ISS World America is the world's largest gathering of North American Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech Electronic Investigations and Network Intelligence Gathering and Sharing.

ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety and Government Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's Telecommunications networks, the Internet and Social Networks.

Track 1: ISS for Lawful Interception and Criminal Investigation

Track 2: ISS for Cyber Threat Detection, Deep and Dark Web Monitoring
Track 3: ISS for Investigating Criminal Bitcoin Transactions

Track 4: LEA, Defense and Intelligence Analyst Training and Product Demonstrations

Track 5: Social Network Monitoring and Big Data Analytics Product Demonstrations


Plus Advanced Hi-Tech, Cyber Crime Investigation Training 
(13-15 September 2016)


ISS World America 2016 - Agenda at a Glance


Training Seminars Led by Law Enforcement Officers and Ph.D Computer Scientists

28 classroom training hours, presented by sworn law enforcement officers, Ph.D. Computer Scientists and nationally recognized cybercrime textbook authors and instructors. Distinguished ISS World Training Instructors include:

Charles Cohen, Cohen Training and Consulting, LLC, also holds the position of Captain, Indiana State Police

(6 classroom hours)

Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
(7 classroom hours)

Todd G. Shipley CFE, CFCE, President and CEO of Vere Software, Co-Author of , Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace and retired Reno NV, Police Officer

(6 classroom hours)

Matthew Lucas (Ph.D., Computer Science), Vice President, TeleStrategies
(4 classroom hours)

Jerry Lucas (Ph.D., Physics), President, TeleStrategies
(5 classroom hours)

Tuesday, September 13, 2016

Seminar #1
9:00-5:00 PM

Online Social Media and Internet Investigations 

Presented by Charles Cohen, Cohen Training and Consulting, LLC
Charles Cohen also holds the position of Captain, Indiana State Police

09:00-10:00 AM
The role of Online Social Media OSINT in Predicting and Interdicting Spree Killings: Case Studies and Analysis


10:15-11:15 AM
OSINT and Criminal Investigations


11:30-12:30 PM
Metadata Exploitation in Criminal Investigations


1:30-2:30 PM
EXIF Tags and Geolocation of Devices for Investigations and Operational Security


2:45-3:45 PM
Case Studies in Metadata Vulnerability Exploitation and Facial Recognition


4:00-5:00 PM
What Investigators Need to Know about Emerging Technologies Used to Hide on the Internet

Seminar #2
9:00-5:00 PM

Practitioners Guide to Internet Investigations

Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police

The aim of this 1 day seminar is to take the attendees from the basics of understanding the Internet, how to find data, through to a full understanding of best practice of an Internet investigator, having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.

This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.

9:00-10:00 AM
The Internet, and how suspects leave a digital footprint

10:15-11:15 AM
Recognizing Traffic Data and digital profiling

11:30 AM-12:30 PM
WIFI, geolocation, and Mobile Data traces

1:30-2:30 PM
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxies

2:45-3:45 PM
Advanced Techniques in Tracing Suspects and lateral problem solving

4:00-5:00 PM
Open source tools, resources and techniques

Seminar #3
9:00-5:00 PM

A Real World Look at Investigations in the Dark Web

Presented by: Todd G. Shipley CFE, CFCE, President and CEO of Vere Software, Co-Author of , Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace and retired Reno NV, Police Investigator

The aim of this 1 day seminar is to take the attendees from the basics of understanding the Dark Web, how to access it to how to finding information hidden within it. The attendees will learn the best practices for the internet investigator when working in the Deep Web and the tools available to assist their investigations into the Deep Web.
This exclusively Law Enforcement only, as Practical examples, covert and investigative methods will be given throughout the seminar.

09:00-10:00 AM
The Dark Web, what it is and what it is not

10:15-11:15 AM
To Tor or not to Tor

11:30 AM-12:30 PM
CryptoCurrency and its use in the Dark Web

1:30-2:30 PM
Going Undercover on the Dark Web

2:45-3:45 PM
Using web bugs and other technology to locate a suspect

4:00-5:00 PM
Advanced Dark Web Investigations, identifying the anonymous user

Seminar #4
9:00-12:30 PM

Understanding ISS Product Developments in Telecommunication Networks for Lawful Interception and Mass Surveillance

Presented by: Dr. Jerry Lucas, President, TeleStrategies

This half-day seminar covers what law enforcement and intelligence analysts need to understand about today's public telecommunications wireline and wireless networks as well as ISS technologies and products used to lawfully intercept electronic communications and conduct mass network surveillance as discussed at ISS World Conference sessions and by exhibitors.

9:00-10:00 AM
Introduction to Wirelines and IP Infrastructure and Related ISS Products for Lawful Interception and Mass Surveillance

10:15-11:15 AM
Understanding Mobile Wireless Infrastructure, and Related ISS Products for Lawful Interception and Mass Surveillance

11:30 AM - 12:30 PM
Understanding the Internet Over-the-Top (OTT) Services and Related ISS Products for Mass Intelligence Gathering and Surveillance

Seminar #5
1:30-2:30 PM

SS7 Network Vulnerabilities and Intercept Options

Presented by Dr. Jerry Lucas, President, TeleStrategies and a Distinguished Telecom Technology Expert to be announced

Last April's "60 Minute" episode on SS7 Network vulnerabilities sparked a lot of interest from privacy advocates, Congress as well as law enforcement and the government intelligence community. This session reviews the basics of SS7 Networks, how the "60 Minutes" team "legally" hacked into a call to Congressman Ted Lieu's office, how else someone could do the same without a large cooperative telecom and what else can be done with SS7 Networks access.

Seminar #6
2:45-3:45 PM

The Implications of multi-IMSI and OTA for Law Enforcement and the Government Intelligence Community

Presented by Dr. Jerry Lucas, President, TeleStrategies and a Distinguished Telecom Technology Expert to be announced

The era of SIM Cards with static IMSIs issued by cellular operators is changing. Deployment of multi-IMSI as well as network programmable (OTA) SIM cards will create new challenges for law enforcement. This session looks at the implications of multi-SIM and OTA for LEAs and Intel analysts

Seminar #7
4:00-5:00 PM

Update on IETF/Privacy Group's Initiatives to Defeat Lawful Interception

Presented by: Matthew Lucas (Ph.D., Computer Science), Vice President, TeleStrategies

- IETFs TCP CRYPT Initiative making all IP communications effectively dark
- MAC Address Hopping to defeat law enforcement from using MAC addresses to track criminals and terrorists
- Free Certificate Authorities allowing any web site to encrypt its content
- And More

Wednesday, September 14, 2016

Seminar #8
9:00-10:00 AM

Bitcoin 101: Introduction to What Technical Investigators Need to Know about Bitcoin Transactions, Dark Web Commerce and Blockchain Analysis

Presented by: Matthew Lucas (Ph.D., Computer Science), Vice President, TeleStrategies

This 101 training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically this introduction to Bitcoin for technical investigators addresses:

Seminar #9
11:15 AM-12:15 AM

Investigation Techniques for Unmasking TOR Hidden Services and Other Dark Web Operations

Presented by: Matthew Lucas (Ph.D., Computer Science), Vice President, TeleStrategies

TOR networks are notoriously effective at hiding the online identity of criminals, terrorists and others who are up to no good. The other side that receives less attention are TOR hidden services. These are services that leverage TOR's anonymizing capabilties to mask the identity of criminally15osted online services - forming the basis of just about all illegal gambling sites, drug markets, child exploitation material, firearm sales, terrorism propaganda, and more.

Seminar #10
11:15 AM-12:15 PM

Blockchain Analysis: Best Investigation Practices

Presented by: Jonathan Levin, Co-Founder, Chainalysis

A case study focused presentation outlining the major threat actors and the anonymization techniques employed. Will step through some investigations outlining how to get leads in cases or look for corroborative evidence. Will step through some best practice when searching for Blockchain evidence, minimising the time wasted during an investigation. Will answer the important question on when to stop tracing and picking up wallet patterns in the blockchain.

Thursday, September 15, 2016

Seminar #11
11:30-12:30 PM

The Computer Science View of Bitcoins and Dark Markets

Presented by: Nicholas Weaver, Ph.D. is a researcher at the International Computer Science Institute in Berkeley. His primary research is focused on network security, including worms, botnets, and other internet-scale attacks, network measurement, and network criminality including Bitcoin.

The research community has devoted significant effort into understanding Bitcoin and the associated criminal activities ‹ the results of which have promise to transform how law enforcement might handle Bitcoin investigations going forward. This speaker will present relevant Bitcoin/Dark Web investigation research including clustering to mass-deanonymize Bitcoin transactions, "tumblers" and Dark Markets; and why recording transactions is critical for de-anoymization success; robust estimates on the scale of Dark Markets and the daily volume of currency exchanged to/from Bitcoin ($500,000/day); and experiments involving merging datasets with the Bitcoin blockchain ‹ both of which reveal the MtGox accounts of multiple Silk Road drug dealers and was able to confirm that Sean Bridges (the Secret Service agent who stole from Silk Road) transferred effectively all his Bitcoins through MtGox.

Seminar #12
12:00-1:00 PM

Understanding and Defeating TOR and Encryption

Presented by: Matthew Lucas (Ph.D., Computer Science), Vice President, TeleStrategies

This session will explain how TOR anonymizes IP traffic, how TOR hidden services work, who uses TOR hidden services and the top five TOR investigation approaches. The session will start by illustrating standard standard IP based services and comparing with anonymizing TOR software. Transactions will be considered by both a DPI tool, and looking at server logs. Next, the presenter will illustrate how TOR hidden services work, and present the latest research on TOR HSDIR usage and statistics. Finally, the presenter will look at TOR statistical analysis; identifying TOR traffic via IP lookups and protocol signatures; TOR protocol defeating research such as padding and signaling; malware compromises and inducing identity-related traffic outside the TOR stack.

Pre-Conference Sessions Description At The End of Agenda Posting After Track 5