Survey on data modification attacks

Abstract

One of the challenging areas in computer science is to keep the data and information safe and assure. Due to very tight competition and sensitive data for the owner although they spend billions of dollars annually to make sure there are no threats or vulnerabilities against their assets, but up until now there are attacks that aim to penetrate the system and take advantages from that. Modification data attacks (MDA) can be malicious and cause huge damages to a system. MDA happens when attackers interrupt, capture, modify, steal or delete important information in the system via network access or direct access using executable codes. Most of recent modification, corruption attacks and worms still using known patterns as the control-data attack which are easy to be defeated by protection systems. But, non-control-data attacks can damage a vast applications, which always work with decision-making data, user input data, configuration data and user identity data. Therefore, in this survey we summarize and discuss important vulnerabilities to non-control data attacks in following applications which are Telnet, HTTP, FTP and SSH.