Page 153 - 2015 Security in Telecommunications and Information Technology
P. 153

SECURITY  IN  TELECOMMUNICATIONS  AND  INFORMATION  TECHNOLOGY


            13      Countering common network threats

            Threats to computer systems and to the networks that link them are many and varied. Although many attacks
            can be initiated locally, the vast majority of attacks today are conducted via communications networks. The
            fact that vast and increasing numbers of computers and network devices are connected to the Internet and
            operated from homes and workplaces by people with little training, awareness or knowledge of IT security
            greatly increases the ease and probability of remote, often indiscriminate, attacks. Spam, spyware, viruses and
            other attack vectors are released in ever greater numbers. The attackers often rely on weak and inadequately
            protected systems as conduits for their malware.

            In this section, an overview of the work of the ITU-T to respond to some of these threats is presented.


            13.1    Spam

            Spam is any unsolicited, unwanted or potentially harmful message. While the most widely recognized form of
            spam is e-mail spam, the term also applies to other forms such as instant messaging spam, mobile messaging
            spam, and VoIP spam. In fact, its meaning is evolving and broadening with the development of technologies
            that provide novel opportunities to create spam. Spam is recognized as a widespread problem that interferes
            with  legitimate  operations  of  telecommunication  operators,  service  providers  and  users.  It  consumes
            bandwidth and processing cycles and, in extreme cases, can result in denial of service attacks by flooding
            networks. No single anti-spam measure is effective on its own and, given the agility and resourcefulness of
            spammers, even a combination of measures often proves effective only to the extent of reducing the volume
            of spam. Examples of measures being used include: regulation; technical measures; international cooperation;
            and education of users and Internet service providers.

            13.1.1  Technical strategies on countering spam


            The  ITU-T  work  on  spam  focuses  primarily  on  technical  counter-measures.  Recommendations  are  being
            developed using a framework that allows for extensibility as illustrated in Figure 65.



































                                   Figure 65 – Standardization framework for countering spam


                                                                     Countering common network threats    131
   148   149   150   151   152   153   154   155   156   157   158