AGENDA : 7-9 December 2021
ISS World Europe is the world's largest gathering of Regional Law Enforcement, Intelligence and Homeland Security Analysts, Telecoms as well as Financial Crime Investigators responsible for Cyber Crime Investigation, Electronic Surveillance and Intelligence Gathering.
ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety, Government and Private Sector Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network, the Internet and Social Media.
Track 1: Lawful Interception and Criminal Investigation Training
Track 2: LEA, Defense and Intelligence Analyst Product Demonstrations
Track 3: Social Network Monitoring, Artificial Intelligence and Analytics Product Training
Track 4: Threat Intelligence Gathering and Cyber Security Product Training
Track 5: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction
Track 6: Mobile Signal Intercept Training and Product Demonstrations
Track 7: Electronic Surveillance Training and Product Demonstrations
Track 8: 5G Lawful Intercept, Tracking and Forensics Product Training
Plus Special Training Seminars lead by Law Enforcement Officers and Ph.D. Scientists
ISS World Europe 2021 Program Agenda
Training Seminars Led by Law Enforcement Officers and Ph.D., Computer Scientists
25 classroom training hours, presented by Law Enforcement Officers and Ph.D. Scientists
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police
(6 classroom hours)Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
(7 classroom hours)Jerry Lucas (Ph.D., Physics), President, TeleStrategies
(4 classroom hours)Matthew Lucas (Ph.D., Computer Science), VP, TeleStrategies
(2 classroom hours)Vladimir Vesely (Ph.D., Computer Science) Researcher, Brno University of Technology
(3 classroom hours)
Tuesday, 7 December 2021
Seminar #1
08:30-15:05Online Social Media and Internet Investigations
Presented by: Charles Cohen, Cohen Training and Consulting, LLC, also holds the position of Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police08:30-09:20
The role of Online Social Media OSINT in Predicting and Interdicting Spree Killings: Case Studies and Analysis09:25-10:15
OSINT and Criminal Investigations10:35-11:25
Metadata Exploitation in Criminal Investigations11:30-12:20
EXIF Tags and Geolocation of Devices for Investigations and Operational Security
13:20-14:10
Case Studies in Metadata Vulnerability Exploitation and Facial Recognition14:15-15:05
What Investigators Need to Know about Emerging Technologies Used to Hide on the InternetSeminar #2
08:30-15:05Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceThe aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet,
how to find data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox, and having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.08:30-09:20
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators09:25-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows
10:35-11:25
WIFI, geolocation, and Mobile Data traces and tracking11:30-12:20
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxies13:20-14:10
Advanced Techniques in Tracing Suspects, and lateral problem solving14:15-15:05
Open Source Tools, resources and techniques - A walk through my free law enforcement open source tools siteSeminar #3
08:30-09:20Understanding Mobile 2G, 3G, 4G & 5G Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis webinar addresses the infrastructure evolution of 2G to 3G to 4G to 5G and the impact on lawful interception.
Seminar #4
09:25-10:15Transitioning Lawful Interception Network Core Features from 4G to 5G: What's it Looking Like and Challenges Ahead
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesCellular market analysts collectively have identified 5G services deployed in over 400 cities spread over 30 or so countries. The one common feature of all these operations is that they are providing 5G services with a 4G/5G hybrid network infrastructures or so called non-Stand Alone (NSA) architecture. (Full description below Track 9)
Seminar #5
10:35-11:25Cybercurrency 101: What Technical Investigators Need to Know about Bitcoin and Altcoin Transactions, Dark Web Commerce and Blockchain Analysis
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesThis 101-training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically, this introduction to Bitcoin for technical investigators
Seminar #6
11:30-12:20Understanding Advanced Techniques to Defeat (or Work Around) Encrypted Third Party Services, Bitcoin Anonymity, TOR/HS and iPhone Encryption
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesYou can’t defeat today’s encryption (at least not that we know of) but law enforcement and the government intelligence community can “Work around encryption” for a price. Once you identify a target using commercially available encryption products or services (and with enough resources or money) government can defeat the target near 100% of the time.
Thursday, 9 December 2021
Seminar #7
13:00-14:00Understanding "Defeating Encryption" with Quantum Computing for Non-Engineers
Presented by: Jerry Lucas, (Ph.D, Physics) President, TeleStrategiesThis one hour, session is for cyber security executives and specialists who have the responsibility of assessing the lead time they have before deploying quantum safe cryptography solutions but don't have a technical background. If you believe nation state security agencies are developing quantum computing to decrypt your past and future intercepted transmission sessions, this high-level webinar should be a must attend briefing.
And to do this you need to understand how a quantum computing circuit works when designed for the sole purpose of defeating public key encryption.Seminar #8
13:00-14:00Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PolicePre-Conference Sessions Description At The End of Agenda PostinG
Wednesday, 8 December 2021
Welcoming Remarks
8:15-8:30 Tatiana Lucas, ISS World Program Director, TeleStrategies
8:30-9:00
Top Ten Internet Challenges Facing Law Enforcement and the Intelligence Community and Who at ISS World Europe has Solutions
Dr. Jerry Lucas, President, TeleStrategies
ISS World Europe Exhibit Hours:
Wednesday, 8 December 2021
10:00-18:15
Thursday, 9 December 2021
10:00 -14:00
Track 1: Lawful Interception and Criminal Investigation Training
This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.
Tuesday, 7 December 2021
14:15-15:05 Session A
Accelerating investigation workflows with specially designed IT-forensic laboratories
Presented by mh Service GmbH14:15-15:05 Session B
Memento Labs, the evolution of lawful 360˚ remote surveillance
Presented by Memento Labs14:15-15:05 Session C
The CY4GATE integrated Cyber-Intelligence solution
Providing Law Enforcement and Intelligence agencies with a “target centric” approach that allows to control and combine together in real-time all the information retrieved by the target under surveillance, levering on multiple class of active and passive sensors.
Presented by CY4GATE15:25-16:05
How Far States have to go to Secure the Net
-What is Regulatory Compliance / Digital Enforcement
-Why do governments need such solutions
-What are countries doing about it (use cases from the public sources)
Joseph Dadon, VP Sales, Allot16:10-17:00
ETSI/3GPP LI/RD Standards Update
Alex Leadbeater, 3GPP SA3-LI and ETSI TC Cyber Chairman and Head of Global Obligations Future and Standards, BT Security
Martin Kissel, ETSI TC LI Chairman and Coordinator Lawful Interception, Telefónica Germany
Carmine Rizzo, ETSI TC LI Technical Officer and 3GPP SA3LI Secretary, ETSI16:10-17:00
Enhancing Lawful Interception with the Five Elements of Cyber Law Enforcement
Criminal and terror organizations are using cyberspace to enhance operations and grow globally. Increased sophistication and the large variation of information channels are stretching intelligence agencies and police resources. Understanding the elements of Cyber Law Enforcement and efficiently utilizing them is key to the effective interception of outlaw activities.
Presented by TokaWednesday, 8 December 2021
09:00-10:00 Session A
Lawful Interception and Communication Data, Current & Future Challenges: Mobile, Cyber Security, Virtualization and AI - An industry view
Alex Leadbeater, 3GPP SA3-LI and ETSI TC Cyber Chairman and Head of Global Obligations Future and Standards, BT Security09:00-9:30 Session B
Protecting Mobile networks and Infrastructure from External Threat Actors
Presented by AdaptiveMobile Security09:00-09:30 Session C
Things to Consider When Choosing a Modern Lawful Interception Monitoring Center
Presented by Cognyte09:30-10:00 Session B
Optical Network Access, Visibility and Recording for 100Gbps and Beyond
Presented by Lumacron16:30-17:15
Digital Forensics Lab Evolved / Solving the challenge of modern data volumes
Presented by ExterroThursday, 9 December 2021
8:30-9:15
Intercepting and Collecting Web Evidence in the Times of TLS1.3 and HTTP3.0
The end-to-end HTTPS encryption and the volatile nature of web content make any interception and collection of data on the Internet a challenge. The presentation introduces methods addressing both of these phenomena – intercepting TLS/SSL connections with the help of man-in-the-middle attack employing proxy and automatically creating snapshots of problematic web pages. Speakers outline necessary theory (including news about TLS 1.3, HSTS, HTTP3.0), well-known attacks (e.g., renegotiation, downgrade, cipherspec change, and others), and industry-standard tools for traffic analysis (such as Wireshark, Fiddler proxy, SSL-Split) and decoding (e.g., Selenium, Scrapy). The session will include a live demo of MitM attack on HTTPS connection enhanced with covert extraction of form data, which would be later used to periodically web scrape and archive protected content.
Vladimir Vesely (Ph.D., Computer Science) and Jan Pluskal, Researchers, Brno University of Technology9:15-10:00
Password Cracking in Practice
As more and more traffic and data on the Internet are being protected end-to-end, decrypting information becomes more critical than ever before. The presentation outlines password-cracking use-cases, employed formats, current GPU/FPGA performance limits, and existing (non-)commercial cracking tools. Speaker will show how to: a) automatically extract hashes from encrypted documents; b) prepare and evaluate password keyspace (e.g., generate passwords using Markov chains / rule-based grammars and handling of passwords containing national characters); c) orchestrate various cracking strategies (e.g., a combination of dictionaries). Participants will be provided with tips and tricks on how to use Hashcat more effectively and how to distribute password cracking task on their infrastructure.
Vladimir Vesely (Ph.D., Computer Science) and Jan Pluskal, Researchers, Brno University of Technology13:00-14:00
Overview of CC-DRIVER and RAYUELA Projects for Recognizing Human Factors and Drivers of Young Cybercriminality
José L. Diego, Head of Project Management, Valencia Local Police
Rubén Fernández, Valencia Local Police13:00-14:00
Understanding "Defeating Encryption" with Quantum Computing for Non-Engineers
Presented by: Jerry Lucas, (Ph.D, Physics) President, TeleStrategies
Track 2: LEA, Defense and Intelligence Analyst Product Demonstrations
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 7 December 2021
08:30-09:20 Session A
The Wide Area Network vs. Moore's Law: Generating IP Intelligence at 100G and beyond
Gene Litt, CTO, NetQuest09:25-10:15 Session A
Carrier in Carrier Analysis: Determine the impact of Carrier in Carrier technology on your satellite monitoring capabilities
Presenting the challenges posed by Carrier in Carrier technologies and VASTech’s approach to the analysis of Carrier in Carrier signals and the separation of Symmetrical and Asymmetrical Carrier in Carrier Signals.
Presented by VASTech09:25-10:15 Session B
TOVEK - creating missing knowledge from disparate information sources
Presented by Tovek10:35-11:25 Session A
NEW METHODS AND TOOLS DESIGNED FOR LAW ENFORCEMENT AGENCIES FOR ADVANCED CRIMINAL INVESTIGATION
In this presentation, potential new technologies will be presented to help law enforcement agencies in their day-to-day law enforcement tasks. The focus of the session will be on practical use cases and scenarios for prosecution, that also takes future technological developments into account.
Presented by Utimaco10:35-11:25 Session B
Efficient Cryptanalysis Infrastructure - Doing More with Less
Presented by SciEngines11:30-12:20 Session A
Different Intelligence Sources combined under a single analytical platform – an innovative approach
Presented by Gamma Group11:30-12:20 Session B
Product Demonstration Session
Presented by BAE Systems AI13:20-14:10 Session A
Simplify investigation with one platform
Presented by ATIS13:20-14:10 Session B
New experience gained from Voice Biometrics and Speech Analytics deployments
Presented by Phonexia14:15-15:05 Session A
Don’t let the new 5G SA Privacy Features stop you from catching IMSIs
Sander de Jong, Group 200014:15-15:05 Session B
Cyber Intelligence in Our Increasingly Privacy & Security Conscious Environment
Presented by Wintego15:25-16:15 Session A
The Role and Importance of Covert Communication in Data Transmission
Presented by Vlatacom15:25-16:15 Session B
How to transform network data into intelligence in spite of encrypted and obfuscated IP traffic
Presented by Rohde Schwarz15:25-16:15 Session C
Commercial SIGINT - unrestricted, global and large-scale accurate geo-monitoring and profiling of connected devices
VP Sales and Marketing, GeoGence16:30-17:20
Session Title TBA
Presented by ClearTrail TechnologiesWednesday, 8 December 2021
09:00-10:00 Session A
Setting standards in Cyber Technology & Defense
Presented by NSO Group
09:00-09:30 Session C
NEO. Targeted Mission-Based Investigation
Presented by FinFisher09:00-10:00 Session D
Industry Secrets of end-to-end data Collection and Analysis: How technology is changing everything and what you need to do, now!
Presented by BAE Systems AI09:30-10:00 Session B
Collection in a privacy driven era: We mapped out the collection options
Presented by Cognyte09:30-10:00 Session C
WiFi Intelligence Gathering - A Key Piece of the Strategic Intelligence Puzzle
Presented by FinFisher
13:00-13:45 Session A
Advanced Tactical Interception and Data Extraction Vectors
Presented by Ateros13:00-13:45 Session B
Digital Toolbox: the investigator’s best friend
Presented by AREA13:00-13:45 Session C
A Safe Landing based approach to Sensitive and Urban Scenario Counter-Drone Defense
Presented by D-Fend13:45-14:30
Automating forensic Speaker Recognition for Cyber Crime units
Presented by ATIS15:00-15:45 Session A
LIMS, only black box! Or can it bring additional value to LEAs?
Presented by Sedam15:45-16:30
Encrypted or not - every IP-packet tells a story
Mark Uldahl, CTO, XCI A/S16:30-17:15 Session B
Illuminating the Dark - Technologies for Unmasking Darknet Criminals
Presented by FinFisher16:30-17:15 Session C
Live Demo. Real Investigation, from OSINT and exfiltration to active cyber security tools (Cyberwarfare).
How to follow the targets in the cyberspace and exfiltrate information, finally using Thor Hammer to neutralize their connected systems.
Presented by MOLLITIAM CYBERINTELLIGENCEThursday, 9 December 2021
08:30-09:15 Session A
Guess who is using THAT App in your Country. Metadata as IP Intelligence
Presented by AREA08:30-09:15 Session B
Fibre Signal Analysis: What intelligence value does a fibre link contain?
Presenting VASTech’s approach to Signal Analysis, Protocol Analysis, Application Classification, Metadata Exploration and Content Evaluation on fibre optic links on a single platform. Enabling agencies to obtain maximum value by understanding the content of a fibre and capturing the useful information.
Presented by VASTech09:15-10:00 Session A
Real Time Application Forensics: Finding suspects and evidence on an encrypted internet
Presented by Sandvine09:15-10:00 Session B
Practical and creative example of modifying Android OS by HEX editing system files, and having regular applications to achieve surveillance.
Denis Cuculic, CEO ex. Head of Technical Department, PRO4SEC11:00-11:45 Session A
trovicor’s best kept secret – The whole truth about the Intelligence Platform
Presented by Trovicor11:00-11:45 Session B
Following the black rabbit - Advanced targets monitoring
Presented by Memento Labs11:45-12:30
Data Enrichment Techniques and Sources for Internet Investigations
Presented by Packet Forensics
Track 3: Social Network Monitoring, Artificial Intelligence and Analytics Product Training
Sessions in this track are only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees, unless marked otherwise.
Tuesday, 7 December 2021
08:30-09:20 Session A
Massive Social Media data collection and analysis for Counter-Terrorism Intelligence Activities
Presented by IPS09:25-10:15
WhatsApp, Telegram, Facebook...how IPS helps you to locate most wanted targets with LI
Presented by IPS11:30-12:20
Using AI-based Risk Scoring for Multi-source Target Acquisition and Prioritization
Presented by Simulation Software & Technology, S2T13:20-14:10 Session A
Combating Threats with Advanced AI-Driven Technologies – Leveraging open source data to anticipate and prevent future attacks
Presented by Voyager Labs13:20-14:10 Session B
SCOPE Product – A Real Life Scenario (demo)
Presented by Innosystec14:15-14:40 Session A
Combating Threats with Advanced AI-Driven Technologies – Leveraging open source data to anticipate and prevent future attacks
Presented by Voyager Labs14:15-14:40 Session B
Automatic Exploitation of Social Network, Deep and Dark Web to complement traditional Lawful Interception Infrastructure for Target Profiling.
Presented by IPS14:40-15:05 Session B
Machine Learning in a Command and Control Centre for covert field operations and situation awareness
Presented by IPS15:25-16:15 Session A
How social media platforms are limiting the API approach and advanced DB queries
Presented by Cognyte15:25-16:15 Session B
Multimedia Monitoring and Forensics Laboratory
Presented by Everis16:30-17:20 Session A
The hype of AI usage in intelligence is facing multiple challenges
Presented by Cognyte16:30-17:20 Session B
VoIP Forensics: Revealing encrypted VoIP communication network of criminal organizations
Presented by Sandvine16:30-17:20 Session C
Uncovering Intelligence on Messaging Apps
How to track and profile cyber criminals using large sources of data collected on mobile messaging apps
Liran Sorani, Cyber Business Unit Manager, Webhose.io
Wednesday, 8 December 2021
09:00-10:00
Tactical Web Intelligence (WEBINT) & Social Engineering: Gathering Actionable Intelligence via a powerful WEBINT platform
Presented by Cobwebs Technologies13:00-13:45 Session A
Location & Open Source Intelligence: Real Life Case Studies & Live Demonstration
Presented by Cobwebs13:00-13:45 Session B
Propaganda 4.0: is fake news really so new? A Journey through the various ways in which media is used
Presented by Gamma Group13:00-13:45 Session C
Using ML, device fingerprinting (not just IP addresses) and tactical fiber systems to detect threats and anomalies in mass IP data. A discussion with use cases on sophisticated rule based systems.
Presented by Vehere13:00-13:45 Session C
SCOPE Product – Prevent and Predict
Presented by Innosystec13:45-14:30 Session A
Discover the Unknowns of the Digital Sphere
Presented by Ultra13:45-14:30 Session B
Gens.AI, the Cyber Humint solution that can automate the management of virtual identities
Starting from the digital profile creation and its background maintenance, to the execution of under-cover operations on the Internet.
Presented by CY4GATE13:45-14:30 Session C
Follow the digital traces in social media- approaches and best practices to leverage the potential of cloud data in your investigations
As more people spend time on social applications, investigations today require data that resides beyond the mobile device. We will explore technologies that can help you effectively surface evidence from public and private domain data, in cloud-based applications, services and web pages to identify suspects and solve cases fast.
Muna Assi, Senior Product Marketing Manager, Cellebrite15:00-15:45 Session A
Unlocking the full potential of speech technologies to transform OSINT and COMINT
Presented by Vocapia15:00-15:45 Session B
trovicor’s best kept secret – The whole truth about the Intelligence Platform
Presented by Trovicor15:00-15:45 Session C
Transforming Investigations & Risk Assessment with Artificial Intelligence
Presented by Voyager Labs15:45-16:20
Session Title TBA
Presented by ClearTrail Technologies16:30-17:15
Real-Time Location Intelligence To achieve Situational Awareness
Presented by IntergraphThursday, 9 December 2021
08:30-09:15 Session A
Transforming Investigations & Risk Assessment with Artificial Intelligence
Presented by Voyager Labs08:30-9:15 Session B
ATIS PANDORA - fast visualization, analysis and fusion of large data sets from different sources
Presented by ATIS09:15-10:00 Session A
SCOPE Product – Bringing Data to Life
Presented by Innosystec09:15-10:00 Session B
How to Protect the Status of Data Traffic Without Changing the Status Quo
-DPI as a starting point (watch the network)
-Application Control and Network Management
-Network Security and Traffic Prioritization
Joseph Dadon, VP Sales, Allot09:15-10:00 Session C
Social Links for Social Media and Open Source intelligence and investigations
Presented by Social Links11:00-11:45 Session A
Mission critical OSINT screening with Facepoint, high-risk individual detection
Presented by FacePoint11:00-11:45 Session B
Using ML, device fingerprinting (not just IP addresses) and tactical fiber systems to detect threats and anomalies in mass IP data. A discussion with use cases on sophisticated rule based systems.
Presented by Vehere11:00-11:45 Session C
AI-based Language Technology Solutions to Handle Multi-language OSINT & COMINT
Presented by SYSTRAN13:00-14:00
Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
Track 4: Threat Intelligence Gathering and Cyber Security Product Training
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees
Tuesday, 7 December 2021
9:25-10:15
Live Demo. Real Cyberoperation, invisible control of Android smartphones, Windows/macOS systems and Clouds (hijacking).
Live Demo of the latest technology used to take invisible control of target systems, and lessons learned in tactical operations in the Cyberspace.
Presented by MOLLITIAM CYBERINTELLIGENCE10:35-11:25
Mapping an Effective Intelligence Picture for Maximum Results (LIVE DEMO)
Presented by Rayzone Group
13:20-14;10
Disrupt cyber threats by unmasking your adversaries
Presented by 4iQWednesday, 8 December 2021
13:00-13:45
Hushmeeting: creating an iron-clad and quantum-safe communication environment
Presented by Feedback Italia13:45-14:30
Global Signalling Threat Analysis and Insights for Cyber Intelligence
Presented by AdaptiveMobile Security15:00-15:45
The Next Generation of Cybersecurity for Intelligence Agencies (LIVE DEMO)
Presented by Rayzone Group15:45-16:30 Session A
Encrypted & Evasive Traffic: New Visibility with Next-Generation DPI
As cyber attacks become increasingly sophisticated, the effectiveness of detection and investigation capabilities depends more and more on the quality, detail and accuracy of the network traffic information delivered for threat analytics. Discover a new generation of DPI sensors, enriched with flow analytics and advanced data mining techniques, capable of delivering critical visibility into encrypted traffic to support triage for decryption, advanced analytics, anomaly detection and forensics. The sensors can also detect and extract data about traffic using evasive techniques, such as VPNs, anonymizers, covert communications channels, complex tunneling, domain fronting, traffic/file spoofing, etc., and provide data that can be leveraged to identify users and locate devices.
Sebastien Synold, Product Manager, Qosmos DPI Business Unit, ENEA15:45-16:30 Session B
Exploitation & Operations Security (OpSec) in Cyber Intelligence Ops
Presented by SecfenseThursday, 9 December 2021
08:30-09:15
ADINT - Monitor Digital Footprints to Anticipate and Prevent Evolving Threats (LIVE DEMO)
Presented by Rayzone Group13:00-14:00
How to Protect your RF Environment Against Illegal Interception Systems
Presented by Rayzone Group
Track 5: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction
This track is for law enforcement and private enterprise investigators who have to monitor and investigate the DarkNet along with Bitcoin transactions associated with criminal activities
Note: Some sessions are only open to LEA and Government. These sessions are marked accordingly.
Tuesday, 7 December 2021
10:35-11:25
Cybercurrency 101: What Technical Investigators Need to Know about Bitcoin and Altcoin Transactions, Dark Web Commerce and Blockchain Analysis
Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies13:20-14:10
Automated data collection and normalization from clearnet, darknet and deep web sources
Presented by Kofax14:15-15:05
Live Demonstration of DarkOwl Vision: Darknet Intelligence Discovery and Collection
David Alley, CEO, DarkOWL FZE
(THIS SESSION IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)15:25-16:15
Offline Darknet web-crawling with the Web-I-Qube
Presented by mh-Service GmbH
(THIS SESSION IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)16:30-17:20
Identifying Darknet Suspects: When Law Enforcement Hacks
Presented by SearchlightWednesday, 8 December 2021
15:45-16:30
Profile, target and investigate the Darknet. Reinventing traditional HUMINT in the Digital Era
Presented by AREA
(THIS SESSION IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)Thursday, 9 December 2021
11:00-11:45 Session A
Correlating Blockchain Activity with Real-Life Events and Entities
The session starts with the outline of current methods for blockchain and traffic analysis. Speaker explains in detail the properties of cryptocurrencies, including address clustering, coin-joining of inputs, transaction mixing, and traffic correlation. It then focuses on employing previously described methods to obtain intel about dark marketplace operators, vendors, and buyers. To address cryptocurrency forensics, we have developed a set of tools (exclusively available to law enforcement agencies) that are capable of correlating things happening in real-life with the blockchain. Moreover, participants will have a chance to bring their cryptocurrency addresses/transactions for assessment.
Vladimir Vesely (Ph.D., Computer Science) and Jan Pluskal, Researchers, Brno University of Technology13:00-14:00
Follow the Cryptocurrency trail to trace the next terrorist
Presented by Cognyte
Track 6: Mobile Signal Intercept Product Training and Demonstrations
This track is for Law Enforcement, Interior Security and the Government Intelligence Community who must work with cellular and mobile satellite operators regarding mobile location, electronic surveillance and RF intercept.
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.Tuesday, 7 December 2021
8:30-9:20 Session A
SCPC/VSAT Interception in CiC/CuC Scenarios
Presented by Rohde Schwarz8:30-9:20 Session B
Understanding Mobile 2G, 3G, 4G and 5G Infrastructure, Intercept and Cryptography
Dr. Jerry Lucas, President, TeleStrategies10:35-11:25
VSAT Networks: Tactical and Strategic Threat Detection and Geolocation
Presented by Kratos11:30-12:20
Latest techniques of detecting and neutralizing IMSI Catchers and Wi-Fi monitoring systems
Presented by NeoSoft13:30-14:10
Real-time identification and geo-location in mobile networks: how to identify and get, in real-time, the accurate position of a handset in a mobile network
Presented by Evistel15:25-16:15
Hiding from SIGINT - mobile network approach
Presented by MACRO-SYSTEM16:20-17:20
Distributed IMSI Catching & Private networks
Nick Johnson, CTO & Head of PLM, IP AccessWednesday, 8 December 2021
09:00-10:00
Title TBA
Presented by Intellexa13:45-14:30 Session B
Breaking the borders of tactical cyber-intelligence
Presented by Jenovice15:00-15:45
Next-generation IMSI Catcher with public number detection: overview of latest developments and trends
Presented by NeoSoft15:45-16:30
Providence Training Academy
Presented by ProvidenceThursday, 9 December 2021
08:30-09:00
Mobile Radio Analysis Solutions with 5G for Government
Presented by Rohde Schwarz09:15-10:00
5G Tactical solutions and interoperability
Presented by EXFO11:45-12:30
Seeing Beyond - Groundbreaking Intelligence Gathering Platform for the IoT Landscape
The IoT landscape is the fastest-growing part of the digital landscape. Groundbreaking intelligence software presents a breakthrough in intelligence gathering, to enhance investigations, operations, and emergency situations, all of which are extremely necessary for the post-COVID-19 era. The presentation will be followed by a product demo.
Presented by Toka
Track 7: Electronic Surveillance Training and Product Demonstrations
This track is for law enforcement investigators and the government intelligence community who are responsible for deploying video, audio and GPS surveillance products and only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 7 December 2021
8:30-9:20
Intelligent Connections - Gathering Intelligence from IoT Made Simple
Presented by Interionet9:25-10:15
Taking Control with Drone Takeover C-UAS technology for sensitive and urban environments
Presented by D-Fend11:30-12:20
A new paradigm for covert audio surveillance in large areas
Presented by CommeshWednesday, 8 December 2021
13:00-13:45
Simultaneous use of many Squarehead Audio recorders in complex and challenging acoustic environments.
Stig Nyvold, CEO, Squarehead Technology15:00-15:45
Waveguard’s border monitoring and control solutions
Presented by WaveGuard15:45-16:20
Seeing Beyond - Groundbreaking Intelligence Gathering Platform for the IoT Landscape
The IoT landscape is the fastest-growing part of the digital landscape. Groundbreaking intelligence software presents a breakthrough in intelligence gathering, to enhance investigations, operations, and emergency situations, all of which are extremely necessary for the post-COVID-19 era. The presentation will be followed by a product demo.
Presented by Toka16:30-17:15
Border Security and Force Protection Analytics using Passive RF
Presented by Packet Forensics
Track 8: 5G Lawful Interception Product Training
This track is open to all conference attendees.
Tuesday, 7 December 2021
9:25-10:15
Understanding 5G Network Core (NFV, SDN, EDGE Computing and Network Slicing) for Law Enforcement Investigators
Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies15:25-16:15
The challenges 5G brings to cellular Security & Surveillance
Nick Johnson, CTO & Head of PLM, IP Access16:30-17:20
Changing Needs for LEAs with 5G, Location and Encryption
Presented by SS8
Wednesday, 8 December 2021
13:00-13:45
LAWFUL INTERCEPTION IN 5G MOBILE NETWORKS
This session will elaborate the needs and the challenges of lawful interception in current and future wireless networks. Network operators and law enforcement agencies will get practical advice and hear about best practice techniques for the implementation of LI in 5G networks.
Presented by Utimaco13:45-14:30
Challenges to consider when preparing for the 5G Lawful Interception Era
Presented by Cognyte15:00-15:45
LAWFUL INTERCEPTION OF ROAMING TARGETS (S8HR)
S8HR is recognized as the easiest LTE Roaming architecture to implement by many mobile operators. With all mobile traffic traversing the home network, there are lawful intercept limitations when monito- ring VoLTE calls of visiting roamers. In this session we will present solutions to meet these challenges.
Presented by Utimaco15:45-16:30
Real World Interpretation of 5G LI Requirements and Implicatios for Carriers and LEAs with 5G
Presented by SS8
Training Seminars Led by Law Enforcment Officers and Ph.D Computer Scientists
Tuesday, 7 December 2021
Seminar #1
08:30-15:05Online Social Media and Internet Investigations
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police08:30-09:20
The role of Online Social Media OSINT in Predicting and Interdicting Spree Killings: Case Studies and Analysis09:25-10:15
OSINT and Criminal Investigations10:35-11:25
Metadata Exploitation in Criminal Investigations11:30-12:20
EXIF Tags and Geolocation of Devices for Investigations and Operational Security
13:20-14:10
Case Studies in Metadata Vulnerability Exploitation and Facial Recognition14:15-15:05
What Investigators Need to Know about Emerging Technologies Used to Hide on the InternetSeminar #2
08:30-15:05Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceThe aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet,
how to find data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox, and having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.08:30-09:20
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigatorsHow it works. Why it works. How it works for us .How data traffic leaves a trace ; What the internet is; what is an IP and how is it significant to trace a person. IPv4 and IPv6 – understanding the changes- the benefits and pitfalls for the investigator. The internet has millions of copies of data on it - why, and where can we find this. Tracking and evaluating data. MAC adders tracking.
09:25-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadowsWhat data is available. How to harvest and analyze it. Best practice to identify suspects and build profiles. Good practice, virtual data 'housekeeping' and tradecraft .Data collection and interrogation, significance and value. IP usage, exploitation and dynamics; IP plotting and analysis how to look for suspect mistakes and exploit them ( where they show their id). Dynamic approaches to identifying suspects through internet profiles. What investigators get from tech and service providers, and how to analyze it. Investigator capabilities and opportunities.
10:35-11:25
WIFI, geolocation, and Mobile Data traces and trackingA detectives look at Wi-Fi, attribution, cell site data, GPRS location services and technology. How an investigator can track devices, attribute suspects locations, devices and movement. Unique communication identifiers. Dynamic live time tracing. Geo location services and uses. Online Surveillance and tracking movement and speed.
11:30-12:20
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxiesHow suspects are using emerging and new technologies.
An introduction to where technology is going, and how Law enforcement can use this to our advantages. dynamic and pro-active problem solving. Darknet, (Deep web) , TOR and IRC use. VOIP, Skype and FaceTime exploits. Advanced data sniffing and profile building. TOR systems, applications and ways to coax offenders out of the system.13:20-14:10
Advanced Techniques in Tracing Suspects, and lateral problem solvingUsing innovative and dynamic methods to trace offenders. Tricks used by suspects and how to combat them- Play them at their own game?. Covert internet investigations. Proxy servers and hiding. Managing collateral intrusion. Reverse and social engineering. Thinking outside the box. Lateral thinking. Possible missed opportunities. Profile building and manhunts through device footprints, speed and movement.
14:15-15:05
Open Source Tools, resources and techniques - A walk through my free law enforcement open source tools site"Just google it" doesn't work anymore. A look at good tradecraft, practice and methodology in profiling, tracking and tracing digital footprints and shadows on the internet, by means of best available tools. A look at a selection of 200+ tools available on Mark's open source law enforcement tools website, that search engines can’t see, with login and password provided during the session. Do's and do nots. Best tools for best results. When was the last time you 'googled' something in an investigation, and it returned 5 results, all specifically relating to your suspect? This session will teach you how.
Seminar #3
08:30-09:20Understanding Mobile 2G, 3G, 4G & 5G Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis webinar addresses the infrastructure evolution of 2G to 3G to 4G to 5G and the impact on lawful interception. Specifically;
Network Architecture Evolution from 2G to 3G, 3G to 4G, 4G to 5G regarding radio technology (TDMA, CDMA, OFDM and MIMO), network core from CSFB to VoLTE and SS7 to Diameter.
Encryption, Target Identification and Location: SIM and eSIM cards, IMSI and Target ID, encryption algorithms (A3, A5, A8 and Ki) and basically how user authentication and traffic encryption is accomplished.
Target Location Tracking with CDR analysis, MAC address farming, MITM attacks, SS7 access, IMSI catchers and IT intrusion.
4G to 5G Transition Specifics Understanding 5G Non Stand Alone (NSA) vs. SA 5G, the IMSI catcher issue (myth vs. realities), 5G Cryptography (ECC, SUPI, SUCI), 5G target location enhancement and LTE/NR Internetworking and Co-existance.
5G Spectrum What can 5G deliver with mid vs. high frequency spectrum and what new spectrum bands are soon to be auctioned off
SA 5G Infrastructure Features: NFV, SDN, Edge/Cloud Computing and Network Slicing
Seminar #4
09:25-10:15Transitioning Lawful Interception Network Core Features from 4G to 5G: What's it Looking Like and Challenges Ahead
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesCellular market analysts collectively have identified 5G services deployed in over 400 cities spread over 30 or so countries. The one common feature of all these operations is that they are providing 5G services with a 4G/5G hybrid network infrastructures or so called non-Stand Alone (NSA) architecture.
In reality lawful interception of non-standalone is not any different from 4G interception regarding new LI feature additions. The next LI challenge will be for 5G SA. This webinar addresses the technical challenges facing law enforcement, 5G operators and ISS vendors. Specifically the four transitions are:
- 5G Network Challenges Identifiers: How are law enforcement going to grab 1gbps traffic streams; backhaul to monitoring centers and filter non-important traffic of interest.
- 5G Edge Cloud Computing: How do you intercept on a 5G operators IT systems, deal with proprietary system protocols, e2e encryption and localized content
- 5G Virtual Network Core: How complicated will this be regarding LI, VoIP on virtual devices and what LI barriers has the IETF created
- 5G Network Slicing: Is this 5G feature restricted to private enterprises or will 5G MVNO’s provide public mobile wireless services, How will law enforcement interconnect with 5G OSS provisioning systems and what is the LI point of interconnection?
Seminar #5
10:35-11:25Cybercurrency 101: What Technical Investigators Need to Know about Bitcoin and Altcoin Transactions, Dark Web Commerce and Blockchain Analysis
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesThis 101 training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically, this introduction to Bitcoin for technical investigators addresses:
- Bitcoin Basics for Technical Investigators
- Understanding Bitcoin Infrastructure, Blockchain and Bitcoin Mining
- How Criminals and Terrorists Use TOR and Dark Web
- Bitcoin Cryptography Demystified (For Non-Math Majors)
- Popular Altcoins used by Criminals and the New Challenges Facing Law Enforcement
Seminar #6
11:30-12:20Understanding Advanced Techniques to Defeat (or Work Around) Encrypted Third Party Services, Bitcoin Anonymity, TOR/HS and iPhone Encryption
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesYou can’t defeat today’s encryption (at least not that we know of) but law enforcement and the government intelligence community can “Work around encryption” for a price. Once you identify a target using commercially available encryption products or services (and with enough resources or money) government can defeat the target near 100% of the time.
This session:
- Analyses the top third party encrypted serves (Telegram, Silent Circle, WhatsApp, Skype, Viber,TOR, TOR/HS); the cryptography deployed; why criminals and terrorists choose one over the other; and related LI challenges.
- Presents the common techniques for defeating the encryption deployed in these services, and their success/weakness, including:
- Man in the Middle Attacks
- IT Intrusion (Installing Malware)
- Exploiting bugs in SSL/TLS
- Connecting the “metadata” dots between known targets and communication patterns
- Case studies working around third party encryption case studies, e.g. how was it done!
- TOR / DarkNets (TOR/HS)
- Bitcoin Traceback
- Mobile phone/encryption cracking
- Future Directions in cryptography presenting new challenges for law enforcement and the government intelligence community.
Thursday, 9 December 2021
Seminar #7
13:00-14:00Understanding "Defeating Encryption" with Quantum Computing for Non-Engineers
Presented by: Jerry Lucas, (Ph.D, Physics) President, TeleStrategiesThis one hour, session is for cyber security executives and specialists who have the responsibility of assessing the lead time they have before deploying quantum safe cryptography solutions but don't have a technical background. If you believe nation state security agencies are developing quantum computing to decrypt your past and future intercepted transmission sessions, this high-level webinar should be a must attend briefing.
And to do this you need to understand how a quantum computing circuit works when designed for the sole purpose of defeating public key encryption.Seminar #8
13:00-14:00Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police