ISS World Europe is the world's largest gathering of European Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech Electronic Investigations and Network Intelligence Gathering.
ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety and Government Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's Telecommunications network, the Internet and Social Networks
For more information about the 2013 program, click on the track name below -- or see the agenda at a glance for a summary of the sessions.
Track 1: ISS for Lawful Interception and Criminal Investigations
Track 2: ISS for IP Intercept, Big Data Analytics and Social Network Monitoring
Track 3: ISS for Mobile Location, Surveillance and Signal Intercept
Track 4: Encrypted Traffic Monitoring and IT Intrusion Product Training
Track 5: LEA and Intelligence Analyst Training and Product Demonstrations
Track 6: Social Network Monitoring and Big Data Analytics Product Demonstration
Track 7: Mobile Location, Surveillance and Signal Intercept Product Training
Pre-Conference Training Seminars (Tuesday, 4 June 2013)
ISS World Europe - Conference Agenda at a Glance
4-6 June 2013
Pre-Conference Training Seminars
Tuesday, 4 June 2013
Seminar #1
8:30-4:30Online Social Media and Internet Investigations
Presented by Charles Cohen, Cohen Training and Consulting, LLC
Charles Cohen also holds the position of Commander, Special Investigations and
Criminal Intelligence, Indiana State Police, USA8:30-9:30: Session 1 of 6
What Investigators & Analysts Need to Know about Online Social Media.9:45-10:45: Session 2 of 6
OSINT and Criminal Investigations
11:00-12:00: Session 3 of 6
Successful Use of Online Social Media in Criminal Investigations1:00-2:00: Session 4 of 6
Counterintelligence & Liabilities Involving Online Social Media2:15-3:15: Session 5 of 6
Facebook: Tools, Tricks, & Techniques Investigators Need to Know3:30-4:30: Session 6 of 6
What Investigators Need to Know about Hiding on the InternetSeminar#2
8:30-12:00Understanding ISS Technologies and Products Deployed in Telecommunications Networks and Monitoring Centers for Law Enforcement and Intelligence Analysis
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This half day pre-conference seminar covers the spectrum of ISS Technologies and Products deployed in today's fixed wire, mobile wireless and Internet Service Provider networks and LEA Monitoring and Intelligence Gathering Centers. This all day seminar is ideal for those law enforcement, public safety and intelligence analysts who need an understanding of the ISS technologies to be discussed in the conference sessions and the ISS products displayed at the exhibit hall as well as an understanding of the buzz words and jargon used by telecom operator engineers and their vendors.
08:30-9:30
Introduction to Architectures Telecom Infrastructure, Interception and Related ISS Products
9:45-10:45
Understanding Mobile Wireless Infrastructure, Interception and Related ISS Products
11:00-12:00
Understanding the Internet, Interception and Related ISS Products
Seminar#4
1:00-4:00Understanding Modern Tools for Detection and Mitigation of Cyber Criminality for Law Enforcement
Presented by: Faculty of Information Technology, Brno University of Technology
This pre-conference seminars covers various challenges in modern and future networks. first, it address IPv4 address exhaution and advent of iPv6. Later, the seminar focuses on big data, Netflow processing for data retention, and limits of current architectures for data processing. The seminar concludes with network traffic decoding, namely comparison PCAP files, decoding data from big PCAP files, protocal parsing, and data visualisation.
13:00-14:00
Network user identities: Modern and Future Networks - Speaker: Libor Polčák14:15-14:45
Evaluation of methods for data retention - Speaker: Tomáš Podermański14:45-15:15
Data capture for lawful interception - Speaker: Michal Kajan15:30-16:00
Data decoding - Speaker: Vladimír VeselýSeminar #5
8:30-4:30Advanced IP Intercept Training
Presented by: Hendrik Schulze, President & CTO and Jens Geier, Product Manager, ipoque
08:30-10:45
Understanding TCP/IP for Packet Sniffing and Traffic Analysis
11:00-2:00
Deep Packet Inspection (DPI) Basics for LEA's, Intelligence Analysts and Telecom Operators
2:15-4:30
Basics of IP Application Decoding From Packets to Structured Data
Seminar #6
13:00-14:00The Dark Side of the Internet - The Hidden TOR and I2P and How they Function
Presented by: Ross Bowerman, Detective Sergeant, Scottish Police College, UK
Seminar #7
14:15-15:15Smartphone Application Challenges Encountered and Opportunities Presented to Law Enforcement
Presented by: Michael Williamson, Detective Inspector, Force Intelligence Bureau, Crime and Safer Communities, UK
A users overview of Smartphone applications, what they can do, implications, challenges and opportunities for law enforcement in obtaining results and coordinating our response to the overwhelming new apps appearing daily.
Seminar #8
15:30-16:30The Forensic App Factor: Challenges Faced By Forensic Examiners
Presented by: Chris Church, Smart Device Forensic Examiner, Metropolitan Police, UK
This presentation will highlight the importance of application forensics in regards to Smart devices such as iPhones, Android and Blackberry devices with real life examples of applicaiton analysis and the impact this has had on real cases. This will cover some background and challenges faced by forensic examiners and foundations behind such methodologies.
Seminar #9
8:30-12:00Sharing in Real-Time Cyber Threat and Attack Information Among Governments, Telecoms and Private Industry
Presented By
Matthew Lucas (Ph.D. Computer Science)
Vice President, TeleStrategies
And Invited Faculty
Collaborative cybersecurity systems -- where governments, enterprises and telcom operators share threat and attack information in real-time -- are gaining significant interest and momentum in the industry. The approach not only improves respective cyberdefense capabilities and critical infrastructure protection as compared to traditional stove-pipe implementations, but also enables operators to improve the quality of their service offerings and complement them with enhanced cybersecurity features.
As with any distributed system, implementing collaborative cybersecurity platforms is incredibly complicated. In order to be successful, the approach will require robust standards that are efficient, comprehensive and vendor-independent. This half day tutorial will look at the overall challenges, the emerging architectures and standards surrounding distributed collaborative cybersecurity systems. The tutorial will be broke into three sessions:Session 1: Overview of the Technical Challenges in Real-Time Sharing of Threat and Attack Information Among Governments, Telecoms and Private Industry.
This panel of technical experts will give their assessment of the challenges of sharing information among governments, telecom operators and the private sector from a lawful interception and intelligence gathering vendors perspective.
Presented By
Panel of ISS Vendors
Session 2: Distributed Cybersecurity Requirements and Architectures – Cyberthreat data requirements for each domain (government, telcom wide-area, enterprise and CPE) will be identified, data types/schemas will be explained and real-time requirements will be considered.
Session 3: Exchange protocols / use cases – STIX and other protocols will be examined in detail, looking at the specific events captured, usage data formats, trigger events, transport protocols, security/authentication, capabilities exchange, and protocols. The session will wrap up with reference architectures and use cases.Seminar #10
13:00-17:00ETSI/TC LI Update
13:00-13:40
ETSI/TC LI Standards Overview
Gerald McQuaid, Chairman, ETSI/TC LI13:40-14:00
E-Warrant Interface
Tony Rutkowski, Yaana Technologies14:45-15:15
Dynamic Triggering
Alex Leadbeater, BT Group15:30-16:00
LI Cloud/Virtual Services
Tony Rutkowski, Yaana Technologies16:00-16:30
ETSI TC LI Standards In Reality
Rudolf Winschuh, Utimaco Safeware16:30-17:00
"Guru" Round for Questions for the presentersPre-Conference Sessions Description At The End of Agenda PostinG
Wednesday, 5 June 2013
Welcoming Remarks
8:15-8:30 Tatiana Lucas, ISS World Program Director, TeleStrategies
8:30-9:00
Top Ten Internet Challenges Facing Law Enforcement and the Intelligence Community and Who at ISS World Europe has Solutions
Moderator: Dr. Jerry Lucas, President, TeleStrategies
ISS World Europe Exhibit Hours:
Wednesday, 5 June 2013: 10:00 - 17:00
Thursday, 6 June 2013: 9:30 - 12:30
Track 1: ISS for Lawful Interception and Criminal Investigations
This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.Wednesday, 5 June 2013
13:30-14:00 How to Use IXIA BreakingPoint to Validate Accurac y and Performance of Lawful Intercept Systems and Social Network Monitoring Systems
IXIA BreakingPoint presenter to be announced14:00-14:30 Lawful Interception and Retention of Telecom Services vs. Data Protection
Dirk Börgerding, Pre-Sales Manager, Utimaco LIMS15:00-15:30 Session A New LI challenges. A Countrywide Integrated Solution: Voice, Data, Positioning and Encryption
Cristian D'Incertopadre, Sales, IPS15:00-15:30 Session B IPv6, Identities & DPI
Hendrik Schulze, President & CTO, Ipoque15:30-16:00 Session A Communication Surveillance in the Fight Against Child Exploitation - Re-balancing the Ethical Debate
AREA presenter to be announced15:30-16:00 Session B DPI Tactical Probe
Tomas Dedek, INVEA-TECH16:15-16:45 Untangling the fiber: Deconstructing transports in high speed networks
Craig Renfrew, System Architect, Agilent Technologies16:45-17:15 Sedam LI: Keeping costs low, intercepting 10G with off-the-shelf hardware
Ante Jurisic and Vedran Zeljeznak, Sedam ITThursday, 6 June 2013
8:30-9:00 Disappearing in the Crowd
Jens Geier, Product Manager, ipoque9:00-9:30 Session A Case Study: 40G Lawful Interception & Data Retention
Petr Kastovsky, Product Manager, INVEA-TECH9:00-9:30 Session B New Generation of Language and Speaker Identification Technology
Radim Kudla, Senior Business Developer, Phonexia10:30-11:00 Session A The Benefits of an Open IP Reconstruction & Analysis Platform
Valentijn van der Meiden, Sales Director, NetScout10:30-11:00 Session B Mito Cube: a new integrated solution for new generation monitoring centres
RCS presenter to be announced11:00-11:30 Assuring performance at 100 Gbps
Napatech presenter to be announced12:30-13:30 The Forensic App Factor: Challenges Faced by Forensic Examiners
Chris Church, Smart Device Forensic Examiner, Metropolitan Police, UKNote: Lawful Interception and Criminal Investigation Product Training and Demonstrations Scheduled in Track 5
Track 2: ISS for IP Intercept, Big Data Analytics and Social Network Monitoring
This track is for Intelligence Analysts and Law Enforcement agents who have to "connect the dots" between people, places and other entities by searching through massive amounts of unstructured data from various sources using visual analytics, semantic technologies, data mining, OSINT and other intelligence gathering tools and techniques
Wednesday, 5 June 2013
9:00-9:30 Utilizing Big Data to Best Maximise Lawful Intercept Activity
BAE Systems Detica presenter to be announced9:30-10:00 Keeping up with new Security Trends & Surveillance Technologies
CEO, trovicor11:30-12:00 OSINT Revealed - a practical approach to extracting and delivering actionable intelligence
Kapow Technologies presenter to be announced12:00-12:30 IP Monitoring - trovicor's end-to-end solution
CTO, trovicor13:30-14:00 Session A Making Sense of the Web and Social Networks
Yoni Heilbronn, Director of Marketing and Business Development, NICE Systems13:30-14:00 Session B Handling "very big data" and find the right target
Advanced ME Systems presenter to be announced14:00-14:30 Session A A case study for Identity Resolution and identification of bogus identities in Social Network Services
ELTA SIGINT speaker to be announced14:00-14:30 Session B Social Media - The unstructured data challenge
DDN presenter to be announced15:00-15:30 Investigating Big Data - when size matters after all
Aaron (Ronnie) Eilat, Senior Director Product Management, Elbit Systems15:30-16:00 A Paradigm Shift - The New World of COMINT
Ori Nurick, Director of Marketing, NICE Systems16:15-16:45 Making Sense of the Deep Web: A Practical, Nationwide Solution Case Study
Jasper Weijman, Business Development and Sales Manager, 3iMIND16:45-17:15 Case Studies Using Data Analysis, Visualisation and Big Data
Muhammed Ali Aydin, Turkish PoliceThursday, 6 June 2013
8:30-9:00 Don't lose your target in the cloud
Stuart Connelly, Business Development and Partner Manager, Agilent Technologies9:00-9:30 IP-Decoding is a ghost of the past
Johann Preinsberger, Sales & Business Development, Desoma GmbH10:30-11:30 The Power of Open Source Web Intelligence
Amit Bohensky, VP, Open Source Web Intelligence, Verint Systems
(LEA and Government Attendees Only)12:30-13:30 The Dark Side of the Internet - The Hidden TOR and I2P and How they Function
Ross Bowerman, Detective Sergeant, Scottish Police College, UKNote: Big Data Analytics and Social Network Monitoring Product Training and Demonstrations Scheduled in Track 6
Track 3: ISS for Mobile Location, Surveillance and Signal Intercept
This track is for Law Enforcement, Interior Security and the Intelligence Community Authorities who must work with cellular and mobile satellite operators regarding mobile location, surveillance and intercept as well as analysis of mass geo-location data.
Wednesday, 5 June 2013
9:00-9:30 Consolidating Lawful Interception – A case study
Dirk Börgerding, Pre-Sales Manager, Utimaco LIMS9:30-10:00 Breaking new grounds in Mobile Device Forensics for law enforcement professionals
Yuval Ben Moshe, Forensic Technical Director, Cellebrite11:30-12:00 Introducing Da Vinci: attack, control and gather intelligence from personal devices
David Vincenzetti, Partner, Hacking Team12:00-12:30 InPoint SMS System. Mass Emergency Notification. Vehicle based and Portable solutions.
NeoSoft AG speaker to be announced13:30-14:00 Tactical GSM & 3G Interception
Elan Sharon, Septier Communication14:00-14:30 IMSI Catching in GSM, UMTS and LTE Networks - Challenges and Solutions
EXFO presenter to be announced15:00-15:30 Mobile cellular: developing with the latest technologies
Tim Phipps, Business Development Wireless Defence and Security, Cambridge Consultants16:15-17:15 When traditional interception does not cut it: Centralized system based on High Fidelity audio over IP for complicated environments
Jean-Philippe Fortier, Business Development, Innova
(LEA and Government Attendees Only)Thursday, 6 June 2013
10:30-11:00 Active, Passive and Hybrid GSM & 3G Monitoring systems. New challenges (Randomization, A5.3 etc.). Practical solutions.
NeoSoft AG speaker to be announced11:00-11:30 Accurate Cellular Location tracking solutions
Elan Sharon, Septier Communication12:30-13:30 Smartphone Application Challenges Encountered and Opportunities Presented to Law Enforcement
Michael Williamson, Detective Inspector, Force Intelligence Bureau, Crime and Safer Communities, UKNote: Mobile Location, Surveillance and Signal Intercept Product Training and Demonstrations Scheduled in Track 7
Track 4: Encrypted Traffic Monitoring and IT Intrusion Product Training
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees
Wednesday, 5 June 2013
9:00-10:00 Session A Using Open-Source tools to conduct governmental investigations against serious crime
Gamma International, presenter to be announced9:00-10:00 Session B Do It Yourself (DIY) Workshop for Trojan Based Monitoring
Jitendra Verma, Manager, Business Development, ClearTrail Technologies11:30-12:30 Session A VUPEN Sophisticated Exploits for IT Intrusion and Offensive Security
Chaouki Bekrar, CEO & Director of Vulnerability Research, VUPEN11:30-12:30 Session B Smart Intrusion on Social Networks and Webmails: the Https Monitoring & Analysis
Ugo Santillo, Sales Director, IPS13:30-14:30 Session A
FinFisher- Next Generation governmental surveillance. Focus: Mobile phone monitoring
Gamma International, presenter to be announced13:30-14:30 Session B Monitoring Communications Inside Encypted Traffic
Packet Forensics speaker to be announced15:00-16:00 Da Vinci: a spy story about busting a terrorist organization by using the most advanced offensive technology.
Marco Valleri, Head of R&D, Alberto Ornaghi, Senior Software Developer and Alberto Pelliccione, Senior Software Developer, Hacking Team16:15-17:15 Session A The WiT™ – PSS – an End-2-End Lawful Hacking/IT intrusion Solution demo
Doron Truk, VP Sales C4 Security, Elbit Systems16:15-17:15 Session B Carrier Grade IP Intercept for HTTPS Monitoring & Remote Intrusion
Sameer Fegade, Director-Engineering, ClearTrail TechnologiesThursday, 6 June 2013
8:30-9:30 Session B Dark Eagle’: The ultimate solution for DSL voice and Data Interception and Remote System Intrusion
GR SISTEMI SRL presenter to be announced9:00-9:30 Session A Encryption Anywhere and Everywhere. Now What? An Analysis of Possible Workarounds
AREA presenter to be announced10:30-11:30 Session A Da Vinci: a live demonstration of unrivaled attack capabilities and total resistance to detection, quarantine and removal by any endpoint security technology.
Marco Valleri, Head of R&D, Alberto Ornaghi, Senior Software Developer and Alberto Pelliccione, Senior Software Developer, Hacking Team10:30-11:00 Session B Man in the Middle - yes we can
Michael Wahl, Sales & Business Development, Desoma GmbH12:30-13:30 Troy Ultimate Software Agents Deployment System Demonstration with Live Deployment
AGT speaker to be announced
Track 5: LEA, Intelligence and Defense Analyst Training and Product Demonstration Track
This training is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Wednesday, 5 June 2013
9:00-10:00 Session A Modern Monitoring Center Approaches for Lawful Interception
Sharon Rousso, Product Manager, Verint Systems9:00-10:00 Session B Live Demonstration of OpenMind: A True, Deep Web, End-to-End Intelligence Solution
Niv Blond, Pre-Sales Manager, 3iMIND11:30-12:30 Session A A framework for meeting the LI regulatory and technological challenges in Cloud based Services
ELTA SIGINT speaker to be announced11:30-12:30 Session B VoiceGRID X & SmartTracker FRS - Voice and Face Real-time Identification Systems for police, intelligence, military, security applications
Igor Rykov, Speech Technology Center13:30-14:30 Session A From Needs to Technology – Use Cases for Social Network Monitoring, Intrusive Surveillance, Network-Based Surveillance, OSINT and Virtual HUMINT
AREA presenter to be announced13:30-14:30 Session B Replay NetAnalyst 3.0 - The Next Generation in Advanced IP Reconstruction
Bob Brandt, Product Manager Replay, NetScout15:00-16:00 Session A Mito Cube: new RCS suite for lawful interception
RCS presenter to be announced15:00-16:00 Session B Advancing the role of the Monitoring Center
Faizel Lakhani, SS816:15-17:15 Session A A Countrywide Monitoring Centres solution: Voice, Data and Positioning
Cristian D’Incertopadre, Sales, IPS16:15-17:15 Session B Speech Intelligence Platform – How to Mine Data from Speech Records
Petr Schwarz, CEO, PhonexiaThursday, 6 June 2013
8:30-9:30 Session A NiceTrack Target 360 – Achieve comprehension by IP Simplification
Nir Yanovsky, Product Manager, NICE Systems8:30-9:30 Session B From Mass Interception to Actionable Intelligence
Amos Eliav, Sr. Director, Product Management, Verint Systems10:30-11:30 Session A Advanced Case Communication Investigation Management
Aleksandar Vidović, CEO, Salviol and Gary Woods, Keyw Corporation10:30-11:30 Session B Application & User Data Interception Demo
Jens Geier, Product Manager, ipoque12:30-13:30 How to Use IXIA BreakingPoint to Validate Accurac y and Performance of Lawful Intercept Systems and Social Network Monitoring Systems
IXIA BreakingPoint presenter to be announced
Track 6: ISS for IP Intercept, Big Data Analytics and Social Network Monitoring Demonstration Track
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees
Wednesday, 5 June 2013
9:00-10:00 Data Discovery – facilitating investigations and analysis across myriad data sources
Pamela Warren, SS811:30-12:30 Session A Klarios Analytics: Finding the Truth
ATIS systems to be announced11:30-12:30 Session B Intelligence Platform - Target profiling
Solution Architect, trovicor11:30-12:30 Session C Advanced Methods for Intercepting and Analyzing Social Networks
Sharon Rousso, Product Manager, Verint Systems13:30-14:30 Session B OSINT in confusing and high flux events
Mark Pfeiffer, CVO, SAIL LABS Technology15:00-16:00 Session A Social Networks and Webmails: Big Data Architecture for Massive Interception
Fabio Romani, Market & Investment Strategy, IPS15:00-16:00 Session B Monitoring Center Next Generation - demo
Solution Architect, trovicor16:15-17:15 Session A OSINT tools in crisis - unearthing hidden agendas using OSINT
Mark Pfeiffer, CVO, SAIL LABS Technology16:15-17:15 Session B Target Analytics
BAE Systems Detica presenter to be announcedThursday, 6 June 2013
8:30-9:30 Session A Hybrid storage for Social Media Monitoring - Optimizing flash technology
DDN presenter to be announced9:00-9:30 Session B Intelligence Platform – Target profiling
Solution Architect, trovicor8:30-9:30 Session C Maintaining cyber intelligence in the expanding data network
Glynn Barrett, Product Manager, Telesoft Technologies10:30-11:30 Session A Social Media Real Time Monitoring and Reporting
AGT Troy Software presenter to be announced10:30-11:00 Session B Cell Based Monitoring Solution - a new approach to handle mass recordings
Solution Architect, trovicor10:30-11:30 Session C Connecting Dots from Multisource Communication Intercepts
Tomas Vejlupek, President, Tovek11:00-11:30 Session B Data Analysis – Reveal the unknown
Solution Architect, trovicor12:30-13:30 Getting there faster: leveraging Synthetic APIs to deliver rapid time-to-value for Big Data in Government
Kapow Technologies presenter to be announced
Track 7: ISS for Mobile Location, Surveillance and Signal Intercept
This training is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.Wednesday, 5 June 2013
9:00-10:00 IMSI/IMEI Catcher with Public Number Detection
NeoSoft AG speaker to be announced11:30-12:30 A Passive Radio System and Analytics Platform for Gaining Deep Insight from Public Wireless Signals
Packet Forensics speaker to be announced13:30-14:30 PHOENIX: undetectable GPS & AUDIO device
GR Sistemi SRL speaker to be announced15:00-16:00 Accurate Mobile Locations in the Monitoring Center – Technologies and Usability
Amos Eliav, Sr. Director, Product Management, Verint Systems16:15-17:15 Demonstration of Lynx Iridium - Next generation of Iridium Satellite Interception
Doron Passov, Product Manager, Gita TechnologiesThursday, 6 June 2013
8:30-9:30 Making cities safer with integrated Cobham technology
Max Naguschewski, Cobham Tactical Communications and Surveillance10:30-11:30 A complete solution to acquire satellite and terrestrial signals for massive data analyis and intelligence reports
Vastech speaker to be announced
Pre-Conference Training Seminars
Tuesday, 4 June 2013
Seminar #1
8:30-4:30Online Social Media and Internet Investigations
Presented by Charles Cohen, Cohen Training and Consulting, LLC
Charles Cohen also holds the position of Commander, Special Investigations and
Criminal Intelligence, Indiana State Police, USA8:30-9:30: Session 1 of 6
What Investigators & Analysts Need to Know about Online Social Media.9:45-10:45: Session 2 of 6
OSINT and Criminal Investigations
11:00-12:00: Session 3 of 6
Successful Use of Online Social Media in Criminal Investigations1:00-2:00: Session 4 of 6
Counterintelligence & Liabilities Involving Online Social Media2:15-3:15: Session 5 of 6
Facebook: Tools, Tricks, & Techniques Investigators Need to Know3:30-4:30: Session 6 of 6
What Investigators Need to Know about Hiding on the InternetSeminar#2
8:30-12:00Understanding ISS Technologies and Products Deployed in Telecommunications Networks and Monitoring Centers for Law Enforcement and Intelligence Analysis
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This half day pre-conference seminar covers the spectrum of ISS Technologies and Products deployed in today's fixed wire, mobile wireless and Internet Service Provider networks and LEA Monitoring and Intelligence Gathering Centers. This all day seminar is ideal for those law enforcement, public safety and intelligence analysts who need an understanding of the ISS technologies to be discussed in the conference sessions and the ISS products displayed at the exhibit hall as well as an understanding of the buzz words and jargon used by telecom operator engineers and their vendors.
08:30-09:30
Introduction to Architectures Telecom Infrastructure, Interception and Related ISS Products
What do LEAs need to know about the public switched telecommunications networks, circuit switching, fiber optics, SONET/SDH, Broadband Access (DSL, ADSL, Cable Modems, etc.), billing systems and call detail records, standards for lawful intercept, basic LI elements (access, delivery and collection function), LEA Monitoring Center Functions (call information and call content data collection) and where are ISS products deployed for monitoring and intercept.09:45-10:45
Understanding Mobile Wireless Infrastructure, Interception and Related ISS Products
Infrastructure basics (GSM, GPRS, EDGE, UMTS, HSPA and LTE), Wi-Fi, WiMax and Femtocells, How a cellular call is processed, back office infrastructure, HLR, VLR, Backhaul and PSTN interconnection, data services, SMS, MMS, IM, data services, fixed mobile convergence, Smartphone challenges for LEA, intrusion techniques, gathering Geolocation data, location technologies (A-GPS and RF finger printing) and where are ISS products deployed for monitoring and intercept.11:00-12:00
Understanding the Internet, Interception and Related ISS Products
What Investigators Have To Know about IP call Identifying Information, Radius, DHCP, DNS, etc., Tracking an Internet Address to a Source, Investigations Involving E-Mail, Facebook, Twitter, Skype, Instant Messaging, Chat Rooms and Message Boards, IMS, P2P Networks and Deep Packet Inspection, Big Data Analytics, defeating encryption, emerging IPv6 Challenges and what can be done to address Internet intercept deploying ISS infrastructure and where are ISS products deployed for monitoring and intercept.Seminar#4
1:00-4:00Understanding Modern Tools for Detection and Mitigation of Cyber Criminality for Law Enforcement
Presented by: Faculty of Information Technology, Brno University of Technology
This pre-conference seminars covers various challenges in modern and future networks. first, it address IPv4 address exhaution and advent of iPv6. Later, the seminar focuses on big data, Netflow processing for data retention, and limits of current architectures for data processing. The seminar concludes with network traffic decoding, namely comparison PCAP files, decoding data from big PCAP files, protocal parsing, and data visualisation.
13:00-14:00
Network user identities: Modern and Future Networks - Speaker: Libor Polčák14:15-14:45
Evaluation of methods for data retention - Speaker: Tomáš Podermański14:45-15:15
Data capture for lawful interception - Speaker: Martin Žádník15:30-16:00
Data decoding - Speaker: Vladimír VeselýSeminar #5
8:30-4:30Advanced IP Intercept Training
Presented by: Hendrik Schulze, President & CTO and Jens Geier, Product Manager, ipoque
08:30-10:45
Understanding TCP/IP for Packet Sniffing and Traffic Analysis
A brief introduction into network technology and the basics of TCP/IP needed for interception and the impact on proper network analysis. Based on this, the workshop reflects the technical options for LEA's to investigate in networks.11:00-2:00
Deep Packet Inspection (DPI) Basics for LEA's, Intelligence Analysts and Telecom Operators
An overview on deep packet inspection technology (DPI) and its basic operations down to the application level. Skype is used as example to show the implications of complex network behavior on DPI.2:15-4:30
Basics of IP Application Decoding From Packets to Structured Data
The workshop is a high-level introduction on building decoder software starting from requirements on an example of software architecture. After an overview of all parts of the introduction the building blocks are elaborated.
Seminar #6
13:00-14:00The Dark Side of the Internet - The Hidden TOR and I2P and How they Function
Presented by: Ross Bowerman, Detective Sergeant, Scottish Police College, UK
Seminar #7
14:15-15:15Smartphone Application Challenges Encountered and Opportunities Presented to Law Enforcement
Presented by: Michael Williamson, Detective Inspector, Force Intelligence Bureau, Crime and Safer Communities, UK
A users overview of Smartphone applications, what they can do, implications, challenges and opportunities for law enforcement in obtaining results and coordinating our response to the overwhelming new apps appearing daily.
Seminar #8
15:30-16:30The Forensic App Factor: Challenges Faced By Forensic Examiners
Presented by: Chris Church, Smart Device Forensic Examiner, Metropolitan Police, UK
This presentation will highlight the importance of application forensics in regards to Smart devices such as iPhones, Android and Blackberry devices with real life examples of applicaiton analysis and the impact this has had on real cases. This will cover some background and challenges faced by forensic examiners and foundations behind such methodologies.
Seminar #9
8:30-12:00Sharing in Real-Time Cyber Threat and Attack Information Among Governments, Telecoms and Private Industry
Presented By
Matthew Lucas (Ph.D. Computer Science)
Vice President, TeleStrategies
And Invited Faculty
Collaborative cybersecurity systems -- where governments, enterprises and telcom operators share threat and attack information in real-time -- are gaining significant interest and momentum in the industry. The approach not only improves respective cyberdefense capabilities and critical infrastructure protection as compared to traditional stove-pipe implementations, but also enables operators to improve the quality of their service offerings and complement them with enhanced cybersecurity features.
As with any distributed system, implementing collaborative cybersecurity platforms is incredibly complicated. In order to be successful, the approach will require robust standards that are efficient, comprehensive and vendor-independent. This half day tutorial will look at the overall challenges, the emerging architectures and standards surrounding distributed collaborative cybersecurity systems. The tutorial will be broke into three sessions:Session 1: Overview of the Technical Challenges in Real-Time Sharing of Threat and Attack Information Among Governments, Telecoms and Private Industry.
This panel of technical experts will give their assessment of the challenges of sharing information among governments, telecom operators and the private sector from a lawful interception and intelligence gathering vendors perspective.
Presented By
Panel of ISS Vendors
Session 2: Distributed Cybersecurity Requirements and Architectures – Cyberthreat data requirements for each domain (government, telcom wide-area, enterprise and CPE) will be identified, data types/schemas will be explained and real-time requirements will be considered.
Session 3: Exchange protocols / use cases – STIX and other protocols will be examined in detail, looking at the specific events captured, usage data formats, trigger events, transport protocols, security/authentication, capabilities exchange, and protocols. The session will wrap up with reference architectures and use cases.Seminar #10
13:00-17:00ETSI/TC LI Update
13:00-13:40
ETSI/TC LI Standards Overview
Gerald McQuaid, Chairman, ETSI/TC LI13:40-14:00
E-Warrant Interface
Tony Rutkowski, Yaana TechnologiesE-Warrant Interface: Details on the "eWarrant Interface" for Lawful Interception and Data Retention. The general use of this electronic interface is highlighted. Future plans will be indicated.
14:45-15:15
Dynamic Triggering
Alex Leadbeater, BT GroupDynamic Triggering: As communications services become more nomadic and interception of basic access services (e.g. broadband) becomes more difficult due to the ever increasing data volumes, service based interception becomes increasingly attractive. In addition Virtual Service Providers and constant mobility of user access methods to those services require a new approach to interception.
15:30-16:00
LI Cloud/Virtual Services
Tony Rutkowski, Yaana TechnologiesLI Cloud/Virtual Services: Beside general information on Cloud services also the TC LI study on "LI Cloud/Virtual services" will be handled.
16:00-16:30
ETSI TC LI Standards In Reality
Rudolf Winschuh, Utimaco SafewareETSI TC LI standards in reality: This presentation will describe in which parts of the world ETSI TC LI standards are used and how they are implemented in various countries.
16:30-17:00
"Guru" Round for Questions for the presenters
