ISS World Europe is the world's largest gathering of Regional Law Enforcement, Intelligence and Homeland Security Analysts, Telecoms as well as Financial Crime Investigators responsible for Cyber Crime Investigation, Electronic Surveillance and Intelligence Gathering.
ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety, Government and Private Sector Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network, the Internet and Social Media.
Track 1: Lawful Interception and Criminal Investigation Training
Track 2: LEA, Defense and Intelligence Analyst Product Demonstrations
Track 3: Social Network Monitoring, Artificial Intelligence and Analytics Product Training
Track 4: Threat Intelligence Gathering and Cyber Security Product Training
Track 5: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction
Track 6: Mobile Signal Intercept Training and Product Demonstrations
Track 7: Electronic Surveillance Training and Product Demonstrations
Track 8: 5G Lawful Intercept, Tracking and Forensics Product Training
Track 9: Financial Crime Investigation and Training
Plus Special Training Seminars lead by Law Enforcement Officers and Ph.D. Scientists
ISS World Europe 2020 Program Agenda
Training Seminars Led by Law Enforcement Officers and Ph.D., Computer Scientists
30 classroom training hours, presented by Law Enforcement Officers and Ph.D. Scientists
Charles Cohen, Cohen Training and Consulting, LLC, also holds the position of Captain, Office of Intelligence & Investigative Technologies, Indiana State Police, USA
(6 classroom hours)Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
(7 classroom hours)Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC and retired 27-year US Federal
Law Enforcement Officer
(5 classroom hours)Jerry Lucas (Ph.D., Physics), President, TeleStrategies
(4 classroom hours)Matthew Lucas (Ph.D., Computer Science), VP, TeleStrategies
(2 classroom hours)Vladimir Vesely (Ph.D., Computer Science) Researcher, Brno University of Technology
(3 classroom hours)
Andrew Lewman, VP, DarkOWL and Former Executive Director, The TOR Project
(3 classroom hours)Tuesday, 9 June 2020
Seminar #1
08:30-15:05Online Social Media and Internet Investigations
Presented by: Charles Cohen, Cohen Training and Consulting, LLC, also holds the position of Captain, Office of Intelligence & Investigative Technologies, Indiana State Police, USA08:30-09:20
The role of Online Social Media OSINT in Predicting and Interdicting Spree Killings: Case Studies and Analysis09:25-10:15
OSINT and Criminal Investigations10:35-11:25
Metadata Exploitation in Criminal Investigations11:30-12:20
EXIF Tags and Geolocation of Devices for Investigations and Operational Security
13:20-14:10
Case Studies in Metadata Vulnerability Exploitation and Facial Recognition14:15-15:05
What Investigators Need to Know about Emerging Technologies Used to Hide on the InternetSeminar #2
08:30-15:05Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceThe aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet,
how to find data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox, and having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.08:30-09:20
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators09:25-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows
10:35-11:25
WIFI, geolocation, and Mobile Data traces and tracking11:30-12:20
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxies13:20-14:10
Advanced Techniques in Tracing Suspects, and lateral problem solving14:15-15:05
Open Source Tools, resources and techniques - A walk through my free law enforcement open source tools siteSeminar #3
08:30-09:20Understanding Mobile 2G, 3G, 4G & 5G Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session covers what technical investigators need to know about 2G/3G/4G infrastructure, SIM Cards, Authentication, CDR analysis, SS7 and more.
Seminar #4
09:25-10:15Understanding 5G Network Core (NFV, SDN, EDGE Computing and Network Slicing) for Law Enforcement Investigators
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesThis session presents the challenges telecom operators and law enforcement face with the transition from a 4G/LTE to a 5G Core.
Seminar #5
10:35-11:25Cybercurrency 101: What Technical Investigators Need to Know about Bitcoin and Altcoin Transactions, Dark Web Commerce and Blockchain Analysis
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesThis 101-training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically, this introduction to Bitcoin for technical investigators
Seminar #6
11:30-12:20Understanding Advanced Techniques to Defeat (or Work Around) Encrypted Third Party Services, Bitcoin Anonymity, TOR/HS and iPhone Encryption
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesYou can’t defeat today’s encryption (at least not that we know of) but law enforcement and the government intelligence community can “Work around encryption” for a price. Once you identify a target using commercially available encryption products or services (and with enough resources or money) government can defeat the target near 100% of the time.
Seminar #7
16:30-17:15SSL/TLS Interception Workshop
Presented by: Vladimir Vesely (Ph.D., Computer Science) and Jan Pluskal, Researchers, Brno University of TechnologyThe presentation introduces methods for intercepting TLS/SSL connections. The focus is on man-in-
middle attack employing TLS/SSL proxy and other ways how to obtain session's private keys. Speakers will outline necessary theory (including the history of SSL/TLS framework design), well-known attacks (including OpenSSL Hearthbleed, Logjam or BEAST) and industry standard tools (such as Wireshark, NetFox Detective, Fiddler Proxy and SSL-Split). The session will also include a live demonstration of MitM attack on HTTPS connections enhanced with form-logging JavaScript injection. Participants will receive free of charge access to test-bed, which consists of real devices (and their traffic) including the prototype of our hardware probe decrypting SSL/TLS on-the-fly.Thursday, 11 June 2020
Seminar #8
08:30-11:45Special Half Day DarkNet Seminar
by Andrew Lewman, Vice President, DarkOWL and Former Executive Director, The TOR Project08:30-09:15
Indexing the dark net – how do you catalog and search something that is not meant to be easily scrubbed? What's possible?09:15-10:00
Case studies / examples in dark net investigations – de-anonymizing examples / approaches / best practices / lessons learned.
11:00-11:45
Future directions - what's next in dark net infrastructure, dark markets and investigation implications
This one-hour session will explore the protection of weak points and future proofing banks against cyber-attacks.Seminar #9
08:30-14:00Concerns and Considerations in Financial Crime Investigations
Presented by: Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC Mike is a former US Federal Law Enforcement Officer who specialized in complex fraud and cybercrime investigations and currently provides training to improve detection and investigations of fraud, money laundering and counter terror finance.08:30-09:15
Criminal Essentials: The Needs of a Criminal Network09:15-10:00
Financial Crime Schemes in Money Laundering11:00-11:45
The Essentials of Trade Based Money Laundering12:45-13:30
How Does Money Actually Move?13:30-14:00
Follow the Money Beyond the BanksSeminar #10
12:45-14:00Understanding "Defeating Encryption" with Quantum Computing for Non-Engineers
Presented by: Jerry Lucas, (Ph.D, Physics) President, TeleStrategiesThis one hour, session is for cyber security executives and specialists who have the responsibility of assessing the lead time they have before deploying quantum safe cryptography solutions but don't have a technical background. If you believe nation state security agencies are developing quantum computing to decrypt your past and future intercepted transmission sessions, this high-level webinar should be a must attend briefing.
And to do this you need to understand how a quantum computing circuit works when designed for the sole purpose of defeating public key encryption.Seminar #11
12:45-14:00Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PolicePre-Conference Sessions Description At The End of Agenda PostinG
Wednesday, 10 June 2020
Welcoming Remarks
8:15-8:30 Tatiana Lucas, ISS World Program Director, TeleStrategies
8:30-9:00
Top Ten Internet Challenges Facing Law Enforcement and the Intelligence Community and Who at ISS World Europe has Solutions
Dr. Jerry Lucas, President, TeleStrategies
ISS World Europe Exhibit Hours:
Wednesday, 10 June 2020
10:00-18:15
Thursday, 11 June 2020
10:00 -14:00
Track 1: Lawful Interception and Criminal Investigation Training
This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.
Tuesday, 9 June 2020
13:20-14:10 Session A
Trust your phone records and cell towers intelligence to solid cutting-edge investigative models
Presented by SIO16:30-17:20 Session B
SSL/TLS Interception Workshop
Vladimir Vesely (Ph.D., Computer Science) Researcher, Brno University of TechnologyWednesday, 10 June 2020
09:00-10:00 Session A
Lawful Interception and Communication Data, Current & Future Challenges: Mobile, Cyber Security, Virtualization and AI - An industry view
Alex Leadbeater, 3GPP SA3-LI and ETSI TC Cyber Chairman and Head of Global Obligations Future and Standards, BT Security09:00-09:30 Session B
Acquiring targets and new leads in a digital sphere: Breaking Down Jaish e Mohamed's digital trace
Presented by Digital Clues09:00-09:30 Session C
Things to Consider When Choosing a Modern Lawful Interception Monitoring Center
Presented by Verint09:30-10:00 Session B
Optical Network Access, Visibility and Recording for 100Gbps and Beyond
Presented by Lumacron16:30-17:15
ETSI/3GPP LI/RD Standards Update
Alex Leadbeater, 3GPP SA3-LI and ETSI TC Cyber Chairman and Head of Global Obligations Future and Standards, BT Security
Gerald McQuaid, ETSI TC LI Chairman and Special Requirements Advisor, Vodafone Group
Carmine Rizzo, ETSI TC LI Technical Officer and 3GPP SA3LI Secretary, ETSIThursday, 11 June 2020
09:15-10:00
SDL Neural Machine Translation applications for Cyber Threat Intelligence
Presented by SDL12:45-14:00
Understanding "Defeating Encryption" with Quantum Computing for Non-Engineers
Presented by: Jerry Lucas, (Ph.D, Physics) President, TeleStrategies
Track 2: LEA, Defense and Intelligence Analyst Product Demonstrations
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 9 June 2020
08:30-09:20 Session A
The Wide Area Network vs. Moore's Law: Generating IP Intelligence at 100G and beyond
Gene Litt, CTO, NetQuest08:30-09:20 Session B
Efficient Cryptanalysis Infrastructure - Doing More with Less
Presented by SciEngines09:25-10:15 Session A
WHO was using WHAT application WHERE and WHEN?
Presented by VASTech09:25-10:15 Session B
TOVEK - creating missing knowledge from disparate information sources
Presented by Tovek10:35-11:25
New methods and enforcement tools designed specifically for regulatory agencies
Presented by Utimaco11:30-12:20
Different Intelligence Sources combined under a single analytical platform – an innovative approach
Presented by Gamma Group13:20-14:10 Session A
Live Demo: Data Retention - powerful analysis on metadata
Presented by ATIS13:20-14:10 Session B
New experience gained from Voice Biometrics and Speech Analytics deployments
Presented by Phonexia14:15-15:05 Session A
Accelerating investigation workflows with specially designed IT-forensic laboratories
Presented by mh Service GmbH14:15-15:05 Session B
Cyber Intelligence in Our Increasingly Privacy & Security Conscious Environment
Presented by Wintego15:25-16:15 Session A
The Role and Importance of Covert Communication in Data Transmission
Presented by Vlatacom15:25-16:15 Session B
Alternative tools for efficient investigations in the age of encryption
Presented by Rohde Schwarz16:30-17:20 Session A
Immigration Control and Identification System
Hans-Georg Schilling, Intecs16:30-17:20 Session B
Sharp-end to the Lab: On-Device and Forensic Voice Biometrics and Media Fingerprinting
Dr. Anil Alexander, CEO, Oxford Wave ResearchWednesday, 10 June 2020
09:00-10:00 Session A
Setting standards in Cyber Technology & Defense
Presented by NSO Group
09:00-09:30 Session C
NEO. Targeted Mission-Based Investigation
Presented by FinFisher09:30-10:00 Session B
Collection in a privacy driven era: We mapped out the collection options
Presented by Verint09:30-10:00 Session C
WiFi Intelligence Gathering - A Key Piece of the Strategic Intelligence Puzzle
Presented by FinFisher
13:00-13:45 Session A
Advanced Tactical Interception and Data Extraction Vectors
Presented by Merlinx13:00-13:45 Session B
Digital Toolbox: the investigator’s best friend
Presented by AREA13:00-13:45 Session C
Delivering Urban Safety through Counter-Drone Defence
Presented by D-Fend13:50-14:35 Session A
Live Demo: Automating forensic Speaker Recognition for Cyber Crime units
Presented by ATIS13:50-14:35 Session B
Illuminating the Dark - Technologies for Unmasking Darknet Criminals
Presented by FinFisher15:40-16:25 Session A
LIMS, only black box! Or can it bring additional value to LEAs?
Presented by Sedam15:40-16:25 Session B
Making the analyst smarter with Intellexa’s Insight
The art of extracting meaningful intelligence from a multitude of sources and vast amounts of data
Presented by Advanced Systems15:40-16:25 Session C
Live Demo. Real Investigation, from OSINT and exfiltration to active cyber security tools (Cyberwarfare).
How to follow the targets in the cyberspace and exfiltrate information, finally using Thor Hammer to neutralize their connected systems.
Antonio Ramos, COO, MOLLITIAM CYBERINTELLIGENCE16:30-17:15 Session A
Encrypted or not - every IP-packet tells a story
Mark Uldahl, CTO, XCI A/SThursday, 11 June 2020
08:30-09:15 Session A
Guess who is using THAT App in your Country. Metadata as IP Intelligence
Presented by AREA08:30-09:15 Session B
WHO was using WHAT application WHERE and WHEN?
Presented by VASTech11:30-12:15
trovicor’s best kept secret – The whole truth about the Intelligence Platform
Presented by Trovicor
Track 3: Social Network Monitoring, Artificial Intelligence and Analytics Product Training
Sessions in this track are only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees, unless marked otherwise.
Tuesday, 9 June 2020
08:30-09:20 Session A
Massive Social Media data collection and analysis for Counter-Terrorism Intelligence Activities
Presented by IPS09:25-10:15
WhatsApp, Telegram, Facebook...how IPS helps you to locate most wanted targets with LI
Presented by IPS10:35-11:25
Everyone leaves a trace: How the digital sphere has become the ideal place for target acquisition
Presented by Digital Clues11:30-12:20
Using AI-based Risk Scoring for Multi-source Target Acquisition and Prioritization
Presented by Simulation Software & Technology, S2T13:20-14:10 Session A
Combating Threats with Advanced AI-Driven Technologies – Leveraging open source data to anticipate and prevent future attacks
Presented by Voyager Labs13:20-14:10 Session B
SCOPE Product – Bringing Data to Life
Presented by Innosystec14:15-14:40 Session A
Combating Threats with Advanced AI-Driven Technologies – Leveraging open source data to anticipate and prevent future attacks
Presented by Voyager Labs14:15-14:40 Session B
Automatic Exploitation of Social Network, Deep and Dark Web to complement traditional Lawful Interception Infrastructure for Target Profiling.
Presented by IPS14:40-15:05 Session B
Machine Learning in a Command and Control Centre for covert field operations and situation awareness
Presented by IPS15:25-16:15 Session A
How social media platforms are limiting the API approach and advanced DB queries
Presented by Verint15:25-16:15 Session B
Multimedia Monitoring and Forensics Laboratory
Presented by Everis16:30-17:20 Session A
The hype of AI usage in intelligence is facing multiple challenges
Presented by Verint16:30-17:20 Session B
SCOPE Product – Prevent and Predict
Presented by Innosystec16:30-17:20 Session C
Uncovering Intelligence on Messaging Apps
How to track and profile cyber criminals using large sources of data collected on mobile messaging apps
Liran Sorani, Cyber Business Unit Manager, Webhose.io
Wednesday, 10 June 2020
09:00-10:00
Tactical Web Intelligence (WEBINT) & Social Engineering: Gathering Actionable Intelligence via a powerful WEBINT platform
Presented by Cobwebs Technologies13:00-13:45 Session A
Global Terror Butterfly Effect: Social Network and Real Time Threat Analysis of Lone Wolves Terrorism
Presented by Cobwebs13:00-13:45 Session B
Propaganda 4.0: is fake news really so new? A Journey through the various ways in which media is used
Presented by Gamma Group13:00-13:45 Session C
Using ML, device fingerprinting (not just IP addresses) and tactical fiber systems to detect threats and anomalies in mass IP data. A discussion with use cases on sophisticated rule based systems.
Presented by Vehere13:50-14:35 Session A
Discover the Unknowns of the Digital Sphere
Presented by Ultra13:50-14:35 Session B
Tracing the Digital Fingerprints: How Digital Data is Transforming Policing
Yohai West, Senior Product Marketing Manager, Cellebrite15:40-16:25 Session A
Unlocking the full potential of speech technologies to transform OSINT and COMINT
Presented by Vocapia15:40-16:25 Session B
trovicor’s best kept secret – The whole truth about the Intelligence Platform
Presented by Trovicor15:40-16:25 Session C
Transforming Investigations & Risk Assessment with Artificial Intelligence
Presented by Voyager Labs16:30-17:15
Data Enrichment Techniques and Sources for Internet Investigations
Presented by Packet ForensicsThursday, 11 June 2020
08:30-09:15
Transforming Investigations & Risk Assessment with Artificial Intelligence
Presented by Voyager Labs09:15-10:00
SCOPE Product – A Real Life Scenario (demo)
Presented by Innosystec11:00-11:45
Using ML, device fingerprinting (not just IP addresses) and tactical fiber systems to detect threats and anomalies in mass IP data. A discussion with use cases on sophisticated rule based systems.
Presented by Vehere12:45-14:00
Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
Track 4: Threat Intelligence Gathering and Cyber Security Product Training
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees
Tuesday, 9 June 2020
9:25-10:15
Live Demo. Real Cyberoperation, invisible control of Android smartphones, Windows/macOS systems and Clouds (hijacking).
Live Demo of the latest technology used to take invisible control of target systems, and lessons learned in tactical operations in the Cyberspace.
Antonio Ramos, COO, MOLLITIAM CYBERINTELLIGENCE10:35-11:25
The Matrix Concept – Combining forward-thinking intelligence tools and proven workflows to assemble a coherent intelligence picture (LIVE DEMO)
Presented by Rayzone Group
14:15-15:05
Disrupt cyber threats by unmasking your adversaries
Presented by 4iQWednesday, 10 June 2020
13:00-13:45
Hushmeeting: creating an iron-clad and quantum-safe communication environment
Presented by Feedback Italia15:40-16:25
Router based interception – redefining remote monitoring by infiltrating targeted LAN networks (LIVE DEMO)
Presented by Rayzone Group16:30-17:15
Improving Threat Analytics: Using DPI Sensors for High-Resolution Traffic Intelligence at Extreme Throughput even in the most Demanding Environments
Sebastien Synold, Product Manager, Qosmos DPI Business Unit, ENEAThursday, 11 June 2020
08:30-09:15
Worldwide Virtual SIGINT – monitoring digital footprint in order to anticipate and prevent evolving threats (LIVE DEMO)
Presented by Rayzone Group
Track 5: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction
This track is for law enforcement and private enterprise investigators who have to monitor and investigate the DarkNet along with Bitcoin transactions associated with criminal activities
Note: Some sessions are only open to LEA and Government. These sessions are marked accordingly.
Tuesday, 9 June 2020
10:35-11:25
Cybercurrency 101: What Technical Investigators Need to Know about Bitcoin and Altcoin Transactions, Dark Web Commerce and Blockchain Analysis
Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies14:15-15:05
Live Demonstration of DarkOwl Vision: Darknet Intelligence Discovery and Collection
David Alley, CEO, DarkOWL FZE
(THIS SESSION IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)15:25-16:15
Offline Darknet web-crawling with the Web-I-Qube
Presented by mh-Service GmbH
(THIS SESSION IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)Wednesday, 10 June 2020
13:00-13:45
Offline darknet investigation with the Web-I-Qube
Presented by mh Service GmbH13:50-14:35
Building a Secured Environment Through Threat Intelligence
Presented by MAGEN16:30-17:15
Profile, target and investigate the Darknet. Reinventing traditional HUMINT in the Digital Era
Presented by AREA
(THIS SESSION IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)Thursday, 11 June 2020
08:30-09:15 Session A
Indexing the dark net – how do you catalog and search something that is not meant to be easily scrubbed? What's possible?
Andrew Lewman, Vice President, DarkOWL and Former Executive Director, The TOR Project09:15-10:00 Session A
Case studies / examples in dark net investigations – de-anonymizing examples / approaches / best practices / lessons learned.
Andrew Lewman, Vice President, DarkOWL and Former Executive Director, The TOR Project11:00-11:45 Session A
Future directions - what's next in dark net infrastructure, dark markets and investigation implications
Andrew Lewman, Vice President, DarkOWL and Former Executive Director, The TOR Project12:45-13:30
Follow the Cryptocurrency trail to trace the next terrorist
Presented by Verint13:30-14:00
Hunting Down Cryptocurrency Users
Vladimir Vesely (Ph.D., Computer Science) Researcher, Brno University of Technology
Track 6: Mobile Signal Intercept Product Training and Demonstrations
This track is for Law Enforcement, Interior Security and the Government Intelligence Community who must work with cellular and mobile satellite operators regarding mobile location, electronic surveillance and RF intercept.
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.Tuesday, 9 June 2020
8:30-9:20 Session B
Understanding Mobile 2G, 3G, 4G and 5G Infrastructure, Intercept and Cryptography
Dr. Jerry Lucas, President, TeleStrategies10:35-11:25
VSAT Networks: Tactical and Strategic Threat Detection and Geolocation
Presented by Kratos11:30-12:20
Border Security and Force Protection Analytics using Passive RF
Presented by Packet Forensics14:15-15:00
Real-time identification and geo-location in mobile networks: how to identify and get, in real-time, the accurate position of a handset in a mobile network
Presented by Evistel15:25-16:15
Accurate 3D Location for National Security
Anjul Bahuguna, Polaris Wireless16:20-17:20
Distributed IMSI Catching & Private networks
Nick Johnson, CTO & Head of PLM, IP AccessWednesday, 10 June 2020
09:00-10:00
Empowering field intelligence teams – how Intellexa combines native 3G/4G interception and long range WiFi interception to make field cyber operations more successful than ever
Presented by WiSpear13:50-14:35
Strategic intelligence to follow trends and reveal hidden targets
Presented by Advanced Systems16:30-17:15
Providence Training Academy
Presented by ProvidenceThursday, 11 June 2020
08:30-09:00
Overview of Mobile Radio Analysis
Presented by Rohde Schwarz09:15-10:00
SCPC/VSAT interception in CiC/CuC scenarios
Presented by Rohde Schwarz
Track 7: Electronic Surveillance Training and Product Demonstrations
This track is for law enforcement investigators and the government intelligence community who are responsible for deploying video, audio and GPS surveillance products and only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 9 June 2020
9:25-10:15
Taking-over traditional C-UAS technologies in complex urban enivronments
Presented by D-Fend10:35-11:25
IoT Intelligence & Operational Opportunities - Challenges & Solutions
Presented by Toka Cyber builders11:30-12:20
A new paradigm for covert audio surveillance in large areas
Presented by Commesh13:20-14:10
A new intelligent approach for covert video recording and streaming
Presented by Pro4Tech15:25-16:15
Waveguard’s border monitoring and control solutions
Presented by WaveGuard16:30-17:20
Simultaneous use of many Squarehead Audio recorders in complex and challenging acoustic environments.
Stig Nyvold, CEO, Squarehead TechnologyWednesday, 10 June 2020
13:50-14:35
Breaking the borders of tactical cyber-intelligence
Presented by Jenovice15:40-16:25
Mobile Location Intelligence: how to leverage active targeting, Big Data and tactical geolocation capabilities
Presented by Creativity Software16:30-17:20
Tactical Multi-Interfaces Communication
Hans-Georg Schilling, Intecs
Track 8: 5G Lawful Interception Product Training
This track is open to all conference attendees.
Tuesday, 9 June 2020
9:25-10:15
Understanding 5G Network Core (NFV, SDN, EDGE Computing and Network Slicing) for Law Enforcement Investigators
Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies14:15-15:05
How new technologies, like 5G, change the lawful interception landscape
Presented by Group 200015:25-16:15
The challenges 5G brings to cellular Security & Surveillance
Nick Johnson, CTO & Head of PLM, IP Access
Wednesday, 10 June 2020
13:00-13:45
Lawful Interception in 5G Mobile Networks
Presented by Utimaco13:50-14:35
Challenges to consider when preparing for the 5G Lawful Interception Era
Presented by Verint15:40-16:15
Multi-Access Edge Computing (MEC) and LI
Presented by Utimaco16:30-17:15
ETSI/3GPP LI/RD Standards Update
Alex Leadbeater, 3GPP SA3-LI and ETSI TC Cyber Chairman and Head of Global Obligations Future and Standards, BT Security
Gerald McQuaid, ETSI TC LI Chairman and Special Requirements Advisor, Vodafone Group
Carmine Rizzo, ETSI TC LI Technical Officer and 3GPP SA3LI Secretary, ETSI
Track 9: Financial Crime Investigation and Prevention Training
This track is open to all conference attendees.
Thursday, 11 June 2020
08:30-09:15
Criminal Essentials: The Needs of a Criminal Network
Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC09:15-10:00
Financial Crime Schemes in Money Laundering
Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC11:00-11:45
The Essentials of Trade Based Money Laundering
Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC12:45-13:30
How Does Money Actually Move?
Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC13:30-14:00
Follow the Money Beyond the Banks
Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC
Training Seminars Led by Law Enforcment Officers and Ph.D Computer Scientists
Tuesday, 9 June 2020
Seminar #1
08:30-15:05Online Social Media and Internet Investigations
Presented by: Charles Cohen, Cohen Training and Consulting, LLC, also holds the position of Captain, Office of Intelligence & Investigative Technologies, Indiana State Police, USA08:30-09:20
The role of Online Social Media OSINT in Predicting and Interdicting Spree Killings: Case Studies and Analysis09:25-10:15
OSINT and Criminal Investigations10:35-11:25
Metadata Exploitation in Criminal Investigations11:30-12:20
EXIF Tags and Geolocation of Devices for Investigations and Operational Security
13:20-14:10
Case Studies in Metadata Vulnerability Exploitation and Facial Recognition14:15-15:05
What Investigators Need to Know about Emerging Technologies Used to Hide on the InternetSeminar #2
08:30-15:05Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceThe aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet,
how to find data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox, and having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.08:30-09:20
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigatorsHow it works. Why it works. How it works for us .How data traffic leaves a trace ; What the internet is; what is an IP and how is it significant to trace a person. IPv4 and IPv6 – understanding the changes- the benefits and pitfalls for the investigator. The internet has millions of copies of data on it - why, and where can we find this. Tracking and evaluating data. MAC adders tracking.
09:25-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadowsWhat data is available. How to harvest and analyze it. Best practice to identify suspects and build profiles. Good practice, virtual data 'housekeeping' and tradecraft .Data collection and interrogation, significance and value. IP usage, exploitation and dynamics; IP plotting and analysis how to look for suspect mistakes and exploit them ( where they show their id). Dynamic approaches to identifying suspects through internet profiles. What investigators get from tech and service providers, and how to analyze it. Investigator capabilities and opportunities.
10:35-11:25
WIFI, geolocation, and Mobile Data traces and trackingA detectives look at Wi-Fi, attribution, cell site data, GPRS location services and technology. How an investigator can track devices, attribute suspects locations, devices and movement. Unique communication identifiers. Dynamic live time tracing. Geo location services and uses. Online Surveillance and tracking movement and speed.
11:30-12:20
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxiesHow suspects are using emerging and new technologies.
An introduction to where technology is going, and how Law enforcement can use this to our advantages. dynamic and pro-active problem solving. Darknet, (Deep web) , TOR and IRC use. VOIP, Skype and FaceTime exploits. Advanced data sniffing and profile building. TOR systems, applications and ways to coax offenders out of the system.13:20-14:10
Advanced Techniques in Tracing Suspects, and lateral problem solvingUsing innovative and dynamic methods to trace offenders. Tricks used by suspects and how to combat them- Play them at their own game?. Covert internet investigations. Proxy servers and hiding. Managing collateral intrusion. Reverse and social engineering. Thinking outside the box. Lateral thinking. Possible missed opportunities. Profile building and manhunts through device footprints, speed and movement.
14:15-15:05
Open Source Tools, resources and techniques - A walk through my free law enforcement open source tools site"Just google it" doesn't work anymore. A look at good tradecraft, practice and methodology in profiling, tracking and tracing digital footprints and shadows on the internet, by means of best available tools. A look at a selection of 200+ tools available on Mark's open source law enforcement tools website, that search engines can’t see, with login and password provided during the session. Do's and do nots. Best tools for best results. When was the last time you 'googled' something in an investigation, and it returned 5 results, all specifically relating to your suspect? This session will teach you how.
Seminar #3
08:30-09:20Understanding Mobile 2G, 3G, 4G & 5G Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session presents what technical investigators need to know about 2G/3G/4G technology infrastructure, Including:
- Lawful Interception of Voice, Data and Messaging Differences in GSM, UMTS and LTE Networks
- SIM Card Basics: Information Available (IMSI, Authentication Key, etc.) and Cryptography Algorithms (A3, A5 and A8)
- Tracking Targets Using CDR's, SS7 Interconnect and IMSI Cathers and more.
Seminar #4
09:25-10:15Understanding 5G Network Core (NFV, SDN, EDGE Computing and Network Slicing) for Law Enforcement Investigators
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesThis session presents the challenges telecom operators and law enforcement face with the transition from a 4G/LTE to a 5G Core.
Seminar #5
10:35-11:25Cybercurrency 101: What Technical Investigators Need to Know about Bitcoin and Altcoin Transactions, Dark Web Commerce and Blockchain Analysis
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesThis 101 training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically, this introduction to Bitcoin for technical investigators addresses:
- Bitcoin Basics for Technical Investigators
- Understanding Bitcoin Infrastructure, Blockchain and Bitcoin Mining
- How Criminals and Terrorists Use TOR and Dark Web
- Bitcoin Cryptography Demystified (For Non-Math Majors)
- Popular Altcoins used by Criminals and the New Challenges Facing Law Enforcement
Seminar #6
11:30-12:20Understanding Advanced Techniques to Defeat (or Work Around) Encrypted Third Party Services, Bitcoin Anonymity, TOR/HS and iPhone Encryption
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesYou can’t defeat today’s encryption (at least not that we know of) but law enforcement and the government intelligence community can “Work around encryption” for a price. Once you identify a target using commercially available encryption products or services (and with enough resources or money) government can defeat the target near 100% of the time.
This session:
- Analyses the top third party encrypted serves (Telegram, Silent Circle, WhatsApp, Skype, Viber,TOR, TOR/HS); the cryptography deployed; why criminals and terrorists choose one over the other; and related LI challenges.
- Presents the common techniques for defeating the encryption deployed in these services, and their success/weakness, including:
- Man in the Middle Attacks
- IT Intrusion (Installing Malware)
- Exploiting bugs in SSL/TLS
- Connecting the “metadata” dots between known targets and communication patterns
- Case studies working around third party encryption case studies, e.g. how was it done!
- TOR / DarkNets (TOR/HS)
- Bitcoin Traceback
- Mobile phone/encryption cracking
- Future Directions in cryptography presenting new challenges for law enforcement and the government intelligence community.
Seminar #7
16:30-17:15SSL/TLS Interception Workshop
Presented by: Vladimir Vesely (Ph.D., Computer Science) and Jan Pluskal, Researchers, Brno University of TechnologyThe presentation introduces methods for intercepting TLS/SSL connections. The focus is on man-in-
middle attack employing TLS/SSL proxy and other ways how to obtain session's private keys. Speakers will outline necessary theory (including the history of SSL/TLS framework design), well-known attacks (including OpenSSL Hearthbleed, Logjam or BEAST) and industry standard tools (such as Wireshark, NetFox Detective, Fiddler Proxy and SSL-Split). The session will also include a live demonstration of MitM attack on HTTPS connections enhanced with form-logging JavaScript injection. Participants will receive free of charge access to test-bed, which consists of real devices (and their traffic) including the prototype of our hardware probe decrypting SSL/TLS on-the-fly.Thursday, 11 June 2020
Seminar #8
08:30-11:45Special Half Day DarkNet Seminar
by Andrew Lewman, Vice President, DarkOWL and Former Executive Director, The TOR Project08:30-09:15
Indexing the dark net – how do you catalog and search something that is not meant to be easily scrubbed? What's possible?09:15-10:00
Case studies / examples in dark net investigations – de-anonymizing examples / approaches / best practices / lessons learned.
11:00-11:45
Future directions - what's next in dark net infrastructure, dark markets and investigation implications
This one-hour session will explore the protection of weak points and future proofing banks against cyber-attacks.Seminar #9
08:30-14:00Concerns and Considerations in Financial Crime Investigations
Presented by: Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC Mike is a former US Federal Law Enforcement Officer who specialized in complex fraud and cybercrime investigations and currently provides training to improve detection and investigations of fraud, money laundering and counter terror finance.The purpose of financial crime can be to generate or protect criminal profit. Locally or internationally, criminals face a continuous challenge of building structure to protect against the efforts of law enforcement and make their profits useable without fear of getting caught. Criminals will therefore build business and financial structures to mask their activities as well as launder money.
In this 1 day seminar we will discuss the tools and methods criminals use and the law enforcement response. Each presentation describes different elements of financial crime and business models used by criminals as well as law enforcement methods and tactics to identify and disrupt them. We will discuss the essentials in criminal networks, key players, money laundering, and trade based money laundering. We will describe how information can be found as money is moved around the world and how investigators can make best use of this knowledge. This training is aimed primarily at the investigator and analyst, but also has application to the law enforcement, intelligence, and financial regulatory community.
08:30-09:15
Criminal Essentials: The Needs of a Criminal Network09:15-10:00
Financial Crime Schemes in Money Laundering11:00-11:45
The Essentials of Trade Based Money Laundering12:45-13:30
How Does Money Actually Move?13:30-14:00
Follow the Money Beyond the BanksSeminar #10
12:45-14:00Understanding "Defeating Encryption" with Quantum Computing for Non-Engineers
Presented by: Jerry Lucas, (Ph.D, Physics) President, TeleStrategiesThis one hour, session is for cyber security executives and specialists who have the responsibility of assessing the lead time they have before deploying quantum safe cryptography solutions but don't have a technical background. If you believe nation state security agencies are developing quantum computing to decrypt your past and future intercepted transmission sessions, this high-level webinar should be a must attend briefing.
And to do this you need to understand how a quantum computing circuit works when designed for the sole purpose of defeating public key encryption.Seminar #11
12:45-14:00Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police