Information and Communication Technology (ICT) is now an significant driving force for economic growth, however, recent incidents in which organized attackers severely compromised several large-scale enterprises and government agencies indicates that protecting information infrastructure from impending attacks is critical for sustainable economic development of our society. To facilitate the realization of WSIS Action Lines and to achieve the objective of secure and well-protected cyberspace, ZTE Corporation, Institute of Software of Chinese Academy of Sciences, QI-ANXIN Technology Group Corporation and The National Computer Network Emergency Response Technical Team/Coordination Center of China (known as CNCERT/CC), proactively assume corporate social responsibility and have collectively developed an APT Attack Detection and Prevention System based on techniques of deep dynamic analysis of software. This core detection engine of this project is built upon hardware emulation framework, and proposes to detect unknown vulnerability exploits through instruction-level analysis of software execution exceptions. The project has won the pilot project of network security for the telecommunications and Internet industry of the Ministry of Industry and Information Technology of the People’s Republic of China. Other notable awards include the first-class prize of China Institute of Communications (CIC) Science and Technology Award and second-class prize of Beijing Science and Technology Award. In the future, the systems and techniques developed in this project can serve to protect overall security of networks ranging from enterprise network to IDC datacenters. The most important contribution of this project is to provide a paradigm for protecting the information security of global citizens from arbitrary organized attacks, which makes the project replicable and extensible.

https://124.16.139.62:9999/KKWeb/login/login.action

• China

• Youth
• Older persons
• Women
• Indigenous and nomadic peoples
• People with disabilities
• The unemployed
• The poor
• Migrants

In order to share the results of the project with other stakeholders aiming to secure as many networks from APT attacks as possible, this project has established an international standard project for unidentified network threat detection and defense at the SG17 Meeting of Telecommunication Standardization Sector of International Telecommunications Union (ITU) in Geneva, Switzerland. This standard project has been published as an ITU-T’s first Recommendation (ITU-T X.1218) in the field of unidentified threat detection and prevention, which will become one of the core foundations for the network and telecommunication fields to deal with advanced network threats and attacks. This project will continue to share research and application practices with the industry in the future and be devoted to network and information security governance and guarantee, making sure this model could be replicated and enabling better protection against APT attacks for all stakeholders.

In order to equip ICT devices with state-of-the-art protection with minimal cost, it’s essential to build capacity in a cost-effective way, in line with WSIS Plan of Action, this project has built an online public web service where stakeholders adopting this project’s system can construct private security cloud on their own providing security audit and protection for all devices. This endeavor has not only achieved lightweight access to sound security checking service, but also made resource consumption as low as possible. Therefore, building confidence and security in a sustainable manner in the use of ICTs.

This project has already taken steps to promote WSIS values in multiple aspects in recent years. This project has published a book on security analysis of software which is already taken as textbook for graduates by many universities. This project will continue to make WSIS values known through classes, lectures and forums. In particular, Chief Security Officer Zhong Hong of ZTE has shared his insights on corporate security practices at World 5G Convention which was held from November 20 to 23, in Beijing, China. By introducing corporate practices on guaranteeing cybersecurity in the 5G era, this project advocated professional and advanced security technologies for cybersecurity protection which would be the foundation for the building of confidence and security in the use of ICTs.