arial size=-1 color=black> Below is a cache of http://www.itu.int/dms_pub/itu-d/opb/stg/D-STG-SG02.09.1.3-2006-PDF-E.pdf. It's a snapshot of the page taken as our search engine crawled the Web.
The web site itself may have changed. You can check the current page or check for previous versions at the Internet Archive. Yahoo! is not affiliated with the authors of this page or responsible for its content.
QUESTION 9-1/2 - Report on national cyberspace security infrastructure Printed in Switzerland
Geneva, 2006
Photo credits: ITU Photo Library
I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n
I n t e r n a t i o n a l
Te l e c o m m u n i c a t i o n
U n i o n
QUESTION 9-1/2
Identification of study topics
in the ITU-T and ITU-R
study groups which are
of particular interest to
developing countries
Report on national
cyberspace security
infra struc ture
ITU-D
QUESTION 9-1/2
R
eport on national cyberspace security infra
struc
ture
ITU-D STUDY GROUP 2 3rd STUDY PERIOD (2002-2006) THE STUDY GROUPS OF ITU-D

The ITU-D Study Groups were set up in accordance with Resolutions 2 of the World
Telecommunication Development Conference (WTDC) held in Buenos Aires, Argentina, in 1994. For the
period 2002-2006, Study Group 1 is entrusted with the study of seven Questions in the field of
telecommunication development strategies and policies. Study Group 2 is entrusted with the study of eleven
Questions in the field of development and management of telecommunication services and networks. For this
period, in order to respond as quickly as possible to the concerns of developing countries, instead of being
approved during the WTDC, the output of each Question is published as and when it is ready.
For further information
Please contact:

Ms Fidélia AKPO

Telecommunication Development Bureau (BDT)
ITU

Place des Nations

CH-1211 GENEVA 20
Switzerland

Telephone: +41 22 730 5439

Fax:
+41 22 730 5484
E-mail:
fidelia.akpo@itu.int
Placing orders for ITU publications
Please note that orders cannot be taken over the telephone. They should be sent by fax or e-mail.
ITU
Sales
Service

Place des Nations

CH-1211 GENEVA 20
Switzerland
Fax:
+41 22 730 5194
E-mail: sales@itu.int
The Electronic Bookshop of ITU: www.itu.int/publications
© ITU 2006
All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written
permission of ITU. I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n



QUESTION 9-1/2
Identification of study topics
in the ITU-T and ITU-R
study grousps which are
of particular interest to
developing countries









ITU-D STUDY GROUP 2
3rd STUDY PERIOD (2002-2006)



Report on national
cyberspace security
infrastructure




































DISCLAIMER
This report has been prepared by many volunteers from different Administrations and companies.
The mention of specific companies or products does not imply any endorsement or recommendation
by the ITU.

Report on Question 9-1/2
iii

Report on national cyberspace security infrastructure
TABLE OF CONTENTS
page
1 Introduction ........................................................................................................................................ 1
2
Network security and protection ........................................................................................................ 2
2.1 Concept .................................................................................................................................. 2
2.2 Technologies.......................................................................................................................... 3
2.3 Routers ................................................................................................................................... 4
2.4 Firewalls................................................................................................................................. 4
2.5 Antivirus
protection ............................................................................................................... 9
2.5.1 Scanners................................................................................................................... 9
2.5.2 Generic
techniques .................................................................................................. 9
2.6 Intrusion
detection
systems.................................................................................................... 10
2.6.1
Categories of detection systems .............................................................................. 11
2.6.2 Detection
techniques ...............................................................................................
12
2.7
Virtual private networks (VPNs) and public key infrastructure (PKI) .................................. 13
2.8 Cryptography ......................................................................................................................... 14
2.9
Wireless local area networks (WLANs) ................................................................................ 16
2.10 Review ................................................................................................................................... 19
3 Intrusions;
automated attacks ............................................................................................................. 20
3.1 Viruses ................................................................................................................................... 20
3.1.1
Multipartite and polymorphic viruses...................................................................... 21
3.1.2
Malware the virus threat of tomorrow.................................................................. 23
3.2
Evasion and insertion techniques........................................................................................... 24
3.2.1 Evasion
techniques ..................................................................................................
24
3.2.2 Insertion
techniques.................................................................................................
25
3.3 Denial
of service .................................................................................................................... 25
3.3.1
Denial of service...................................................................................................... 25
3.3.2
Distributed denial of service.................................................................................... 25
4
Network protection principles............................................................................................................ 25
4.1 Organization........................................................................................................................... 25
4.2
Finding the origin of a security incident ................................................................................ 26
4.3 Integrated
cyberspace
security solutions................................................................................ 27
5
Legal aspects (cybercrime)................................................................................................................. 29
5.1
Guidelines established by the United Nations and by the Organisation for Economic
Co-operation and Development (OECD)............................................................................... 30
5.2
Council of Europe.................................................................................................................. 32
5.3 European
Union ..................................................................................................................... 33
5.4
National Strategy to Secure Cyberspace (USA) .................................................................... 35
5.5
Security measures taken by software writers......................................................................... 36
6 ISO
Standards..................................................................................................................................... 37
7
World Summit on the Information Society ........................................................................................ 38
7.1
Declaration of Principles........................................................................................................ 38
7.2 Action
Plan ............................................................................................................................ 40 iv

Report on Question 9-1/2


page
8
Activities under way within ITU........................................................................................................ 42
8.1 WTSA-04
Resolutions (security)........................................................................................... 42
8.2 ITU-T
study
groups........................................................