ISS World Europe 2019 Program Agenda
Training Seminars Led by Law Enforcment Officers and Ph.D Computer Scientists
32 classroom training hours, presented by Law Enforcement Officers and Ph.D. Scientists
Charles Cohen, Cohen Training and Consulting, LLC, also holds the position of Captain, Office of Intelligence & Investigative Technologies, Indiana State Police, USA
(6 classroom hours)Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
(7 classroom hours)Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC and retired 27-year US Federal Law Enforcement Officer
(6 classroom hours)Jerry Lucas (Ph.D., Physics), President, TeleStrategies
(4 classroom hours)Matthew Lucas (Ph.D., Computer Science), VP, TeleStrategies
(3 classroom hours)Vladimir Vesely (Ph.D., Computer Science) Researcher, Brno University of Technology
(3 classroom hours)Andrew Lewman, VP, DarkOWL and Former Executive Director, The TOR Project
(3 classroom hours)Tuesday, 28 May 2019
Seminar #1
08:30-15:05Online Social Media and Internet Investigations
Presented by: Charles Cohen, Cohen Training and Consulting, LLC, also holds the position of Captain, Office of Intelligence & Investigative Technologies, Indiana State Police, USA08:30-09:20
The role of Online Social Media OSINT in Predicting and Interdicting Spree Killings: Case Studies and Analysis09:25-10:15
OSINT and Criminal Investigations10:35-11:25
Metadata Exploitation in Criminal Investigations11:30-12:20
EXIF Tags and Geolocation of Devices for Investigations and Operational Security13:20-14:10
Case Studies in Metadata Vulnerability Exploitation and Facial Recognition14:15-15:05
What Investigators Need to Know about Emerging Technologies Used to Hide on the InternetSeminar #2
08:30-15:05Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceThe aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet, how to find data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox, and having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.
08:30-09:20
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators09:25-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows10:35-11:25
WIFI, geolocation, and Mobile Data traces and tracking11:30-12:20
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxies13:20-14:10
Advanced Techniques in Tracing Suspects, and lateral problem solving14:15-15:05
Open Source Tools, resources and techniques - A walk through my free law enforcement open source tools siteSeminar #3
08:30-14:10Concerns and Considerations in Financial Crime Investigations
Presented by: Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC Mike is a former US Federal Law Enforcement Officer who specialized in complex fraud and cybercrime investigations and currently provides training to improve detection and investigations of fraud, money laundering and counter terror finance.08:30-09:20
Criminal Essentials: The Needs of a Criminal Network09:25-10:15
Financial Crime Schemes in Money Laundering10:35-11:25
The Essentials of Trade Based Money Laundering11:30-12:20
How Does Money Actually Move?13:20-14:10
Follow the Money Beyond the Banks
Seminar #4
08:30-09:20Understanding Mobile 2G/3G/4G Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session covers what technical investigators need to know about 2G/3G/4G infrastructure, SIM Cards, Authentication, CDR analysis, SS7 and more.
Seminar #5
09:25-10:15Understanding 5G Infrastructure, Planned Services, Security Weaknesses and Lawful Intercept Options for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session is a technical introduction to 5G; New Radio, Massive MIMO, IoT services, SDN, NFV, Network Slicing and Cloud Service Support.
Seminar #6
10:35-11:25Understanding Cryptography used in Third Party Ecryption Services, Bitcoin, Blockchain, TOR, DarkNets, 2G/3G/4G/5G and WiFi for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session covers the basics of cryptography: Private-Public Keys (RSA, DH etc.), Symmetric-Keys, Hashing, Certificates and where they are deployed in Third Party Encrypted Services (Telegram, etc.), Cryptocurrencies and DarkNets.
Seminar #7
11:30-12:20Cybercurrency 101: What Technical Investigators Need to Know about Bitcoin and Altcoin Transactions, Dark Web Commerce and Blockchain Analysis
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesThis 101-training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically, this introduction to Bitcoin for technical investigators
Seminar #8
13:20-14:10Investigation Techniques for Unmasking TOR Hidden Services and Other Dark Web Operations
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesTOR networks are notoriously effective at hiding the online identity of criminals, terrorists and others who are up to no good. The other side that receives less attention are TOR hidden services. These are services that leverage TOR's anonymizing capabilities to mask the identity of criminally-hosted online services - forming the basis of just about all illegal gambling sites, drug markets, child exploitation material, firearm sales, terrorism propaganda, and more.
Seminar #9
14:15-15:05Artificial Intelligence Technology: What Law Enforcement Needs to Know
Presented by: Matthew Lucas (Ph.D, Computer Science) VP, TeleStrategiesArtificial intelligence and machine learning products are beginning to emerge in the law enforcement marketplace. But what exactly can they do, and how can they improve the effectiveness of LE?
Seminar #10
16:30-17:15SSL/TLS Interception Workshop
Presented by: Vladimir Vesely (Ph.D., Computer Science) Researcher, Brno University of TechnologyThe presentation introduces methods for decrypting TLS/SSL connections. The focus is on man-in-middle attack employing TLS/SSL proxy and other ways how to obtain session's private keys. Speakers will demonstrate how to decrypt intercepted traffic using open-source tools like Wireshark and NetFox Detective. Participants will receive access to test-bed, which consists of real devices (and their traffic) including our 40Gbps interception probe storing TLS/SSL session keys and mirroring traffic on the monitoring interface.
Thursday, 30 May 2019
Seminar #11
08:30-12:15Special Half Day DarkNet Seminar
by Andrew Lewman, Vice President, DarkOWL and Former Executive Director, The TOR Project08:30-09:15
Indexing the dark net – how do you catalog and search something that is not meant to be easily scrubbed? What's possible?09:15-10:00
Case studies / examples in dark net investigations – de-anonymizing examples / approaches / best practices / lessons learned.11:30-12:15
Future directions - what's next in dark net infrastructure, dark markets and investigation implicationsThis one-hour session will explore the protection of weak points and future proofing banks against cyber-attacks.
Seminar #12
12:15-13:15Understanding "Defeating Encryption" with Quantum Computing for Non-Engineers
Presented by: Jerry Lucas, (Ph.D, Physics) President, TeleStrategiesThis one hour, session is for cyber security executives and specialists who have the responsibility of assessing the lead time they have before deploying quantum safe cryptography solutions but don't have a technical background. If you believe nation state security agencies are developing quantum computing to decrypt your past and future intercepted transmission sessions, this high-level webinar should be a must attend briefing.
And to do this you need to understand how a quantum computing circuit works when designed for the sole purpose of defeating public key encryption.Seminar #13
12:15-13:15Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PolicePre-Conference Sessions Description At The End of Agenda PostinG
Wednesday, 29 May 2019
Welcoming Remarks
8:15-8:30 Tatiana Lucas, ISS World Program Director, TeleStrategies
8:30-9:00
Top Ten Internet Challenges Facing Law Enforcement and the Intelligence Community and Who at ISS World Europe has Solutions
Dr. Jerry Lucas, President, TeleStrategies
ISS World Europe Exhibit Hours:
Wednesday, 29 May 2019
10:00-18:00
Thursday, 30 May 2019
10:00 -12:30
Track 1: Lawful Interception and Criminal Investigation Training
This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.
Tuesday, 28 May 2019
08:30-09:20
Lawful Interception Challenges of Tomorrow
LEAs and Security Agencies ability to quickly and efficiently generate actionable intelligence is being eroded by increasing data volumes and encryption. This impacts their ability to identify individuals that are plotting to harm or undertake crime or gain access to information that could help safe guard victims of crime. In this session BAE Systems will discuss the future challenges and opportunities of end to end Lawful Interception including NFV access, filtering, speech processing, geo location and analytics.
Presented by Product Managment, BAE Systems11:30-12:20
The Power of Place: How GEO-Location Intelligence Reveals Opportunity to Identify and Influence The People.
Transforming location data into actionable intelligence with WEBINT capabilities. Analytics, Smart Segmentation and more to achieve maximum impact on the located crowd.
Presented by Bler13:20-14:10
Challenges facing Operators and LEA's: Interception of 10K+ targets on 100G networks and beyond
Considering advances in access technology that are enabling end users internet access reaching 1Gbps, with network capacity consisting of numerous 100Gbps links, more stringent intercept requirements and increasing numbers of intercept targets, we are discussing the challenges facing users of intercept solutions and network operators that are obliged to implement LIMS solution inside their networks. As both parties have seemingly opposite requirements, where LEA's would like to increase the functionality, while operators would like to drive down the cost, we will dive into the topic of how to provide interception of 10K+ targets on 100G networks and beyond while keeping the price in check.
Vedran Željeznak, Managing Director, Matison15:25-16:15 Session B
The challenges 5G brings to cellular Security & Surveillance
Nick Johnson, CTO & Head of PLM, IP Access16:30-17:20 Session B
SSL/TLS Interception Workshop
The presentation introduces methods for decrypting TLS/SSL connections. The focus is on man-in-middle attack employing TLS/SSL proxy and other ways how to obtain session's private keys. Speakers will demonstrate how to decrypt intercepted traffic using open-source tools like Wireshark and NetFox Detective. Participants will receive access to test-bed, which consists of real devices (and their traffic) including our 40Gbps interception probe storing TLS/SSL session keys and mirroring traffic on the monitoring interface.
Vladimir Vesely (Ph.D., Computer Science) Researcher, Brno University of TechnologyWednesday, 29 May 2019
09:00-10:00 Session A
Lawful Interception and Communication Data, Current & Future Challenges: Mobile, Cyber Security, Virtualisation and AI - An industry view
Alex Leadbeater, 3GPP SA3-LI and ETSI TC Cyber Chairman and Head of Global Obligations Future and Standards, BT Security09:00-09:30 Session B
High Speed IP Logging
Tracing back source IP addresses in a carrier network requires high-speed logging of all IP flows through Network Address Translation (NAT/NAPT). This compute and data intensive task is a big burden on carrier routers and can be accomplished by hardware accelerated LIMS Access Points in a much more efficient and transparent way. Our probes aggregate and correlate all IP logs with AAA data and forward the records to Utimaco DRS in near real-time.
Presented by Utimaco TS GmbH09:30-10:00 Session B
Lawful surveillance in the digital age
Presented by Hacking Team13:00-13:45
Lawful interception in 5G Mobile Networks
This session will elaborate the needs and the challenges of lawful interception in current and future wireless networks. Network operators and law enforcement agencies will get practical advice and hear about best practice techniques for the implementation of LI in 5G networks.
Presented by Utimaco TS GmbH13:50-14:35
Bringing #1 Worldwide OEM solutions to market powered by Dell EMC
Eyal Kaplan & Stephen Lernihan, DELL15:40-16:25
VSAT interception with Carrier-in-Carrier (CiC) separation
Presented by Rohde & Schwarz16:30-17:15
ETSI/3GPP LI/RD Standards Update
Alex Leadbeater, 3GPP SA3-LI and ETSI TC Cyber Chairman and Head of Global Obligations Future and Standards, BT Security
Gerald McQuaid, ETSI TC LI Chairman and Special Requirements Advisor, Vodafone Group
Carmine Rizzo, ETSI TC LI Technical Officer and 3GPP SA3LI Secretary, ETSIThursday, 30 May 2019
08:35-09:15 Session A
Overview of mobile phone monitoring
Presented by Rohde & Schwarz08:35-09:15 Session B
5G Deployment Experience
Having deployed very large scale systems for lawful interception in the 5G
networks, we will provide some of the pitfalls that occur.
Dr. Cemal Dikmen, CTO, SS8 Networks
Dr. Keith Bhatia, COO, SS8 Networks09:15-10:00 Session A
Navigating the Complexities of Communication Providers and Government Agencies for Legal Requests
Presented by Yaana09:15-10:00 Session B
Language Technology Solutions for Big Data Analytics & Intelligence. How to understand your target in any language
Presented by SDL11:30-12:15 Session A
Mobile Cell Analysis as Part of the Forensic Toolkit
Presented by S.E.A. Datentechnik GmbH11:30-12:15 Session B
Cyber SafeZone: innovative approaches to public safety.
Ensure safety of common places and business entities by creating cyber infrastructure from the ground to the center by providing real-time Alerts.
Presented by Bler12:15-13:00
Towards Fully Automated Infinitely Scalable and Maximally Effective Password Cracking of Encrypted Documents
Vladimir Vesely (Ph.D., Computer Science) Researcher, Brno University of Technology
12:15-13:00
Understanding "Defeating Encryption" with Quantum Computing for Non-Engineers
This one hour, session is for cyber security executives and specialists who have the responsibility of assessing the lead time they have before deploying quantum safe cryptography solutions but don't have a technical background. If you believe nation state security agencies are developing quantum computing to decrypt your past and future intercepted transmission sessions, this high-level webinar should be a must attend briefing.
And to do this you need to understand how a quantum computing circuit works when designed for the sole purpose of defeating public key encryption.
Presented by: Jerry Lucas, (Ph.D, Physics) President, TeleStrategies
Track 2: LEA, Defense and Intelligence Analyst Product Demonstrations
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 28 May 2019
09:25-10:15 Session A
WHO is or was using WHAT “application” WHEN and WHERE?
Utilizing our mass capture systems and combining Telephony and IP Data provides a rich repository of data to be mined by VASTech’s new powerful analytical capabilities and toolsets.
Presented by VASTech
09:25-10:15 Session B
TOVEK - creating missing knowledge from disparate information sources
Presented by Tovek10:35-11:25
Cyber Solutions for The Fight Against Crime
Presented by FinFisher11:30-12:20
Strategic and Tactical Wi-Fi Surveillance
Presented by FinFisher13:20-14:10
Live Demo: Speech to Text and Speaker Identification
Presented by ATIS14:15-14:40 Session A
Deep neural networks double the accuracy of Phonexia Voice Biometrics
Presented by Phonexia14:40-15:05 Session A
Voice Biometrics and Speech Analytics deployments in real world scenarios
Presented by Phonexia
14:15-15:05 Session B
Using Limited Investigation Resources More Efficiently with Real-Time Traffic Analytics
Decisions on targets and further investigations have to be made fast, as the window of opportunity might close. This requires valuable, on-hand information.
Advanced real-time traffic analytics provides this crucial information for more agile decisions.
Presented by Rohde & Schwarz
15:25-16:15
Vlatacom Solution for Secure Voice Transmission over Voice Channel in Mobile Voice Transmission Systems
Presented by Vlatacom16:30-17:20
Live Demo. Real Cyberoperation, how to penetrate into windows or Mac OSX to get info in an invisible way
Presented by MOLLITIAM CYBERINTELLIGENCE16:30-17:20
Impacts of 5G to Law Enforcement
Impact of bandwidth and new deployment architectures for fast transition to
5G. How to manage bandwidth with services like IPTV/Netflix. Plan for
Voice/Video over 5G networks.
Dr. Cemal Dikmen, CTO, SS8 Networks
Dr. Keith Bhatia, COO, SS8 Networks
Wednesday, 29 May 2019
09:00-9:30
Digital Toolbox: the investigator’s best friend
Presented by AREA
09:30-10:00
Guess who is using THAT App in your Country. Metadata as IP Intelligence
Presented by AREA
13:00-13:45 Session A
New Cutting-Edge Tools from Hacking Team
Presented by Hacking Team13:00-13:45 Session B
Advanced Tactical Interception and Data Extraction Vectors
Presented by Merlinx13:00-13:45 Session C
Live Demo. Real Cyberoperation, how to get control of info Android smartphones
Presented by MOLLITIAM CYBERINTELLIGENCE13:50-14:35
Live Demo: Automating forensic Speaker Recognition for Cyber Crime units
Presented by ATIS13:50-14:35
Internet Records Intelligence: Collection, Storage, Disclosure & Analysis
Presented by Yaana15:40-16:25 Session A
Real-Life practical IT Intelligence Operations
Presented by FinFisher15:40-16:25 Session B
Interactive C4I for police and intelligence agencies
Presented by Advanced Systems16:30-17:15
Encrypted or not - every IP-packet tells a story
Mark Uldahl, CTO, XCI A/SThursday, 30 May 2019
08:30-09:15
Profile, target and investigate the Darknet. Reinventing traditional HUMINT in the Digital Era
Presented by AREA08:30-09:15
WHO is or was using WHAT “application” WHEN and WHERE?
Utilizing our mass capture systems and combining Telephony and IP Data provides a rich repository of data to be mined by VASTech’s new powerful analytical capabilities and toolsets.
Presented by VASTech09:15-10:00
Improve Investigation Agility with the Nutanix Enterprise Cloud
Nutanix is the leading provider of fast, flexible, and easy-to-manage hyperconverged infrastructure (HCI) and hybrid cloud solutions. Nutanix HCI makes Forensic solutions easy to deploy and scale. A variety of hardware options makes the solution suitable for datacenter, office, mobile, and tactical deployments. Join us for this session, and learn how Nutanix will help your teams:
- Provide fast and easy initial deployment
- Eliminate lag time when starting new investigations
- Enable resources allocated to each investigation to be scaled up or down on demand
- Support specialized hardware requirements such as GPUs
- Work with popular open source and commercial forensics software
- Enable mobile and tactical field deployment
- Increase control
- Help ensure chain of custody for investigative data used for evidence
Bryan Zissel, Major Federal Accounts, Nutanix
Don Johnson, Senior Engineer, Nutanix11:30-12:15
The Global Shift to Mobile Applications & The Intelligence Challenge
Who’s using mobile applications to communicate and how intelligence organizations can benefit from the shift
Presented by Verint
Track 3: Social Network Monitoring, Artificial Intelligence and Analytics Product Training
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 28 May 2019
08:30-09:20 Session A
Massive Social Media data collection and analysis for Counter-Terrorism Intelligence Activities
Presented by IPS
08:30-09:20 Session B
Graph intelligence: the future of data-driven investigations
Presented by Linkurious09:25-10:15 Session A
5G, VoLTE and encrypted services like Facebook, WhatsApp and Telegram. How Advanced Internet Protocol Analysis benefits investigators in a holistic vision.
Presented by IPS09:25-10:15 Session B
The Pieces Fit: solving the intelligence puzzle with Multisource Fusion
Presented by WebintPro11:30-12:20
AI and network analysis to find out SIMbox fraud at national scale
Presented by Suneris13:20-14:10
Social Media Text Mining for Investigations
Presented by Insikt Intelligence14:15-14:40 Session A
Automatic Exploitation of Social Network, Deep and Dark Web to complement traditional Lawful Interception Infrastructure for Target Profiling.
Presented by IPS14:15-15:05 Session B
Generate powerful evidence from PCAP, CDR/IPDR and Social Media data, all over a single interface
Presented by ClearTrail Technologies14:40-15:05 Session A
Machine Learning capabilities in a Command and Control Center for covert field operations using Audio, Video and GPS feeds to detect anomalous activities.
Presented by IPS15:25-16:15 Session A
Propaganda 4.0: is fake news really so new? A journey through the tools of OSINT
Presented by Gamma Group15:25-16:15 Session B
Multimedia Monitoring and Forensics Laboratory
Presented by Everis16:20-17:20
Gamma Eye: Combining gadgets with hi-tech. Collect and process intel to help create operational awareness
Presented by Gamma GroupWednesday, 29 May 2019
09:00-09:30 Session A
Enriching Target’s Profiles with OSINT data
Presented by Trovicor09:00-10:00 Session B
Artificial Intelligence for National Security
Through the use of advanced AI technology, Cobwebs platform automatically recognizes patterns in the open, deep and dark web, identifying potential threats in real time. With unique web monitoring and analysis capabilities, national intelligence agencies can extract critical data, predict and respond to various threats instantly.
Udi Levy, CEO, Cobwebs Technologies09:30-10:00 Session A
Money Laundry Use Case: Banking Data Analysis
Presented by Trovicor13:00-13:45 Session A
Generating holistic intelligence by blending WEBINT with other data sources
Presented by S2T13:00-13:45 Session B
Using AI and Machine Learning Techniques to detect threats and anomalies in mass IP data. A discussion with use cases on sophisticated rule based systems
Presented by Vehere13:50-14:35
AI-based Language Technology Solutions to Handle Multi-language OSINT & COMINT
Law Enforcement, Intelligence and Homeland Security Analysts started to hit the multi-language Big Data wall.
How can they handle this exponential amount of foreign-language information collected from various sources in different formats (text, image, audio)?
This session will include live product demonstrations.
Emmanuel Tonnelier, Director, Intelligence Solutions, SYSTRAN13:50-14:35
Cellebrite Analytics, Harness the Power of Digital Data
Presented by Cellebrite15:40-16:25
Unlocking the full potential of speech technologies to transform OSINT and COMINT
Presented by Vocapia16:30-17:15 Session A
IBM products for Social Media Mining and Analysis
Presented by DATERA s.r.o16:30-17:15 Session B
Artificial Intelligence for National Security
Through the use of advanced AI technology, Cobwebs platform automatically recognizes patterns in the open, deep and dark web, identifying potential threats in real time. With unique web monitoring and analysis capabilities, national intelligence agencies can extract critical data, predict and respond to various threats instantly.
Udi Levy, CEO, Cobwebs Technologies16:30-17:15 Session C
The Art of WEBINT: Insight and Benefit
Cyber intelligence, data volumes analysis and Dark Web tools. The power and threats of life "online". How to work with WEBINT data : analytical tools to upgrade arsenal with.
Presented by Bler
Thursday, 30 May 2019
8:30-9:15
Different Intelligence Sources (OSINT, Dark Web, SIGINT, HUMINT) combined under a single analytical platform – Gamma’s innovative approach
Presented by Gamma Group09:15-10:00
Next Generation Monitoring Center – Discover your suspect unlike ever before
Presented by ClearTrail Technologies
12:15-13:15
Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
Track 4: Threat Intelligence Gathering and Cyber Security Product Training
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees
Tuesday, 28 May 2019
08:30-9:20
Operations Security (OpSec) in Offensive Mobile & PC operations (ft. How to make your Zero-Days last longer)
A Live demonstration-led session focusing on the latest tools in PC and Mobile offensive operations for fighting crime. We will lay special emphasis on how to maintain optimal Operational Security (OpSec) for ensuring untraceable operations & extended life of your Zero-Days.
Presented by Secfence10:35-11:25
The Matrix Concept – Combining forward-thinking intelligence tools and proven workflows to assemble a coherent intelligence picture (LIVE DEMO)
The overload of available data and the ever-increasing amount of sensors that law enforcement and intelligence agencies have equipped themselves with, create both new challenges as well as new opportunities. Rayzone Group is proud to present its analysis and investigation platform, based on it’s MATRIX concept in order to withstand these challenges and leverage the opportunities. The ability to connect completely different types of sources opens new possibilities to produce valuable and actionable intelligence.
Presented by Rayzone Group
11:30-11:55 Session A
Unmasking the Real Identities of Cyber Adversaries
Employing intelligence methodologies to unmask criminals who use fake online identities and avatars
Presented by Verint
11:55-12:20 Session A
Disinformation Warfare
Online disinformation, its potential impact on global security, and the battle to counter its influence
Presented by Verint13:20-14:10
Cyber Intelligence in Our Increasingly Privacy & Security Conscious Environment
Presented by Wintego
15:25-16:15
Data Fusion and Analytics for National Security and Intelligence
Presented by Yaana
Wednesday, 29 May 2019
09:00-10:00
Combining Intelligence Disciplines in the Battle Against Evolving Global Terror Threats: Session 1
The use of multiple types of intelligence, including Big Data collection, Tactical Intelligence and fusion of diverse data sources, in the war against global terror
Operate “Under the Radar” with Micro-Tactical Intelligence: Session 2
Verint’s micro-tactical solutions for covert collection of valuable target intelligence with minimal exposure risk
Presented by Verint15:40-16:25
Router based interception – redefining remote monitoring by infiltrating targeted LAN networks (LIVE DEMO)
By rethinking the common practices of remote data interception, Rayzone Group has developed a new form of infrastructure-based attacks of targeted LAN networks. The System synergistically combines the capabilities and advantages of tactical and strategic interception systems to support authorities in overcoming threats in both an effective and efficient manner. The system enables both proximity and remote infiltration into SMB routers. Once infiltrated, all the traffic can be monitored by the system remotely.
Presented by Rayzone Group16:30-17:15
How do we monitor cyber criminals through the messaging platforms
Telegram, Discord and more are being used on a daily usage by terrorists, extremist, and various cyber criminals, they also hop between channels as its very easy to open and close one.
In this session we will cover what can be found there, How can we monitor such patterns, how to detect near real-time important threats
Liran Sorani, Cyber Business Unit Manager, Webhose.ioThursday, 30 May 2019
08:30-09:15
Worldwide Virtual SIGINT – monitoring digital footprint in order to anticipate and prevent evolving threats (LIVE DEMO)
We live in a digital era and we all constantly communicate digitally via social networks, blogs, chats and more. Terrorists and criminals are no different. They interact online, and like the rest of us, cannot avoid leaving a digital footprint behind. This provides a real opportunity for agencies to monitor these online interactions in order to anticipate and prevent evolving threats.
Presented by Rayzone Group
Track 5: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction
This track is for law enforcement and private enterprise investigators who have to monitor and investigate the DarkNet along with Bitcoin transactions associated with criminal activities
Tuesday, 28 May 2019
15:25-16:15
Offline Darknet web-crawling with the Web-I-Qube
Presented by mh-Service GmbHWednesday, 29 May 2019
13:50-14:35
Closing the Loop- Combining Apps & Cloud Intercepiton with DarkNet Intelligences
Presented by MAGEN15:40-16:25
Profile, target and investigate the Darknet. Reinventing traditional HUMINT in the Digital Era
Presented by AREA16:30-17:15
Hunting Down Cryptocurrency Users
Vladimir Vesely (Ph.D., Computer Science) Researcher, Brno University of TechnologyThursday, 30 May 2019
08:30-09:15
Indexing the dark net – how do you catalog and search something that is not meant to be easily scrubbed? What's possible?
Andrew Lewman, Vice President, DarkOWL and Former Executive Director, The TOR Project
09:15-10:00
Case studies / examples in dark net investigations – de-anonymizing examples / approaches / best practices / lessons learned.
Andrew Lewman, Vice President, DarkOWL and Former Executive Director, The TOR Project
11:20-12:15
Future directions - what's next in dark net infrastructure, dark markets and investigation implications
Andrew Lewman, Vice President, DarkOWL and Former Executive Director, The TOR Project12:15-13:00
The Real Dark Web
Overview of the Dark Web and the differences between the Dark Web, the Darknet and Anonymous Networks
Presented by Verint
Track 6: Mobile Signal Intercept Product Training and Demonstrations
This track is for Law Enforcement, Interior Security and the Government Intelligence Community who must work with cellular and mobile satellite operators regarding mobile location, electronic surveillance and RF intercept.
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 28 May 2019
10:35-11:25
VSAT Networks: Tactical and Strategic Threat Detection and Geolocation
VSAT terminals are a major connectivity node for a number of application and can often go undetected, which tools are available to detect and monitor network usage and behavior to mitigate threats and reduce vulnerabilities?
Automatically scanning the visible orbital arc, detecting, characterizing and recording all received signals can now be implemented, both strategic and tactical.
The available toolbox goes beyond the simple detection and analysis of these networks, how it is possible to geo-locate VSAT terminals?
Presented by Kratos14:15-15:05
Practical and creative example of modifying Android OS by HEX editing system files, and hacking regular applications to achieve surveillance.
Denis Cuculić, CEO ex. Head of Technical Department, PRO4SEC16:20-17:20
Distributed IMSI Catching & Private networks
Here ip.access will be showcasing the Presence for Safe Cities: distributed cellular sensors & S60z: Multi-RAT SDR Platform
Nick Johnson, CTO & Head of PLM, IP Access
Wednesday, 29 May 2019
09:00-10:00 Session A
Detection of IMSI/IMEI catchers and Wi-Fi monitoring systems
Presented by NeoSoft09:00-10:00 Session B
Unleashing the Power of WiFi: end-to-end approach to WiFi Intelligence
Presented by WiSpear13:00-13:45 Session A
SIGINT Interception - combining operational techniques with cutting edge technologies.
In this session we will review the synergy between strategic systems and tactical interception sensors.
Presented by Jenovice13:00-13:45 Session B
Sharing of best practices from an active deployment of LI in the NFV environment
BAE Systems help nations, governments and businesses around the world defend themselves against cybercrime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes - often collecting and analysing huge volumes of data.
Matt Benford, BAE Systems13:50-14:35 Session A
Alpha Max: 3/4G interception and infection vector
Presented by Advanced Systems13:50-14:35 Session B
Waveguard Technologies Introduces Its Brink Solution: High Accuracy Mobile Identification in Border Control & Checkpoints
Presented by Waveguard15:40-16:25
What is 5G – Technology Overview
Presented by EXFO Homeland SecurityThursday, 30 May 2019
08:30-09:15
Digital forensic and investigation of WLAN networks – methods, tools and services
Presented by S.E.A. Datentechnik GmbH09:15-10:00
How new technologies, like 5G, change the lawful interception landscape
Presented by Group 200011:30-12:15
Modern COMINT Challenges. Untangling the VSAT Landscape
Presented by Idea Mars UAB
Track 7: Electronic Surveillance Training and Product Demonstrations
This track is for law enforcement investigators and the government intelligence community who are responsible for deploying video, audio and GPS surveillance products
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 28 May 2019
15:25-16:15
Discover how a unified platform connected to all MNOS for GSM retrieving and GPS from Beacons
Presented by Deveryware16:30-17:00
Discover how a unified platform connected to all MNOS for GSM retrieving and GPS from Beacons
Presented by DeverywareWednesday, 29 May 2019
13:00-13:45
A new intelligent approach for covert video recording and streaming
Presented by Pro4Tech15:40-16:25
Covert Miniature Surveillance.
Presented by CovidenceThursday, 30 May 2019
11:30-12:00
Discover how a unified platform connected to all MNOS for GSM retrieving and GPS from Beacons
Presented by Deveryware
Training Seminars Led by Law Enforcment Officers and Ph.D Computer Scientists
Tuesday, 28 May 2019
Seminar #1
08:30-15:05Online Social Media and Internet Investigations
Presented by: Charles Cohen, Cohen Training and Consulting, LLC, also holds the position of Captain, Office of Intelligence & Investigative Technologies, Indiana State Police, USA08:30-09:20
The role of Online Social Media OSINT in Predicting and Interdicting Spree Killings: Case Studies and Analysis09:25-10:15
OSINT and Criminal Investigations10:35-11:25
Metadata Exploitation in Criminal Investigations11:30-12:20
EXIF Tags and Geolocation of Devices for Investigations and Operational Security13:20-14:10
Case Studies in Metadata Vulnerability Exploitation and Facial Recognition14:15-15:05
What Investigators Need to Know about Emerging Technologies Used to Hide on the InternetSeminar #2
08:30-15:05Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceThe aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet, how to find data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox, and having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.
08:30-09:20
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators09:25-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows10:35-11:25
WIFI, geolocation, and Mobile Data traces and tracking11:30-12:20
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxies13:20-14:10
Advanced Techniques in Tracing Suspects, and lateral problem solving14:15-15:05
Open Source Tools, resources and techniques - A walk through my free law enforcement open source tools siteSeminar #3
08:30-14:10Concerns and Considerations in Financial Crime Investigations
Presented by: Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC Mike is a former US Federal Law Enforcement Officer who specialized in complex fraud and cybercrime investigations and currently provides training to improve detection and investigations of fraud, money laundering and counter terror finance.08:30-09:20
Criminal Essentials: The Needs of a Criminal Network09:25-10:15
Financial Crime Schemes in Money Laundering10:35-11:25
The Essentials of Trade Based Money Laundering11:30-12:20
How Does Money Actually Move?13:20-14:10
Follow the Money Beyond the Banks
Seminar #4
08:30-09:20Understanding Mobile 2G/3G/4G Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session presents what technical investigators need to know about 2G/3G/4G technology infrastructure, Including:
- Lawful Interception of Voice, Data and Messaging Differences in GSM, UMTS and LTE Networks
- SIM Card Basics: Information Available (IMSI, Authentication Key, etc.) and Cryptography Algorithms (A3, A5 and A8)
- Tracking Targets Using CDR's, SS7 Interconnect and IMSI Cathers and more.
Seminar #5
09:25-10:15Understanding 5G Infrastructure, Planned Services, Security Weaknesses and Lawful Intercept Options for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session is an introduction to 5G and what technical investigators need to know including:
- Infrastructure differences with 4G-LTE and 5G from a lawful interception perspective
- New Radio Access Technologies, Supporting (IoT, M2M, D2D and WiFi-5G Interconnection) including small cells, new unlicensed spectrum and Massive MIMO.
- New 5G Core Network Based Services, (Software Defined Networks, Virtual Function Virtualization, Network Slicing and Cloud-RAN) and what the hacking, Cyber security and lawful intercept concerns are of law enforcement, and government intelligence comunity.
Seminar #6
10:35-11:25Understanding Cryptography used in Third Party Ecryption Services, Bitcoin, Blockchain, TOR, DarkNets, 2G/3G/4G/5G and WiFi for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session covers the basics of cryptography: Private-Public Keys (RSA, DH etc.), Symmetric-Keys, Hashing, Certificates and where they are deployed in Third Party Encrypted Services (Telegram, etc.), Cryptocurrencies and DarkNets.
Seminar #7
11:30-12:20Cybercurrency 101: What Technical Investigators Need to Know about Bitcoin and Altcoin Transactions, Dark Web Commerce and Blockchain Analysis
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesThis 101-training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically, this introduction to Bitcoin for technical investigators
Seminar #8
13:20-14:10Investigation Techniques for Unmasking TOR Hidden Services and Other Dark Web Operations
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesTOR networks are notoriously effective at hiding the online identity of criminals, terrorists and others who are up to no good. The other side that receives less attention are TOR hidden services. These are services that leverage TOR's anonymizing capabilities to mask the identity of criminally-hosted online services - forming the basis of just about all illegal gambling sites, drug markets, child exploitation material, firearm sales, terrorism propaganda, and more.
Seminar #9
14:15-15:05Artificial Intelligence Technology: What Law Enforcement Needs to Know
Presented by: Matthew Lucas (Ph.D, Computer Science) VP, TeleStrategiesArtificial intelligence and machine learning products are beginning to emerge in the law enforcement marketplace. But what exactly can they do, and how can they improve the effectiveness of LE?
Seminar #10
16:30-17:15SSL/TLS Interception Workshop
Presented by: Vladimir Vesely (Ph.D., Computer Science) Researcher, Brno University of TechnologyThe presentation introduces methods for decrypting TLS/SSL connections. The focus is on man-in-middle attack employing TLS/SSL proxy and other ways how to obtain session's private keys. Speakers will demonstrate how to decrypt intercepted traffic using open-source tools like Wireshark and NetFox Detective. Participants will receive access to test-bed, which consists of real devices (and their traffic) including our 40Gbps interception probe storing TLS/SSL session keys and mirroring traffic on the monitoring interface.
Thursday, 30 May 2019
Seminar #11
08:30-12:15Special Half Day DarkNet Seminar
by Andrew Lewman, Vice President, DarkOWL and Former Executive Director, The TOR Project08:30-09:15
Indexing the dark net – how do you catalog and search something that is not meant to be easily scrubbed? What's possible?09:15-10:00
Case studies / examples in dark net investigations – de-anonymizing examples / approaches / best practices / lessons learned.11:30-12:15
Future directions - what's next in dark net infrastructure, dark markets and investigation implicationsThis one-hour session will explore the protection of weak points and future proofing banks against cyber-attacks.
Seminar #12
12:15-13:15Understanding "Defeating Encryption" with Quantum Computing for Non-Engineers
Presented by: Jerry Lucas, (Ph.D, Physics) President, TeleStrategiesThis one hour, session is for cyber security executives and specialists who have the responsibility of assessing the lead time they have before deploying quantum safe cryptography solutions but don't have a technical background. If you believe nation state security agencies are developing quantum computing to decrypt your past and future intercepted transmission sessions, this high-level webinar should be a must attend briefing.
And to do this you need to understand how a quantum computing circuit works when designed for the sole purpose of defeating public key encryption.Seminar #13
12:15-13:15Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
