
-
cri
tic
al n
on
-
co
nt
r
ol data
As
presente
d
i
n
a
stu
dy
done
by
C
he
n
et
al
.,
t
her
e
are
s
om
e
secur
it
y
-
cri
ti
cal
data
ap
plied
by
non
-
con
t
ro
l
-
data at
t
acks,
which
ar
e il
lustrate
d
as
fo
ll
ows:
Evaluation Warning : The document was created with Spire.PDF for Python.
Com
pu
t. Sci.
I
nf. Tec
hnol.
Mo
difi
cation d
ata
attack i
ns
i
de
c
omp
uter sy
ste
ms:
a cri
ti
cal revi
ew
… (
Vah
i
d
K
avia
ni J
)
103
Config
ur
at
io
n
data.
C
onfig
urat
ion
file
s
are
us
e
d
by
a
nu
m
ber
of
a
ppli
cat
ion
s
to
i
den
ti
f
y
and
cat
eg
or
i
ze
acce
ss
co
ntr
ol
po
li
ci
es,
as
w
el
l
as
file
path
directi
ves
,
so
that
the
locat
ion
of
the
sec
ure
exec
utables
is
determ
ined.
I
n
order
t
o
init
ia
te
un
i
nten
ded
a
ppli
cat
ion
s
(
su
c
h
as
r
oo
t
s
hells),
or
ev
en
bypa
ss
the
we
b
ser
ve
r
acce
ss contr
ols
, an att
acker
m
ay
o
ve
r
wr
it
e s
uch co
nfi
gurati
on d
at
a.
User
i
nput
da
ta
.
A
ver
y
c
om
m
on
appr
oa
ch
in
s
of
t
war
e
eng
i
neer
i
ng
i
s
to
co
ns
id
er
us
er
i
nput
data
as
distrust
ed,
a
nd
app
ly
t
hose
up
on
validat
io
n.
I
n
ca
se
a
n
at
ta
cker
al
te
rs
the
in
pu
t
data
afte
r
it
ha
s
gone
th
r
ough
validat
io
n proc
ess, the
pr
ogra
m
co
uld
b
e
e
xe
cuted wit
h
m
al
ic
iou
s i
nput.
User
ide
ntit
y
da
ta
.
U
IDs
a
nd
GIDs
are
ke
pt
i
n
m
e
m
or
y
as
t
he
c
omm
on
aut
hen
ti
cat
io
n
pro
cedures
are
be
in
g
execu
te
d.
U
po
n
m
od
ific
at
io
ns
in
the
I
Ds,
im
per
s
onat
ing
a
use
r
with
adm
inist
rati
ve
pri
vile
ges
c
ould
hel
p
an
at
ta
cker
gain
c
on
t
ro
l
over t
he pr
ogram
.
Decisi
on
m
aking
data.
O
ne
t
ype
of
values
us
e
d
t
o
m
ake
decisi
ons
i
n
a
pp
li
cat
io
ns
a
re
Bo
olean
valu
es
(whethe
r
a
uth
e
ntica
te
d
or
not)
,
w
hich
co
uld
be
m
od
ifie
d
by
a
n
at
ta
cke
r
to
re
direct
the
fl
ow
of
t
he
a
ppli
cat
i
on
and m
ake it run thr
ough
un
i
nt
end
e
d proce
dures.
In
a
dd
it
io
n,
Hu
et
al
.
[
36
]
app
li
ed
the
fo
ll
owin
g
it
e
m
s
to
i
m
pr
ove
the
pr
e
vious
ty
pes
of
secur
it
y
-
crit
ic
a
l data:
Passwor
ds
an
d
pri
vate
keys.
Fu
ll
pri
vilege
s
to
a
syst
e
m
m
igh
t
be
giv
e
n
t
o
a
n
at
ta
cke
r
upon
disclos
ure
of
pass
words a
nd
pr
i
vate k
ey
s.
Ra
ndom
iz
ed
va
lues.
A
num
ber
of
sec
ur
it
y
relat
ed
m
echan
ism
s
(includ
i
ng
CFI
,
AS
LR
,
SS
P)
ap
ply
CFI
enfor
cem
ent
ta
gs
,
ra
ndom
canary
w
ords,
an
d
rand
om
iz
ed a
ddresses
. I
n ca
se
an a
tt
acke
r
m
anag
es
to
get
his
hands
on
the
r
andom
canarie
s
in
the
sta
c
k,
he
c
ou
l
d
pe
rfo
rm
sta
ck
-
sm
as
hing
at
ta
cks
w
it
ho
ut
t
he
ur
ge
to
m
od
ify
Stack
Sm
ashing
P
ro
t
ect
or
(S
S
P).
Syst
e
m
cal
l
par
am
et
er
s.
Pr
ivi
le
ge
escal
at
ion,
or
uninte
nde
d
exe
cutio
n
of
pro
gr
am
s
coul
d
be
a
res
ult
of
al
te
rati
on
s i
n
s
ecur
it
y
-
crit
ic
al
syst
e
m
call
s’
par
am
et
ers
(su
c
h
as
ex
ec
ve, se
tuid).
6.2.
Int
rusi
on
dete
ction
appr
oa
c
h
On
e
of
t
he
m
os
t
essenti
al
ap
proac
hes
t
o
sec
ure
the
com
m
un
ic
at
ion
s
of
net
work
a
nd
strea
m
of
data
i
s
ID
S
.
In
t
ru
si
on
detect
io
n
syst
e
m
s
can
be
m
on
it
ore
d
base
d
on
t
he
beh
a
vi
or
of
data
pac
kets
a
nd
ap
plica
ti
on
processes
.
Ty
pi
cal
ly
,
the
ho
st
base
I
DS
ins
pe
ct
s
the
m
e
m
or
y
and
the
syst
e
m
cal
l.
If
any
ki
nd
of
de
viati
on
f
ro
m
t
he
norm
al
m
o
del
occ
ur
s
at
r
untim
e,
it
will
b
e
con
si
der
e
d
as
m
al
iciou
s
act
ivit
y
and
will
be
i
m
m
ediat
el
y
b
lock
e
d
at
the v
e
ry
begi
nn
in
g o
f
the
pro
ces
s [3
7].
6.3.
Contr
ol d
ata pro
tection
tec
hniques
Re
cent p
a
pe
rs hav
e
in
vestigat
ed
th
e m
et
ho
ds t
o
m
it
igate
co
r
ruptio
n
of co
nt
ro
l
data at
ta
cks
. T
her
e
are
two
te
ch
niques
,
th
e
c
om
piler
te
chn
i
qu
e
a
nd
t
he
m
ic
ro
pr
oces
so
r
a
rch
it
ect
ur
e
te
ch
nique.
I
n
com
piler
te
c
hniq
ue,
DI
R
A
is
an
a
uto
m
at
ed
co
m
piler
w
hich
us
es
i
nteg
rity
checke
r
to
m
ake
su
r
e
of
the
data
fl
ow.
This
te
c
hniqu
e
is
the
m
os
t popu
l
ar s
ec
ur
it
y m
ea
su
re
b
eca
us
e c
on
t
ro
l
-
data at
ta
cks
a
re curre
nt
ly
co
ns
ide
re
d
a
s the m
os
t do
m
inant
at
ta
cks
[
38
]
.
6.4.
Mem
ory safet
y
en
f
orcemen
t
Anothe
r
sec
ur
i
ty
so
ftwa
re
w
hi
ch
can
ver
i
fy
the
safety
of
m
e
m
or
y
is
CCu
re
d.
T
his
pro
gr
am
trie
s
to
est
i
m
at
e
th
e
portion
of
vulne
ra
bili
ty
of
co
des
wh
ic
h,
in
t
urn,
m
eans
it
is
based
on
a
naly
sis
and
sta
ti
c
infor
m
at
ion
to
av
oid
fla
ws
su
c
h
as
null
val
ue
in
po
i
nter
or
ou
t
of
ra
nge
a
ddressi
ng.
This
te
chn
iq
ue,
w
hich
is
know
n
as
ty
pe
-
safety
, is a
n
in
f
eren
ce
alg
or
it
hm
to en
force t
he
secu
rity
o
f
m
e
m
or
y [
39
]
.
6.5.
A
ch
allenge
to
overco
me me
mor
y
c
orrupti
on
att
acks
The
re
view
of
stud
ie
s
on
t
his
area
s
hows
tha
t
al
though,
pr
opos
i
ng
a
c
omm
on
an
d
pr
act
i
cal
ap
proach
to
sec
ure
m
e
m
or
y
vulne
ra
bili
ti
es
an
d
t
o
sto
p
m
e
m
or
y
corr
upti
on
at
ta
cks
i
s
sti
ll
an
op
e
n
a
nd
c
riti
cal
pro
blem
,
the
s
pecial
ap
proac
hes
c
an
on
ly
ov
e
rco
m
e
at
ta
cks
by
ad
dres
sing
dif
fer
e
nt
t
ypes
of
c
ounte
r
m
easur
es
de
pe
nd
i
ng
upon
the
ex
ploi
t’s
cha
racteri
s
ti
cs
and
the
fe
at
ur
es
of
m
e
m
or
y
vu
l
ner
a
bili
ti
es.
Most
of
t
he
c
omm
on
de
fen
si
ve
te
chn
iq
ues
just
pro
vid
e
co
ntr
ol
fl
ow
i
nteg
rity
.
He
nce,
t
he
s
ecur
it
y
co
vera
ge
is
i
ns
uffici
e
nt.
F
ur
t
her
stu
dies
in
the f
ie
ld
to
a
dd
ress
c
onstrai
nts
of
dep
l
oym
ent
s ar
e i
nev
it
a
ble and
highly
r
ec
omm
end
ed
[4
0]
.
7.
CON
CLUSI
ON
The
rev
ie
w
of
al
l
these
pa
pe
rs
in
the
area
of
non
-
co
ntr
ol
an
d
c
on
t
ro
l
data
a
tt
ack
sho
ws
tha
t
there
is
no
ultim
at
e
secur
it
y
and
reli
able
app
li
cat
io
n
to
pr
e
ve
nt
al
l
ve
ri
ti
es
of
m
od
ific
at
ion
data
at
ta
c
ks
.
Re
cent
rese
arch
es
and stu
dies in
this sc
op
e
.
Evaluation Warning : The document was created with Spire.PDF for Python.
IS
S
N
:
2722
-
3221
Com
pu
t. Sci.
I
nf. Tec
hnol.
,
V
ol.
1
, N
o.
3
,
N
ov
em
ber
20
20
:
98
–
105
104
REFERE
NCE
S
[1]
La
z
zez,
A.,
Sli
m
ani
,
T.
“
Forensics
inve
st
iga
t
io
n
of
web
appl
i
c
at
ion
sec
ur
ity
attac
ks.
”
In
te
rnati
onal
Journal
o
f
Computer
Net
wo
rk
and
Informati
on
Sec
uri
ty
,
vol
.
7,
no
.
3,
pp
.
10
-
17
.
2015
.
[2]
Vasan,
K
.
K
ee
rt
hi
and
P.
Arun
Raj
Kum
ar.
“
T
a
xonom
y
of
SS
L/TLS
Att
ac
ks.
”
I
nte
rnational
Jou
rnal
of
Comput
e
r
Net
work
and
Inf
orm
ati
on
Sec
uri
t
y
,
vo
l. 8, no.
2
,
p
p.
15
-
24
,
2016
.
[3]
I
y
eng
ar,
N
.
C
.
S.
,
B
ane
r
je
e
,
A.
,
G
ana
pa
th
y
,
G.
“
A
fuz
z
y
logic
base
d
def
ense
m
ec
ha
nism
aga
inst
d
ist
ribut
ed
den
ial
o
f
servic
e
atta
ck
in
cl
oud
computing
envi
ronm
ent.
”
I
nte
rnational
Jou
rnal
o
f
Comm
uni
cat
ion
Net
works
and
Information
Sec
urit
y
,
vol. 6,
no.
3
,
pp
.
233
-
2
45,
2014
.
[4]
Dem
a
y
,
Jonathan
-
Christofe
r
&
T
ote
l
,
E
ric
&
Trone
l
,
Frede
r
ic.
“
Autom
at
ic
S
oftwa
re
Instrum
ent
a
ti
on
for
the
Dete
c
ti
on
of
Non
-
cont
rol
-
d
at
a
Attacks.
”
R
ecent
Advanc
es
in
Int
rus
i
on
Dete
c
ti
on
:
12th
Int
ernati
o
nal
Symposium
,
Proce
ed
ings, RAID
2009
,
Sa
int
-
Malo,
Fran
ce,
p
p.
348
-
349
,
Sept
ember
23
-
25,
20
09.
[5]
Shuo
Chen,
Jun
Xu,
Emre
C.
Se
z
er,
Pra
chi
Gaur
iar,
and
R
avi
shank
ar
K.
I
y
e
r
.
“
Non
-
cont
rol
-
d
at
a
Attacks
are
R
ea
l
isti
c
Thre
a
ts.
”
14th
USENIX
S
ec
urit
y Symposium
,
pp.
177
-
191,
2005
.
[6]
Alexa
nder
S
oti
rov
.
“
B
y
p
assing
Mem
or
y
Prote
ct
i
ons:
Th
e
Future
of
Exp
loi
t
at
i
on
.
”
htt
p://ww
w.useni
x.
org/
eve
nts/se
c
09/t
e
ch/
slid
es/soti
rov.
pdf
,
2009
.
[7]
Abadi,
Mart
ín,
Budiu,
Mihai
,
Er
l
ingsson,
Úlf
ar
&
Li
ga
tt
i
,
Ja
y
.
“
C
ontrol
-
flow
integrity
:
Prin
ci
pl
e
s,
implement
atio
ns,
and
app
li
c
ations.
”
ACM
Tr
ans.
In
f.
S
yst. Secur
.
vo
l.
13
,
no
.
1
,
2009
.
[8]
Dem
a
y
,
J.
C
,
T
o
te
l
,
Er
ic
&
Tron
el
,
Frede
ri
c.
“
SID
AN
:
a
tool
d
e
dic
a
te
d
to
Softw
are
Instrum
entat
ion
for
De
te
c
ti
n
g
Atta
cks
on
Non
-
cont
ro
l
-
d
at
a
.
”
Ri
sks
and
S
ec
ur
it
y
of
In
te
rnet
a
nd
Syst
ems
(
CRi
SIS)
,
2009
Fou
rth
Int
ernati
ona
l
Confe
renc
e
on
I
EE
E
,
pp
.
51
-
58
,
2009.
[9]
Khan,
W
.
Z
.
,
Ya
ng,
X.,
A
al
sal
em,
M.
Y.
,
Ars
had,
Q.
“
Com
pre
hensive
stud
y
of
sel
e
ct
iv
e
forwardi
ng
at
t
ac
k
in
wi
reless
sensor
net
works
.
”
In
te
rnationa
l
J
ournal
of
Compu
te
r
N
et
work
and
Information
S
ecur
it
y
,
vol
.
3,
no
.
1,
pp
.
1
-
10,
2011
.
[10]
Hu,
Zh
engbi
ng,
Vad
y
m
Mukhin
,
Heorhi
i
Lou
tski
i
and
Yarosl
av
Kornaga
.
“
Stocha
stic
RA
-
Netwo
rk
for
the
Nodes
Functi
oning
Anal
y
s
is
in
th
e
Di
stribut
ed
Com
pute
r
S
y
stems
.
”
Inte
rnational
Jo
urnal
of
Computer
Ne
twork
an
d
Information
Se
c
urity
,
vol
.
8
,
pp
.
1
-
8
,
2016
.
[11]
Kodada
,
Basapp
a
B
.
,
Gau
rav
Pr
asa
d
and
Alw
y
n
Roshan
Pais.
“
Protec
ti
on
again
st
DD
oS
and
D
at
a
Modif
ic
a
ti
on
Atta
ck
in
Com
p
uta
ti
on
al
Grid
C
luste
r
Envi
ronm
ent
.
”
I
nte
rnat
ion
al
Journal
of
Co
mputer
Ne
twork
and
Information
Sec
urit
y
,
vol. 4,
no.
7
,
pp
.
12
-
18
,
2012
.
[12]
Aleph
One
.
“
Smashing
th
e
st
ac
k
for
fun and
prof
i
t.
”
Phrac
k
Maga
zine
,
vo
l. 7, no.
4
9
,
1996
.
[13]
Ti
m
News
ham. F
orm
at
String
A
tt
a
cks.
ht
tps:/
/se
cl
ists.org
/bugt
ra
q/2000/
Sep/214
[14]
CERT
Se
cur
ity
Advisories
1988
-
2004
.
Sof
tware Engi
ne
ering
Inst
it
ute
,
h
tt
p:
//
ww
w.c
ert.org/advis
orie
s/
[15]
Unite
d
Sta
te
s
Com
pute
r
E
m
erg
ency
Re
a
dine
ss
Team
.
T
ec
hni
ca
l
C
y
ber
Secur
i
t
y
Ale
rts,
ht
tp:
/
/www
.
us
-
ce
rt
.
gov/cas/t
ec
h
al
er
ts/
[16]
Microsoft
Secur
i
t
y
Bull
etin,
htt
p
:
//
ww
w.m
ic
rosoft.
com/techne
t/
sec
urity
/
[17]
C.
Schl
esinge
r
,
K.
Pattabir
aman,
N.
Sw
am
y
,
D
.
W
al
ker
and
B
.
Z
orn
.
“
Modular
Protections
ag
ai
nst
Non
-
cont
rol
Dat
a
Atta
cks
.”
2011
I
EE
E
24th
Comp
ute
r Se
curit
y
Fo
undati
ons Sy
mp
osium
,
Cern
a
y
-
la
-
Ville,
pp.
131
-
145,
2011
.
[18]
J.
R.
Cr
andall
a
nd
F.
T
.
Chong
.
“
Minos:
Contr
ol
Dat
a
Att
ac
k
Preve
nti
on
Orth
ogonal
to
Mem
or
y
Mod
el
.”
37
th
Inte
rnational
Sy
mpos
ium
on
Micr
oarchit
ecture
(
MICRO
-
37'04)
,
Portla
nd,
OR,
U
SA
,
pp.
221
-
232
,
2004
.
[19]
Dhaka
r,
Mradu
l
and
Akhile
sh
Ku
m
ar
Ti
wari
.
“
A
New
Model
for
Intrusion
Detect
i
on
base
d
on
Red
uce
d
Err
or
Pruni
ng
Te
chn
ique
.
”
In
ter
nati
onal Journal
of
Computer
N
et
work
and
Infor
mation
Se
curit
y
,
vol.
5
,
pp
.
51
-
57
,
2013
.
[20]
Kuperm
an,
B
.
A.
,
Brod
ley
,
C
.
E.,
Ozdoga
noglu,
H
.
,
Vijay
kum
ar
,
T
.
N.
,
Jalote,
A
.
“
Dete
c
ti
on
and
pr
eve
nt
ion
of
sta
ck
buffe
r
ov
erf
low
at
t
ac
ks.
”
Comm
unic
ati
ons
of the
ACM
,
vol
.
48
,
n
o.
11
,
pp
.
50
-
56
,
2005
.
[21]
Bara
t
loo,
T
.
Tsa
i,
and
N.
Singh,
“
Tra
nspare
nt
ru
n
-
rime
def
ense
a
gai
nst
stac
k
sm
a
shing
a
tt
a
cks
.”
I
n
Proc
ee
ding
s
o
f
USENIX
Annua
l
Technical
Conf
ere
nce
,
June
200
0.
[22]
Cowan,
M.
Ba
rr
inge
r,
S.
Be
at
t
ie
,
and
G.
Kroah
-
Hart
m
an.
“
Format
Guard:
Autom
at
i
c
prot
ec
t
ion
fr
om
print
f
form
at
string
vuln
era
bi
l
it
ie
s
.
”
In
Proc
eedings of
the 10t
h
USENIX
S
ec
uri
t
y
Symposium
,
W
ashingt
on,
DC,
Augus
t
2001.
[23]
Me
le
se,
S.
Z.,
&
Avadha
ni,
P.
S
.
“
Hone
y
pot
S
y
st
e
m
for
Atta
cks
on
SS
H
Protocol
.
”
I
nte
rnational
Jou
rnal
of
Compute
r
Net
work
and
Inf
orm
ati
on
Sec
uri
t
y
(
IJCNIS)
,
vol.
8,
no
.
9
,
pp
.
19
-
26,
2016
.
[24]
The
Apa
che Soft
ware
Foundat
ion
.
ht
tp:
/
/www
.
apache
.
org
/
[25]
Null
HTTPd
Remote
Hea
p
Overf
l
ow
Vulner
ab
il
ity
.
htt
p
:/
/www
.
sec
urity
fo
cus.
co
m
/bi
d/5774
a
nd
htt
p://ww
w.sec
u
rity
foc
us.
com/bi
d/6255
[26]
Ghttpd
Log()
Functi
on
Buffe
r
Overfl
ow Vulnera
bil
ity
.
htt
p
:/
/ww
w.sec
urity
fo
cus.
com/bid/
5960
[27]
C.
Cowan
,
S.
Bea
ttie
,
J.
Joha
nsen,
and
P.
W
agl
e.
“
PointGuard:
Prot
ecting
pointers
from
buffe
r
over
f
lo
w
vulne
rab
il
i
ti
es.
”
In
Proceedi
ngs
of
th
e
12th
USE
NIX
Se
curit
y
Sy
mpos
ium.
W
ashingt
on,
DC,
Aug
ust 20
03.
[28]
PaX Address Spac
e
L
a
y
out
R
and
om
iz
at
ion
(AS
LR).
htt
p:
//
p
ax.
grs
ec
uri
t
y
.
ne
t/
do
cs/
aslr.
tx
t
[29]
H.
F
eng
,
J.
Giff
i
n,
Y
.
Huang
,
S.
Jha,
W
.
Le
e
,
an
d
B.
Mi
ll
er
.
“
Form
al
iz
ing
sensit
i
vity
in
static
an
a
l
y
sis
for
int
rusio
n
det
e
ct
ion
.
”
In
Proce
ed
ings o
f
the
2004
IEEE
S
ymposium on
Se
curit
y
and
Pri
vacy
,
Ma
y
2004.
[30]
W
il
ande
r,
J.,
Ka
m
kar
,
M.
“
A
Com
par
ison
of
Public
l
y
Av
ai
l
able
T
ools
for
D
y
n
amic
Buffe
r
Overfl
o
w
Preve
nti
on
.
”
In
Net
work
and
Distribute
d
Syste
m
Sec
urit
y
Sympos
ium
(
NDSS
)
,
vol
.
3
,
pp
.
149
-
162
,
2003
.
[31]
H.
Feng
,
O
.
Ko
le
snikov,
P.
Fog
la
,
W
.
L
ee
and
W
.
“
Gong.Anom
aly
de
tecti
on
using
c
al
l
sta
ck
informat
ion.
”
I
n
Proce
ed
ings o
f
t
he
2003
I
EEE
S
y
mpos
ium
on
Secur
it
y
and
Priv
a
c
y
,
Ma
y
2003
.
[32]
J.
R.
Cr
anda
l
l
an
d
F.
T
.
Chong
.
“
Minos:
Control da
ta
a
ttack
pre
v
e
nti
on
o
rthogonal
to
m
emor
y
m
odel
.
”
To
app
ea
r
in
Proce
ed
ings o
f
t
he
37th
Int
ernational
Symposium
on
Mi
croarchite
ct
ure
.
Port
la
n
d,
OR.
Dec
ember
2
004.
Evaluation Warning : The document was created with Spire.PDF for Python.
Com
pu
t. Sci.
I
nf. Tec
hnol.
Mo
difi
cation d
ata
attack i
ns
i
de
c
omp
uter sy
ste
ms:
a cri
ti
cal revi
ew
… (
Vah
i
d
K
avia
ni J
)
105
[33]
Sm
irnov
and
T
.
Ch
iue
h
.
“
DIRA
:
Autom
at
i
c
det
e
ct
ion
,
ide
n
tification
and
r
e
pai
r
of
con
trol
-
dat
a
at
t
ac
ks.
”
I
n
Proce
ed
ings
of
t
he
12th
Net
work
and
Distribut
ed
Syste
m
S
ec
uri
ty
Symposium
(
ND
SS)
,
San
Diego,
CA,
Februa
r
y
3
-
4,
2005
.
[34]
G. S
uh,
J.
L
ee,
a
nd
S.
“
Deva
d
as.
Secur
e prog
ram
exe
cu
ti
on
v
ia
d
ynamic informa
tion
flow
tr
ac
k
ing
.
”
In
Proc
ee
d
ings
of
the
11
th
Int
ernati
onal
Conf
ere
nce
on
Archi
t
ect
ural
Support
for
Program
ming
L
anguages
and
Operating
Syst
ems
.
Boston,
MA
.
Oc
tobe
r
2004
.
[35]
S.
Andersen
and
V
.
Abel
la.
“
Data
Execut
ion
Prev
e
nti
on.
Chang
es
t
o
Functi
on
al
i
t
y
i
n
Microsoft
W
indows
XP
Servic
e
Pack
2,
Par
t
3:
Mem
or
y
Protection
Tech
nologi
es.
”
htt
p://ww
w.m
ic
rosoft.
com/techn
et
/prodtec
hno
l/
w
inxppro/
m
ai
nt
ain/sp2m
empr.m
s
px
[36]
Hu,
H.,
Chua
,
Z.
L
.
,
Ad
ria
n
,
S
.
,
Sax
ena
,
P.
,
Liang,
Z.
“
Autom
at
i
c
g
ene
ra
ti
on
of
Dat
a
-
Orien
t
e
d
Expl
o
it
s.
”
In:
Proce
ed
ings o
f
t
he
USENIX
Se
cu
rity
S
ymposium
,
2015
.
[37]
Barf
ord,
P.
,
Klin
e,
J.
,
Plonka,
D
.
,
Ron,
A.
“
A
signal
an
aly
sis
of
n
et
work
tra
ff
ic
an
om
al
ie
s.
”
In
Pro
ce
ed
ings
of
the
2nd
ACM
SIGC
OMM Workshop
on
Int
erne
t
mea
sur
eme
nt
,
AC
M
,
pp.
71
-
82
,
2002
.
[38]
O.
Ruwase
and
M.
S.
La
m
.
“
A
pra
ctical
d
y
nami
c
buffe
r
ov
erf
lo
w
det
ector.
”
In
Proce
ed
ings
of
t
he
11th
Annua
l
Net
work
and
Distribute
d
Syste
m
Sec
urit
y
Sympos
ium
,
pp
.
159
–
16
9,
Februa
r
y
200
4.
[39]
T.
Jim
,
G.
Morris
et
t
,
D.
Gros
sm
an,
M.
Hicks,
J.
Cheney
,
Y
.
W
ang.
“
Cy
cl
on
e:
A
saf
e
dialect
of
C.
”
I
n
Proce
ed
ings
of
USENIX
Annua
l
Technical
Conf
ere
nce.Monterey
,
CA,
June
2002
.
[40]
Jang,
D.
,
T
at
lo
c
k,
Z.,
&
Le
rn
er,
S.
“
Safe
Dispat
c
h:
Secu
ring
C
++
Virtu
al
Calls
fr
om
Mem
or
y
Cor
rupti
on
At
tacks.
”
In
Net
work
and
Distribute
d
S
yst
em
Sec
uri
ty Sy
m
posium (
NDSS
)
,
2014
.
BIB
LIOGR
A
PH
IES
OF
A
UTHO
RS
Vahid
Kav
ia
ni
i
s
an
Invited
Lec
ture
r
in
Com
pute
r
Engi
ne
eri
ng
Depa
rtment
at
th
e
IAU
N
Univer
s
ity
and
Secur
ity
Tr
ai
ner
in
Metaco
Secur
i
t
y
Ac
ad
em
y
Inst
it
ut
e.
He
recei
v
ed
his
Master
d
egr
e
e
in
Inform
at
ion
Se
c
urity
f
rom
public
univ
ersity
(UT
M)
Univer
sit
y
T
ec
hnolog
y
of
Malay
si
a.
His
r
ec
e
nt
publi
c
at
ions
include
Eff
icien
t
High
-
Rat
e
Ke
y
Mana
gement
Te
chn
ique
for
W
ire
le
ss
Bod
y
Area
Networks (IE
EE e
xplor
er,
2016);
Eff
i
ci
en
t
Algor
i
thm for
Feat
ur
e
I
ntrude
r
De
tecti
o
n
S
y
stem (IRJE
T,
2016);
Gravi
ta
t
i
onal
Se
arc
h
Alg
orit
hm
for
Fea
tu
re
Sel
ec
t
ion
in
I
ntrusion
Det
ec
t
i
on
S
y
stem
(Mas
te
r
The
sis,
2013).
H
is
rese
arc
h
in
te
r
e
sts
include
SC
AD
A
&
IDS
vuln
era
bi
li
t
ie
s.
He
is
cur
ren
t
l
y
teac
hin
g
computer
cou
rse
s in
diff
ere
n
t
uni
ver
siti
es
and
app
l
y
ing
for
PhD
po
siti
on
in
Inform
a
ti
on
Se
cur
ity
.
Parvin
Ah
m
adi
Doval
Am
iri
r
ecei
ved
the
B.
Sc
.
Degre
e
in
in
So
ftwa
re
Engi
n
ee
ri
ng,
Islamic
Aza
d
Univer
sit
y
Kash
an
Bran
ch,
Kash
an,
I
ran
in
2009
,
the
M.Sc.
degr
e
e
in
Software
En
gine
er
ing,
Islami
c
Aza
d
Unive
rsit
y
Babol
Bran
ch,
Ma
-
za
ndar
an,
Ir
an,
in
2013
,
r
espe
ctively
,
Se
p
.
20
09
To
now
,
She
is
Full
-
Ti
m
e
L
ec
tu
rer
in
Islamic
A
z
ad
Univer
sit
y
Isf
aha
n
(Khorasgan
)
Branc
h
sep
200
9
to
Marc
h
2017
.
Marc
h
2015
to
n
ow she is e
xp
ert
and
r
esponsible
for
computer
L
a
bora
tor
y
at Fac
u
lty
of
Engi
ne
eri
n
g.
Her
r
ese
arc
h
areas
in
cl
ude
Distr
i
bute
d
S
y
st
ems
Speci
fi
ca
l
l
y
C
lo
ud
Com
puti
ng,
Cloud
Fed
era
t
io
n,
Virtua
liza
ti
on
Technol
og
y
,
and
Bi
g
Data
m
ana
g
ement
and
pro
ce
ss
i
ng
appr
oa
che
s
a
nd
Secur
i
t
y
r
elat
ed
issue
in
Io
T and cl
oud
computing
and
Distr
ibuted
S
y
stems
.
Farsad
Za
m
ani
Borouje
ni
recei
v
ed
his
PhD
in
C
om
pute
r
Scie
n
ce
from
Facul
t
y
of
Com
pute
r
Scie
n
ce
and
Inform
at
ion
Te
chno
log
y
,
Uni
ver
sit
y
Putr
a
Ma
lay
s
ia.
Curr
ent
l
y,
he
is
working
as
a
f
ac
u
lty
m
embe
r
at
Az
ad
Univ
ersi
t
y
,
Isfah
an
(Kho
rasga
n)
br
anc
h.
Nim
a
Akhlaghi
was
born
in
Esf
aha
n
provin
ce
i
n
1993.
He
is
a
n
IT
Engi
ne
er
with
m
an
y
expe
rt
i
ze
knowledge
and
work
expe
ri
ence
in
informat
ion
se
cur
ity
,
s
y
s
te
m
an
aly
s
is
and
Netwo
rk
administration
.
He
gra
du
ated
in
B.
C
.
f
rom
IAU
N
Univer
sit
y
.
H
is
la
st
posit
ion
was
the
dir
ector
of
student
sci
en
ce
associa
t
ion
in
C
om
pute
r
Engi
n
e
eri
ng
f
ac
u
lty
at
I
AU
N
Univer
sit
y
.
Also
h
e
was
th
e
founde
r
of
IAU
N
LUG
when
he
w
as
student
a
t
IA
UN
Univer
sit
y
.
He
worked
in
m
an
y
star
tups
and
HiTe
ch
proj
ec
ts
an
d
ent
erp
r
ises.
He
was
a
m
ember
of
the
Esfa
han’
s
y
oung
el
i
te
s
a
ss
oci
at
ion
.
His
Rec
en
t
works
a
nd
int
er
ests
are
in
sec
uri
t
y
a
pplic
at
ion
and
se
cur
ity
solut
ions.
H
e
has
d
evelope
d
m
an
y
sec
ur
ity
count
ermea
sur
es
for
Serv
ers,
Io
T
s,
Apps
and
o
ther t
y
pe
of
s
y
stems
.
Evaluation Warning : The document was created with Spire.PDF for Python.