Monday, October 6, 2014

2014 Pre-Conference Training Seminars

Seminar #1
8:30-4:30 p.m.
　
Online Social Media and Internet Investigations

Presented by Charles Cohen, Cohen Training and Consulting, LLC
Charles Cohen also holds the position of Commander, Cyber Crimes and Investigative Technologies Section, Indiana State Police, USA

8:30-9:30 a.m.: Session 1 of 6
What Investigators & Analysts Need to Know about Online Social Media.
This session is for criminal investigators and intelligence analysts who need to understand the impact of online social networking on how criminals communicate, train, interact with victims, and facilitate their criminality.

9:45-10:45 a.m.: Session 2 of 6
OSINT and Criminal Investigations
Now that the Internet is dominated by Online Social Media, OSINT is a critical component of criminal investigations. This session will demonstrate, through case studies, how OSINT can and should be integrated into traditional criminal investigations.
　
11:00-12:00 p.m.: Session 3 of 6
Successful Use of Online Social Media in Criminal Investigations
This session is for investigators who need to understand social network communities along with the tools, tricks, and techniques to prevent, track, and solve crimes.

1:00-2:00 p.m.: Session 4 of 6
Counterintelligence & Liabilities Involving Online Social Media
Current and future undercover officers must now face a world in which facial recognition and Internet caching make it possible to locate an online image posted years or decades before. There are risks posed for undercover associated with online social media and online social networking Investigations. This session presents guidelines for dealing with these risks.

2:15-3:15 p.m.: Session 5 of 6
Facebook: Tools, Tricks, & Techniques Investigators Need to Know
While there are over 300 social networking sites on the Internet, Facebook is by far the most populous, with over 800 million profiles. It has roughly the same population as the US and UK combined, making it the third largest country by population. There are over 250 million images and 170 million status updates loaded on Facebook every day. This session will cover topics including Facebook security and account settings, Facebook data retention and interaction with law enforcement, and common fraud schemes involving Facebook.

3:30-4:30 p.m.: Session 6 of 6
What Investigators Need to Know about Hiding on the Internet
Criminal investigators and analysts need to understand how people conceal their identity on the Internet. Technology may be neutral, but the ability to hide ones identity and location on the Internet can be both a challenge and an opportunity. Various methods of hiding ones identity and location while engaged in activates on the Internet, provides an opportunity for investigators to engage in covert online research while also providing a means for criminals to engage in surreptitious communication in furtherance of nefarious activities. As technologies, such as digital device fingerprinting, emerge as ways to attribute identity this becomes a topic about which every investigator and analyst may become familiar.

Seminar #2
8:30-4:30 p.m.

Understanding ISS Technologies and Products Deployed in Telecommunications Networks and Monitoring Centers for Law Enforcement and Intelligence Analysts

Presented by: Dr. Jerry Lucas, President, TeleStrategies

This one day pre-conference seminar covers the spectrum of ISS Technologies and Products deployed in today's fixed wire, mobile wireless and Internet Service Provider networks and LEA Monitoring and Intelligence Gathering Centers. This all day seminar is ideal for those law enforcement, public safety and intelligence analysts who need an understanding of the ISS technologies to be discussed in the conference sessions and the ISS products displayed at the exhibit hall as well as an understanding of the buzz words and jargon used by telecom operator engineers and their vendors.

08:30-10:45 a.m.
Introduction to Telecom Infrastructure, Interception and Related ISS Products
What do LEAs need to know about telecommunications networks infrastructure, basic LI elements (access, delivery and collection function), LEA Monitoring Center Functions and where are ISS products deployed for monitoring and intercept.

11:00-2:00 p.m.
Understanding Mobile Wireless Infrastructure, Interception and Related ISS Products
Infrastructure basics, back office infrastructure, IM, data and where are ISS products deployed for monitoring and intercept.

2:15-4:30 p.m.
Understanding the Internet, Interception and Related ISS Products

What Investigators Have To Know about IP call Identifying Information, Investigations Involving E-Mail, Facebook, Twitter, Skype, Instant Messaging, Chat Rooms and what can be done to address Internet intercept deploying ISS infrastructure and where are ISS products deployed for monitoring and intercept.

Seminar #3
8:30-4:30 p.m.

Practitioners Guide to Internet Investigations

Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police

The aim of this 1 day seminar is to take the attendees from the basics of understanding the internet, how to find data, through to a full understanding of best practice of an internet investigator, having awareness and knowledge of all the tools available to achieve this.

This is exclusively Law Enforcement only, as Practical examples, covert and investigative methods will be given throughout the seminar.

8:30-9:30 a.m.
The World Wide Web and the Internet

9:45-10:45 a.m.
Recognizing Traffic Data

11:00-12:00 p.m.
WiFi and Mobile Data

1:00-2:00 p.m.

Emerging Technologies, Masking Tech and Tools

2:15-3:15 p.m.

Advanced Techniques in Tracing Suspects

3:30-4:30 p.m.
Open Source Intelligence Training (OSINT)

Seminar #4
1:00-2:00 p.m.

The Dark Side of the Internet - TOR & Bitcoins

Presented by Ross Bowerman, Detective Sergeant, UK Police

Seminar #5
2:15-4:30 p.m.

Smartphone Application Challenges Encountered and Opportunities Presented to Law Enforcement

Presented by Michael Williamson, Detective Inspector, Force Intelligence Bureau, Crime and Safer Communities, UK

A users overview of Smartphone applications, what they can do, implications, challenges and opportunities for law enforcement in obtaining results and coordinating our response to the overwhelming new apps appearing daily.

Seminar #6
9:45-10:45 a.m.

Understanding Browser and Device "Fingerprinting" to Identify Criminals and Terrorists

Presented by: Matthew Lucas (Ph.D, Computer Science), Vice President, TeleStrategies

Every communications device has a set of digital characteristics (a so-called "fingerprint") that can be used by law enforcement to identify, track and isolate that device on a given network. This session will look at the possibilities of device fingerprinting, including: MAC/physical properties, IP network configuration, operating system profiles and application-level information such as java environment variables, cookies and application-resident data. Where possible, each will be illustrated with case studies and examples to show how law enforcement can leverage the device characteristics to identity criminal behavior, track suspects and collect evidence.

Seminar #7
11:00-12:00 p.m.

Understanding Encryption Technologies, Services Used by Criminals and Covert IT Intrusion Techniques

Presented by: Matthew Lucas (Ph.D, Computer Science), Vice President, TeleStrategies

The Internet is migrating from an open platform of interconnected devices, to a world of highly encrypted, tightly integrated systems. This webinar will look at the technologies that application developers, social-media companies and enterprises are adopting that effectively lockout law enforcement and intelligence analysts from intercepting and decoding content. The presenter will look at in detail the encryption protocols, techniques and standards that the Internet community is adopting, and consider the implications to traditional intercept and content decoding systems - including application fingerprinting, exploitation approaches and practical considerations for law enforcement.

1. Encryption Basics

2. Basic eCommerce Encryption Options

3. Special Encryptions and Anonymous Communications Services Frequently used by Criminals

4. Defeating Encryption and Covert IT Intrusion Techniques

5. HTTP 2.0 and Future Encryption Developments

Seminar #8
8:30-10:45 a.m.

Beyond Google: What to Do When Google (Bing and Yahoo) Do Not Answer Your Questions in a Useful Way

Presented by Stephen Arnold, ArnoldIT

The purpose of this tutorial is to provide recommendations for specific online search tactics tailored to law enforcement and intelligence professionals. In this two hour session, Stephen E Arnold will walk through "how to's" for four specific cases/situations in which free open source online services can help handle the types of questions investigators and analysts often have in different languages.

Seminar #9
11:00-12:00 p.m.

Smart Systems Substance or Shadow, Blind Spots or Shadow. Blind Spots in Mainstream Intelligence Systems

Presented by Stephen Arnold, ArnoldIT

Despite the high profile of Big Data and surveillance in the
US, the systems used by intelligence and law enforcement
professionals have limitations.
This lecture will seek to answer these key questions for practitioners in intelligence:

• Are next generation systems delivering value to licensees?
• Are sophisticated systems hardened and reliable?
• What are the limitations within which these smart systems operate for the intelligence professional?

Seminar #10
1:00-3:15 p.m.

Visual Analytics: Discovering Real-World Patterns by Exploiting Meta Data Content

Presented by: Christopher Westphal, Raytheon Cyber Products

Seminar #11
3:30-4:30 p.m.

Big Data Analytics for Entity Based Representations: Detecting Networks, Connections, and Correlations

Presented by: Christopher Westphal, Raytheon Cyber Products
　

(Full Pre-Conference Seminar Agenda Appears After Track 7)

Tuesday, October 7, 2014

Welcoming Remarks

8:15-8:30 a.m.

Tatiana Lucas, ISS World Program Director, TeleStrategies

ISS World Keynote Addresses

8:30-9:00 a.m.

Top Ten Internet Challenges Facing Law Enforcement and the Intelligence Community and Who at ISS World America has Solutions Dr. Jerry Lucas, President, TeleStrategies

ISS World Americas Exhibits

Tuesday, October 7, 2014
10:00 a.m. - 5:00 p.m.

Wednesday, October 8, 2014
9:30 a.m. - 12:30 p.m.

---

Track 1: ISS for Lawful Interception and Criminal Investigations

This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.

Tuesday, October 7, 2014

9:00-9:30 a.m.	Off The Grid: New Technologies That Are Going Dark And How To Address Them Marcus Thomas, EVP Operations and CTO, Subsentio and Former Assistant Director, Operational Technologies Division, FBI
9:30-10:00 a.m.	Industry Challenges Presented by Yaana Technologies
11:30-12:30 p.m. Session A	Current and Future Standardization Challenges: Encryption, Network Function Virtualization, Cloud Computing and More Alex Leadbeater, Chairman, SA3 LI and EU Data Retention Compliance Manager, BT
11:30-12:00 p.m. Session B	Today’s interception in an encrypted, social and clouded world. David Vincenzetti, CEO, Hacking Team
1:30-2:00 p.m.	LI in Clouds Rudolf Winschuh, Utimaco TS GmbH
2:00-2:30 p.m.	Reflection Time - Monitoring Centre in a box Presented by GOS Systems
3:00-4:00 p.m. Session A	Panel on Today’s and Future Lawful Interception Challenges From Law Enforcement Officer’s Perspectives Charles Cohen, Cohen Training and Consulting, LLC and Commander, Cyber Crimes and Investigative Technologies Section, Indiana State Police, USA Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police Michael Williamson, Detective Inspector, Force Intelligence Bureau, Crime and Safer Communities, UK Ross Bowerman, Detective Sergeant, Scottish Police College, UK
3:00-4:00 p.m. Session B	Yaana Technologies Product Demonstration Presented by Yaana Technologies
4:15-5:15 p.m.	Understanding The New Requirements US Telecom Operators would have to meet Regarding Metadata Storage for NSA Panel Moderator: Dr. Jerry Lucas, President, TeleStrategies Panel to be Announced

Wednesday, October 8, 2014

8:30-9:30 a.m. Session A	The USA Freedom Act: What is the Potential Impact on the Communications Industry Panel Moderator: Joel M. Margolis, General Counsel and Executive Vice President, Subsentio And Other Panelists To Be Announced
10:30-11:30 a.m. Session A	New LI/RD Standards Initiatives Tony Rutkowski, Executive VP, Yaana Technologies
10:30-11:00 a.m. Session B	Encryption of mass-communication changed the game's rules, learn how to stay ahead of threats with Remote Stealth Surveillance Presented by AGT
12:15-1:15 p.m.	The Dark Side of the Internet - TOR & Bitcoins Ross Bowerman, Detective Sergeant, Scottish Police College, UK

---

Track 2: ISS for Mass Intercept, Big Data Analytics and Social Network Monitoring

This track is for Intelligence Analysts and Law Enforcement agents who have to "connect the dots" between people, places and other entities by searching through massive amounts of unstructured data from various sources using visual analytics, semantic technologies, data mining, OSINT and other intelligence gathering tools and techniques

Monday, October 6, 2014

8:30-4:30 p.m.	Online Social Media and Internet Investigations Presented by Charles Cohen, Cohen Training and Consulting, LLC Charles Cohen also holds the position of Commander, Cyber Crimes and Investigative Technologies Section, Indiana State Police, USA
1:00-3:15 p.m.	Visual Analytics: Discovering Real-World Patterns by Exploiting Meta Data Content Christopher Westphal, Raytheon Cyber Products
3:30-4:30 p.m.	Big Data Analytics for Entity Based Representations: Detecting Networks, Connections, and Correlations Christopher Westphal, Raytheon Cyber Products

Tuesday, October 7, 2014

11:30-12:30 p.m.	How Big Data Analytics is Empowering the Pursuit – and Conviction – of Criminals Steven Tessler, Cyber Engineer, Raytheon Cyber Products
1:30-2:30 p.m.	The New Investigator Toolbox: from Tactical to Open Source Investigations Presented by AREA

Wednesday, October 8, 2014

8:30-9:30 a.m.	Smartphone Application Challenges Encountered and Opportunities Presented to Law Enforcement Michael Williamson, Detective Inspector, Force Intelligence Bureau, Crime and Safer Communities, UK
12:15-1:15 p.m.	Beyond Google: What to Do When Google (Bing and Yahoo) Do Not Answer Your Questions in a Useful Way Stephen Arnold, ArnoldIT

---

Track 3: Cyber Threat Detection and Information Sharing Training

This track addresses how to detect cyber threats in real-time and share threat information with private enterprises, government agencies as well as other tleecom operators. This track si open to telecom operators, private enterprise persone with security and investigation responsibilities, all government attendees and ISS vendors.

Tuesday, October 7, 2014

9:00-9:30 a.m.	Fighting Next-Generation Adversaries with Shared Threat Intelligence Jacob West, Chief Technology Officer, Enterprise Products, Hewlett-Packard
9:30-10:00 a.m.	Trend Micro Cyber Threat Detection Solutions Tom Kellermann, Chief Cybersecurity Officier, Trend Micro
11:30-12:30 p.m. Session A	How Big Data Analytics is Empowering the Pursuit – and Conviction – of Criminals Steven Tessler, Cyber Engineer, Raytheon Cyber Products
11:30-12:30 p.m. Session B	Best Practices for Addressing Insider Threat’s Chris Inglis, former Duputy Director, NSA and Advisory Board Member, Securonix
1:30-2:30 p.m.	Beyond Buzzwords: Defining Threat Intelligence, and Why It Matters Eric Olson, Vice President of Product Strategy, Cyveillance
3:00-4:00 p.m.	Active Decomposition: Game Changing Threat Detection and Analysis Mario Vuksan, CEO, ReversingLabs

Wednesday, October 8, 2014

9:00-9:30 a.m. Session A	Unlocking the Value from the Overwhelming Volume of Threat Intelligence with Automation and Collaboration Sean Brady, VP Product Management, Vorstack
8:30-9:30 a.m. Session B	Role of Telecom Operators in Supporting Cyber Threat Detection, Information Sharing and New Government Cyber Defense Mandates Representative from the FCC, CTIA, NTIA and Major Telecom Operators
10:30-11:30 a.m. Session A	Presentation on eSentire Asset Management Protection Mark Sangster, Vice President, Marketing, eSentire
10:30-11:30 a.m. Session B	Defeating the APT Threat with Effective Vulnerability Management John Trull, CISO, Qualys

Monday, October 6, 2014

8:30-9:30 a.m.	Understanding the Impact of the "Cyber Information Sharing and Protection Act". Panel to be Announced
9:45-10:45 a.m.	STIX/TAXII Introduction for Business Development and Cyber Security Professionals Presenters to be Announced
11:00-12:00 p.m.	STIX/TAXII, other Standards or are Standards Needed to Support the Mandates/Recommendations of the "Cyber Information Sharing and Protection Act". Presenters to be Announced

---

Track 4: Encrypted Traffic Monitoring and IT Intrusion Product Training

This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees

Monday, October 6, 2014

11:00-12:00 p.m.

Understanding Encryption Technologies, Services Used by Criminals and Covert IT Intrusion Techniques Matthew Lucas (Ph.D, Computer Science), Vice President, TeleStrategies

Tuesday, October 7, 2014

9:00-10:00 a.m.	Covert IT Operations with OSINT and Custom Tools - Real Scenarios Presented by FinFisher
11:30-12:30 p.m. Session A	Encryption of mass-communication changed the game’s rules: Remote Stealth Surveillance Presented by AGT
11:30-12:30 p.m. Session B	Monitoring encrypted and secure communication - Extract actionable intelligence securely and efficiently to stay ahead of security threats. Presented by CyberDart
1:30-2:30 p.m.	Identifying criminal organizations on social networks by intruding communications devices. Marco Valleri - CTO, Alberto Ornaghi – Software Architect, Fabrizio Cornelli – Senior Software Developer, Hacking Team
3:00-4:00 p.m.	FinFisher™: Maximum Impact - The Evolution of IT Investigation Presented by FinFisher

Wednesday, October 8, 2014

8:30-9:30 a.m. Session A	Virtual Human Intelligence: be inside, stealth, future and technology proof Presented by AREA
8:30-9:30 a.m. Session B	Augmenting traditional LI - Gain access targeted information within an encrypted digital environment Presented by CyberDart
10:30-11:30 a.m.	Intruding communication devices: live demonstration of latest attack techniques. Marco Valleri - CTO, Alberto Ornaghi – Software Architect, Fabrizio Cornelli – Senior Software Developer, Hacking Team

---

Track 5: LEA, Defense and Intelligence Analyst Training and Product Demonstrations

This training is only open to Law Enforcement, P

ublic Safety and Government Intelligence Community Attendees.

Monday, October 6, 2014

8:30-4:30 p.m.

Practitioners Guide to Internet Investigations Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police

Tuesday, October 7, 2014

9:00-10:00 a.m. Session A	Cyber Warfare Weapons for Mobile & Desktop devices, Internet backbone, Wireless networks and SSL Decryption. Security solutions for a Non-traceable mobile and Point-to-Point Uncrackable Encryption. Dr (hc) Ankur Srivastava, Founder, Aglaya
9:00-9:30 a.m. Session B	Analyzing Multiple Data Sources in One Application Presented by SS8
9:30-10:00 a.m. Session B	Interception and Intelligence Gathering - Impact of Growing Bandwidth and New IP Applications Presented by SS8
11:30-12:30 p.m.	Converging Big Data Analytics with Targeted Lawful Interception and Investigation. Julian Fellows, Senior Business Manager, Aqsacom
1:30-2:30 p.m.	Advancing the Role of the Monitoring Center Presented by SS8

---

Track 6: Social Network Monitoring and Big Data Analytics Product Demonstrations

This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees

Tuesday, October 7, 2014

9:00-9:30 a.m.	More Mass, Less Weight:  Zeroing In on Actionable Intelligence through Bundles of Big Data Ruth Franco, Product Manager, Verint
9:30-10:00 a.m.	Feel their Pulse with Every Interaction: Extracting More Target Intelligence from Captured IP Ruth Franco, Product Manager, Verint
1:30-2:00 p.m. Session A	War on Social Media Presented by AGT
1:30-2:30 p.m. Session B	Monitoring Social Media with Leidos Digital Echo Parker Hine, Leidos
2:00-2:30 p.m. Session A	Social Media Steals Intelligence Presented by AGT
3:00-3:30 p.m.	Multi-dimensional Tactical Intelligence Solutions for Neutralizing Global Threats Amir Barel, VP, Verint
3:30-4:00 p.m.	Open Source Web Intelligence Extracting More Actionable Intelligence from the Open Source Web Hamutal Meridor, Director, Verint

Wednesday, October 8, 2014

10:30-11:00 a.m.	Announcing the Verint Integrated Suite of Solutions for Actionable Intelligence Kenny Kleinerman, Marketing Manager, Verint
11:00-11:30 a.m.	Detecting and Eliminating Tomorrow's Nation-wide Cyber Threats Kenny Kleinerman, Marketing Manager, Verint

---

Track 7: ISS for Mobile Signal Intercept, Electronic Surveillance and Technical Surveillance Countermeasures (TSCM)

This track is for Law Enforcement, Interior Security and the Government Intelligence Community who must work with cellular and mobile satellite operators regarding mobile location, electronic surveillance and intercept as well as TSCM.

Some sessions (as indicated) are only open to Law Enforcement and Other Government Intelligence Community Attendees.

Tuesday, October 7, 2014

9:00-10:00 a.m. Session A	Nomadic equipment, wearable monitoring and field Command Centre Presented by AREA
9:00-10:00 a.m. Session B	Unlock the hidden value of Mobile Network data using advanced techniques, efficiently. Presented by CyberDart
11:30-12:30 p.m.	NeoSoft tactical solutions for Mobile monitoring Presented by NeoSoft AG (Only Open to Law Enforcement and Other Government Intelligence Community Attendees)
1:30-2:30 p.m.	Live demo: Cyber Warfare Weapons for Mobile & Desktop devices, Internet backbone, Wireless networks and SSL Decryption. Security solutions for a Non-traceable mobile and Point-to-Point Uncrackable Encryption. Dr (hc) Ankur Srivastava, Founder, Aglaya (Only Open to Law Enforcement and Other Government Intelligence Community Attendees)
3:00-4:00 p.m. Session A	Using Portable Wide Band Recorders for Surveillance Purposes Presented by QRCtech (Only Open to Law Enforcement and Other Government Intelligence Community Attendees)
3:00-4:00 p.m. Session B	Get valuable location based information for your applications, using a variety of interfaces effectively. Presented by CyberDart

Wednesday, October 8, 2014

8:30-9:30 a.m. Session A	Grey Force Tracking: Locate Your Teams On The Field Presented by Hear & Know (Only Open to Law Enforcement and Other Government Intelligence Community Attendees)
9:00-9:30 a.m. Session B	GSM/3G/LTE IMSI catcher basics. Public number detection. Mass Emergency notification by SMS. Target localization for LEAs and Search & Rescue operations. Presented by NeoSoft (Only Open to Law Enforcement and Other Government Intelligence Community Attendees)
12:15-1:15 p.m.	Secure Trip: When location enhances travelers and expatriate security Presented by Hear & Know

---

2014 Pre-Conference Training Seminars

Monday, October 6, 2014

Seminar #1
8:30-4:30 p.m.
　
Online Social Media and Internet Investigations　

Presented by Charles Cohen, Cohen Training and Consulting, LLC
Charles Cohen also holds the position of Commander, Cyber Crimes and Investigative Technologies Section, Indiana State Police, USA

8:30-9:30 a.m.: Session 1 of 6
What Investigators & Analysts Need to Know about Online Social Media.
This session is for criminal investigators and intelligence analysts who need to understand the impact of online social networking on how criminals communicate, train, interact with victims, and facilitate their criminality.

9:45-10:45 a.m.: Session 2 of 6
OSINT and Criminal Investigations
Now that the Internet is dominated by Online Social Media, OSINT is a critical component of criminal investigations. This session will demonstrate, through case studies, how OSINT can and should be integrated into traditional criminal investigations.
　
11:00-12:00 p.m.: Session 3 of 6
Successful Use of Online Social Media in Criminal Investigations
This session is for investigators who need to understand social network communities along with the tools, tricks, and techniques to prevent, track, and solve crimes.

1:00-2:00 p.m.: Session 4 of 6
Counterintelligence & Liabilities Involving Online Social Media
Current and future undercover officers must now face a world in which facial recognition and Internet caching make it possible to locate an online image posted years or decades before. There are risks posed for undercover associated with online social media and online social networking Investigations. This session presents guidelines for dealing with these risks.

2:15-3:15 p.m.: Session 5 of 6
Facebook: Tools, Tricks, & Techniques Investigators Need to Know
While there are over 300 social networking sites on the Internet, Facebook is by far the most populous, with over 800 million profiles. It has roughly the same population as the US and UK combined, making it the third largest country by population. There are over 250 million images and 170 million status updates loaded on Facebook every day. This session will cover topics including Facebook security and account settings, Facebook data retention and interaction with law enforcement, and common fraud schemes involving Facebook.

3:30-4:30 p.m.: Session 6 of 6
What Investigators Need to Know about Hiding on the Internet
Criminal investigators and analysts need to understand how people conceal their identity on the Internet. Technology may be neutral, but the ability to hide ones identity and location on the Internet can be both a challenge and an opportunity. Various methods of hiding ones identity and location while engaged in activates on the Internet, provides an opportunity for investigators to engage in covert online research while also providing a means for criminals to engage in surreptitious communication in furtherance of nefarious activities. As technologies, such as digital device fingerprinting, emerge as ways to attribute identity this becomes a topic about which every investigator and analyst may become familiar.

Seminar #2
8:30-4:30 p.m.

Understanding ISS Technologies and Products Deployed in Telecommunications Networks and Monitoring Centers for Law Enforcement and Intelligence Analysts

Presented by: Dr. Jerry Lucas, President, TeleStrategies

This one day pre-conference seminar covers the spectrum of ISS Technologies and Products deployed in today's fixed wire, mobile wireless and Internet Service Provider networks and LEA Monitoring and Intelligence Gathering Centers. This all day seminar is ideal for those law enforcement, public safety and intelligence analysts who need an understanding of the ISS technologies to be discussed in the conference sessions and the ISS products displayed at the exhibit hall as well as an understanding of the buzz words and jargon used by telecom operator engineers and their vendors.

08:30-10:45 a.m.
Introduction to Telecom Infrastructure, Interception and Related ISS Products
What do LEAs need to know about telecommunications networks infrastructure, basic LI elements (access, delivery and collection function), LEA Monitoring Center Functions and where are ISS products deployed for monitoring and intercept.

Understanding ISS:
Why Understanding Telecom Infrastructure is Important for Law Enforcement and Intelligence Analysts

Basic Telecom Building Blocks:
Circuit vs. Soft IP Switching, Signaling (SS7, ISDN, DTMF, etc.), fiber optics (SDH and SONET), Broadband Access (DSL, Cable Modems, Wi-Fi etc.), IP Core Technologies (Routing, ATM, MPLS, etc.) and Network Elements for Intercept.

Telco Back Office Systems:
Billing Systems, Mediation Services for Capturing Call Detail Records and LEA Intercept Request Processing.

Lawful Interception Architectures:
Probes (active and passive), Optical Layer Intercept at 10, 40 and 100 GBPS, Mediation and Data Retention Architectures, CALEA Pen Register and Trap & Trace, LEA Monitoring Center Functions and ISS Products Deployed in Fixed Wire Network Infrastructure.

Typical US DEA Funded LI Systems:
LIMS, T2S2, Warrant Processing, Data Logs, Capacity Requirement (e.g. Targets, Handoff Circuit Capacity, etc.) Central America Project Funding and Enterprise Hardware/Software Requirements

Legal Intercept Options:
What must telecom operators provide with a served subpoenas, Search Warrant, CALEA-Title III, National Security Letter and FISA Warrant.

11:00-2:00 p.m.
Understanding Mobile Wireless Infrastructure, Interception and Related ISS Products
Infrastructure basics, back office infrastructure, IM, data and where are ISS products deployed for monitoring and intercept.

Types of Wireless Network:
Differences among Network Operators, MUNO's, WiFi, WiMAX, Microwave, Satellite, Femtocells and NFC Interfacing.

Mobile Network Infrastructure:
Subsystems (cell sites, sector antennas, back hall, processors at towers, MSO special features (HLR, VLR, etc.) and PSTN Interconnect.

Cellular Network Generations:
Infrastructure Difference Among GSM, GPSS, EDGE, HSPA, North American CDMA, W-CDMA and LTE (CSFB vs. IMS Based) and Difference in Data Service Support.

Smartphones:
Functional Differences between 3G/4G Smartphones and 2G Phones, SMS messaging vs. iPhone text messages regarding intercept and 3G vs. LTE data services capabilities.

Cell Phone CDR's:
What records do cellular operators obtain when the phone is on, what's in a CDR when phone call is initiated and other forensic data of value to LEA's.

Cell Phone Tracking Options:
Cellular Operator Tracking Services available to LEA's, Target Pinging, Location technologies (GPS is National Based vs. RF Spectrum Mapping, GSM Surveillance, A-GSM intercept, WiFi Tracking, IMSI/IMEI Catchers, Spyware and more.

Smartphone Services to Avoid Tracking:
WHATSAPP, TIGER Text, WICKR, VIBER, GroupMe and more.

ISS Intercept Product Options:
Electronics Surveillance (audio, video and GPS), Location Based Mediation Products, Smartphone IT Intrusion and Cellular CDR data mining, Geocoded Photo Metadata, EXIF tags, Special Smartphone Services for Geolocation (Creepy, Instragram, Foursquare, VIBE and more).

2:15-4:30 p.m.
Understanding the Internet, Interception and Related ISS Products

What Investigators Have To Know about IP call Identifying Information, Investigations Involving E-Mail, Facebook, Twitter, Skype, Instant Messaging, Chat Rooms and what can be done to address Internet intercept deploying ISS infrastructure and where are ISS products deployed for monitoring and intercept.

IP Basics:
Why Understanding IP Layering Model, TCP/IP and UDP is important for LEA's and the IC Community, IP addresses (IPv4 vs. IPv6), static vs. dynamic addresses and more.

Internet Players:
The managers (ICANN, IANS and IETF), NSPs vs. ISPs vs. CDNs, How the Internet Players exchange IP Traffic, Private vs. Public peering and IXPs.

ISP Infrastructure:
RAS, RADIUS, DHCP and DNS and why these servers are important to understand.

VoIP Options:
Types of VoIP Services, PSTN interconnect, Gateway Based (Vonage), P2P (Skype & VIBER), Softswitches, SIP and IMS.

E-mail Services:
Client Based E-mail vs. Webmail. What's different about E-mail, SMS, WEB 2.0, HTTPS, HTTPS 2.0, Smartphone messaging and Social Network messages.

Social Network Metadata:
From Tweets, Facebook, E-mail and Smartphones.

Deep Packet Inspection:
What's DPI, Where do telecoms deploy DPI and Where does the Intelligence Community request DPI intercept.

Defeating Encryption:
Encryption options, Public Key Encryption, TOR, Third Party Services Available (Wickr), Encryption Products and how to defeat encryption (Spyware, Remotely Loaded Programs, IT Intrusion and Man-In-The-Middle Attacks)

ISS Products for Intelligence Gathering:
OSINT, Big Data Analytics, Speaker Recognition, Facial Recognition, IP Mediation Devices and Monitoring Centers.

Seminar#3
8:30-4:30 p.m.

Practitioners Guide to Internet Investigations


Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police

The aim of this 1 day seminar is to take the attendees from the basics of understanding the internet, how to find data, through to a full understanding of best practice of an internet investigator, having awareness and knowledge of all the tools available to achieve this.

This is exclusively Law Enforcement only, as Practical examples, covert and investigative methods will be given throughout the seminar.

8:30-9:30 a.m.
The World Wide Web and the Internet

• How it works. Why it works. How data traffic leaves a trace ;
• What the internet is; what is an IP and what protocols are used ( TCP/IP)
• IPv4 and IPv6 – understanding the changes
• mirror servers use and value
• Tracking and evaluating data

9:45-10:45 a.m.
Recognizing Traffic Data

• A practitioner's guide to what data is available. How to harvest and analyse it.
• Best practice to identify suspects and build profiles.
• Data collection and interrogation
• IP usage, exploitation and dynamics; IP plotting and analysis how to look for suspect mistakes and exploit them ( where they show their id)
• Dynamic approaches to identifying suspects through internet profiles
• What investigators get from tech and service providers, and how to analyse it
• What to ask for with current legislation to achieve best results
• SPOC best practice.
• ISP/ CSP capabilities and opportunities.

11:00-12:00 p.m.
WIFI and Mobile Data

• A practitioner's look at Wi-Fi, attribution, cell site data, GPRS location services and technology. How an investigator can track devices, attribute suspects locations, devices and movement.
• Dynamic live time tracing
• Geo location services and uses
• Surveillance without DSA and authority

1:00-2:00 p.m.

Emerging Technologies, Masking Tech and Tools

• How suspects are using emerging and new technologies.
• An introduction to where technology is going, and how Law enforcement can use this to our advantages.
• Darknet, (Deepweb) and IRC use
• VOIP, Skype
• Advanced data sniffing and profile building
• TOR systems, applications and ways to coax offenders out of the system.

2:15-3:15 p.m.

Advanced Techniques in Tracing Suspects

• Using innovative and dynamic methods to trace offenders.
• tricks used by suspects and how to combat them
• Covert internet investigations
• Proxy servers and hiding.
• managing collateral intrusion
• Reverse and social engineering
• Thinking outside the box
• Possible missed opportunities
• Profile building and manhunts

3:30-4:30 p.m.
Open Source Intelligence Training (OSINT)

• An in depth look at what tools are available; how to use them, and practical applications.
• safety online when open sourcing
• open source training and awareness basics
• Trace suspects using available tools
• How to identify leads in investigations and data from ISP
• Internet tools to assist in building online profiles on suspects
• A run through of my website dedicated to online tracing tools and how best to use it (LEA ONLY)
• Reverse engineering and social engineering

Seminar #4
1:00-2:00 p.m.

The Dark Side of the Internet - TOR & Bitcoins


Presented by Ross Bowerman, Detective Sergeant, UK Police

Seminar #5


2:15-14:30 p.m.

Smartphone Application Challenges Encountered and Opportunities Presented to Law Enforcement


Presented by Michael Williamson, Detective Inspector, Force Intelligence Bureau, Crime and Safer Communities, UK


A users overview of Smartphone applications, what they can do, implications, challenges and opportunities for law enforcement in obtaining results and coordinating our response to the overwhelming new apps appearing daily.

Seminar #6
9:45-10:45 a.m.

Understanding Browser and Device "Fingerprinting" to Identify Criminals and Terrorists

Presented by: Matthew Lucas (Ph.D, Computer Science), Vice President, TeleStrategies

Every communications device has a set of digital characteristics (a so-called "fingerprint") that can be used by law enforcement to identify, track and isolate that device on a given network. This session will look at the possibilities of device fingerprinting, including: MAC/physical properties, IP network configuration, operating system profiles and application-level information such as java environment variables, cookies and application-resident data. Where possible, each will be illustrated with case studies and examples to show how law enforcement can leverage the device characteristics to identity criminal behavior, track suspects and collect evidence.

Seminar #7

11:00-12:00 p.m.

Understanding Encryption Technologies, Services Used by Criminals and Covert IT Intrusion Techniques

Presented by: Matthew Lucas (Ph.D, Computer Science), Vice President, TeleStrategies

The Internet is migrating from an open platform of interconnected devices, to a world of highly encrypted, tightly integrated systems. This webinar will look at the technologies that application developers, social-media companies and enterprises are adopting that effectively lockout law enforcement and intelligence analysts from intercepting and decoding content. The presenter will look at in detail the encryption protocols, techniques and standards that the Internet community is adopting, and consider the implications to traditional intercept and content decoding systems - including application fingerprinting, exploitation approaches and practical considerations for law enforcement.

1. Encryption Basics

• Shared vs. Public Key Encryption
• Certified Authorities
• Significance of Key Size
• GSM Encryption (A5.1, A5.2 to A5.3)

2. Basic eCommerce Encryption Options

• Encryption used in Financial Transactions
• Role of Web 2.0, HTTPS and SSL/TLS
• Telecom Operator Encryption Service Options

3. Special Encryptions and Anonymous Communications Services Frequently used by Criminals

• Commercial Offerings
• TOR
• Proxy Servers and VPN Services
• P2P Option

4. Defeating Encryption and Covert IT Intrusion Techniques

• How Does Spyware and IT Intrusion Work
• Cooperation with Certificate Authorities
• Defeating GSM Encryption
• Man-in-the-Middle Attack Techniques
• Device Fingerprinting

5. HTTP 2.0 and Future Encryption Developments

• What's Driving the Development of HTTP 2.0? (e.g. Prisim-Proffing the Internet)
• Why will it be a challenge to LEA/IC's (multiple elements per connections, HTTP
  header compression and mandatory encryption)
• Other Dark Email Project Underway

Seminar #8
8:30-10:45 a.m.

Beyond Google: What to Do When Google (Bing and Yahoo) Do Not Answer Your Questions in a Useful Way


Presented by Stephen Arnold, ArnoldIT

The purpose of this tutorial is to provide recommendations for specific online search tactics tailored to law enforcement and intelligence professionals. In this two hour session, Stephen E Arnold will walk through "how to's" for four specific cases/situations in which free open source online services can help handle the types of questions investigators and analysts often have in different languages.

Questions the presentation will address include:

• What are important tips to work around Google filters for general queries?
• When should Bing or Yahoo be used to dig more deeply into open source content?
• How does an investigator/analyst research content in language other than English?
• How does an investigator translate non-English content in real time and for free?
• What free tools are available to determine relationships among and between persons of interest?
• What free and open source information services provide current data about individuals and their activities?
• What free system displays relationships and telephone numbers in the Bing index?
• How can an investigator / analyst maximize time in a critical research task?

Seminar #9
11:00-12:00 p.m.

Smart Systems Substance or Shadow, Blind Spots or Shadow. Blind Spots in Mainstream Intelligence Systems


Presented by Stephen Arnold, ArnoldIT

Despite the high profile of Big Data and surveillance in the
US, the systems used by intelligence and law enforcement
professionals have limitations.
This lecture will seek to answer these key questions for practitioners in intelligence:

• Are next generation systems delivering value to licensees?
• Are sophisticated systems hardened and reliable?

What are the limitations within which these smart systems operate for the intelligence professional?

Seminar #10
1:00-3:15 p.m.

Visual Analytics: Discovering Real-World Patterns by Exploiting Meta Data Content

Presented by: Christopher Westphal, Raytheon Cyber Products

Seminar #11
3:30-4:30 p.m.

Big Data Analytics for Entity Based Representations: Detecting Networks, Connections, and Correlations

Presented by: Christopher Westphal, Raytheon Cyber Products

Home : Contact Us