ISS World Middle East is the world's largest gathering of Regional Law Enforcement, Intelligence and Homeland Security Analysts, Telecoms as well as Financial Crime Investigators responsible for Cyber Defense, Electronic Surveillance and Intelligence Gathering.
ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety, Government and Private Sector Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network, the Internet and Social Media.
Track 1: Lawful Interception and Criminal Investigation Training
Track 2: Defeating Encryption with IT Intrusion and Quantum Computers
Track 3: LEA, Defense and Intelligence Analyst Product Demonstrations
Track 4: Social Network/DarkNet Monitoring and Analytics Product Training
Track 5: Mobile Signal Intercept and Electronic Surveillance Product Demonstrations
Track 6: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction
Track 7: Financial Crime: Prevention, Detection and Investigation
Plus Training Seminars Led by Law Enforcement Officers and Ph.D Scientists
ISS World MEA Exhibits Schedule:
Tuesday, 13 March 2018
10:00-18:00Wednesday, 14 March 2018
9:30-12:30
Training Seminars Led by Law Enforcement Officers and Ph.D Scientists
23 classroom training hours, presented by Law Enforcement Officers and Ph.D. ScientistsMark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
(9 classroom hours)Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC and retired 27 year US Federal Law Enforcement Officer
(6 classroom hours)Jerry Lucas (Ph.D., Physics), President, TeleStrategies
(5 classroom hours)Matthew Lucas (Ph.D., Computer Science), Vice President, TeleStrategies
(3 classroom hours)Monday, 12 March 2018
Seminar #1
9:00-17:00
Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
The aim of this 1 day seminar is to take the attendees from the basics of understanding the Internet, how to find data, through to a full understanding of best practice of an Internet investigator, having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.
09:00-10:00
The Internet, and how suspects leave a Digital Footprint10:15-11:15
Recognizing Traffic Data and digital profiling11:30-12:30
WIFI, geolocation, and Mobile Data traces13:30-14:30
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxies14:45-15:45
Advanced Techniques in Tracing Suspects, and lateral problem solving16:00- 17:00
Open Source Tools, resources and techniquesSeminar #2
09:00-17:00
Concerns and Considerations in Financial Crime Investigations
Presented by: Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC and retired 27 year US Federal Law Enforcement Officer
09:00-10:00
Criminal Essentials: The Needs of a Successful Illicit Network10:15-11:15
Illicit Schemes: Money Laundering and Terror Finance: Similarities and Differences11:30-12:30
Trade Based Money Laundering Techniques: Red Flags for Investigators13:45-14:45
World Finance Basics 1: How Investigators Can "Follow the Money": FedWIRE, Clearing Houses, and SWIFT15:00-16:00
World Finance Basics 2: Hawala, Red SIMS, and Alternate Remittance Systems16:15-17:15
Financial Investigation Case Planning: Application of Critical Thinking to your Case
Seminar #3
09:00-12:30
Understanding ISS Technologies and Products Deployed in Telecommunications Networks for Lawful Interception and Mass Surveillance
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This half-day seminar covers how criminals and terrorists communicate over today's public telecommunications wireline and wireless networks, over the top Internet services and social networks. This seminar is ideal for law enforcement, interior security, public safety and others who need to understand the ISS technologies and products used to lawfully intercept electronic communications and conduct mass network surveillance as discussed at ISS World Conference sessions and by exhibitors.
9:00-10:00
Introduction to Wireline and IP Infrastructure and Related ISS Products for Lawful Interception and Mass Surveillance10:15-11:15
Understanding Mobile Wireless Infrastructure, and Related ISS Products for Lawful Interception and Mass Surveillance11:30-12:30
Understanding Internet Infrastructure and Related ISS Products for Mass Intelligence Gathering and Surveillance
Seminar #4
9:00-10:00
Cryptocurrency 101: Introduction to What Technical Investigators Need to Know about Bitcoin and Altcoin Transactions, Dark Web Commerce and Blockchain Analysis
Presented by: Dr. Matthew Lucas, Vice President, TeleStrategies
This 101 training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically, this introduction to Bitcoin for technical investigators addresses:
Seminar #5
14:45-15:45
Investigation Techniques for Unmasking TOR Hidden Services and Other Dark Web Operations
Presented by: Matthew Lucas, (Ph.D Computer Science), VP, TeleStrategies
TOR networks are notoriously effective at hiding the online identity of criminals, terrorists and others who are up to no good. The other side that receives less attention are TOR hidden services. These are services that leverage TOR's anonymizing capabilities to mask the identity of criminally-hosted online services - forming the basis of just about all illegal gambling sites, drug markets, child exploitation material, firearm sales, terrorism propaganda, and more.
• How TOR hides IP addresses/identity/location
• TOR hosting, What is .ONION and content analysisSeminar # 6
16:00-17:00Defeating Network Encryption: What Law Enforcement and The Intelligence Community Needs to Understand
Presented by: Dr. Matthew Lucas (Ph.D Computer Science), Vice President, TeleStrategies
The starting point to defeating encryption is to separate techniques addressing stored encrypted data such as with the Apple iPhone issue. The other challenge is defeating encrypted data in transit (e.g. Telegram, Whatsapp, etc.) or Network Encryption. This webinar is about defeating the later.
When it comes to defeating network encryption the technical community separates into two camps. Those who want to impede law enforcement and the government intelligence community from defeating network encryption: IETF, Silicon Valley and hundreds of third party encryption services. And your camp, those who want to investigate criminals and terrorist group who depend on network
encryption.
Wednesday, 14 March 2018
Seminar #7
8:30-9:30
Practitioners Guide to Understanding Cyber Attacks on Banks - Exploring Vulnerabilities from The Perspective Of The Hacker
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
This one hour session will explore the viewpoints of both the banks perception of vulnerabilities, and that of the attacker. A follow-up session at 10:30 will address Practitioners Guide to Defending Banks Against Cyber Attacks.
Seminar #8
10:30-11:30
Practitioners Guide to Defending Banks Against Cyber Attacks – Identifying And Protecting Vulnerabilities To Frustrate The Thief, and Integrity Proof The Systems
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
This one hour session will explore the protection of weak points and future proofing banks against cyber attacks.
Seminar #9
12:00-13:00
Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
Seminar #10
12:00-13:00Understanding Defeating Encryption with Quantum Computing for Non-Engineers
Presented by: Jerry Lucas, (Ph.D, Physics) President, TeleStrategies
Countless news articles have been written about quantum computers, the magic of entangled qubits and all the new business opportunities that will be created with these general-purpose computing machines. But what is not addressed in these articles is you don’t need a general purpose quantum computer to defeat today’s cryptography. While these general-purpose machines are likely a decade away from deployment, an application specific quantum circuit designed for one purpose only, e.g. defeating today’s public key encryption may be but a few years away. (Full Description of this webinar below Track 7)
(Full Pre-Conference Seminar Agenda Appears After Track 7)
Tuesday, 13 March 2018
Welcoming Remarks
8:15-8:30 Tatiana Lucas, ISS World Program Director, TeleStrategies Keynote
8:30-9:00 Top Ten Internet Challenges Facing Law Enforcement and the Intelligence Community and Who at ISS World Middle East has Solutions
Dr. Jerry Lucas, President, TeleStrategies
Track 1: Lawful Interception and Criminal Investigation Training
This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.
Tuesday, 13 March 2018
9:00-10:00 Current and Future Standardization Challenges: Encryption, Network Function Virtualization, Cloud Computing and More
Alex Leadbeater, Chairman, SA3 LI and EU Data Retention Compliance Manager, BT11:30-12:00 Legal Monitoring of Internet-of-Things (IOT)
This presentation gives a quick introduction to IOT technologies and explores requirements and challenges in regards to legal compliance
Presented by Utimaco TS GmbH12:00-12:30 Multi-source Intelligence Collection & Big Data Analysis
Presented by Sinovatio14:00-14:30 User Behavior Profiling from Multiple Sources
Digital crimes take place every day leaving evidence on various type of devices. The traditional method however, is to collect and analyze each device one-by-one. This session instead suggests a method to pan out all collected data from various devices (computer, mobile, cloud etc.) in order to see all the relevant data from a suspect with a holistic approach.
Kim Jong Hyun, Douzone Bizon14:30-15:00 Network Data Analytics: Using Active Network Intelligence to Quickly Respond to Emerging Regulatory Needs
Monitoring network data traffic, dealing with network encryption, and taking meaningful action can feel like trying to hold back the tide. Sandvine will present how to achieve scale, techniques for finding gold in a mountain of data, and automating actions using Active Network Intelligence.
Presented by Sandvine15:30-16:00 Lightning Network for Bitcoin - What it is and How it Works
Presented by Yaana Technologies16:00-16:30 Speech to Text and Voice Biometrics for Audio Mining solutions and Extraction of Actionable Intelligence
This presentation gives a quick introduction to Nuance Speech technologies (Speaker ID, Transcription, Language ID and Keyword Spotting) and its applicability for Security and Intelligence. A Speech to Text / Transcription live demo will be provided for Arabic language.
Presented by NuanceWednesday, 14 March 2018
8:30-9:00 Update on Voice Data Mining for LEA, Military and Police
The presentation will provide update on the latest news in the field of Voice Biometrics and Speech Analytics for purposes of governmental sector. Attendees will gain knowledge about best practices and trends from both technological and customer perspective.
Marek Slavik, Phonexia12:00-13:00 Defeating Encryption with Quantum Computers: Myths vs. Realities for Cyber Security Decision Makers
Quantum Computers will defeat key components of today’s cryptography. It’s not a question of “if”, it’s a question of “when”. This seminar addresses:Presented by: Jerry Lucas, (Ph.D, Physics) President, TeleStrategies
- How quantum computers will defeat today’s PKI, Symmetric Key Encryption and Blockchain 2.0 Hashing and when. Light on quantum physics and math.
- Not all quantum computers are being designed to defeat encryption and why “nation state” quantum computer are.
- What are the “quantum safe” options specifically QKD and QSA and how realistic and/or expensive.
Track 2: Defeating Encryption with IT Intrusion Products and Quantum Computers
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees
Monday, 12 March 2018
10:15-11:15 Cyber Solutions for The Fight Against Crime
Presented by FinFisher11:30-12:30 Real-Life practical IT Intelligence Operations
Presented by FinFisher13:30-14:30 Ethical and Sustainable Solutions in a world of Encryption
Manohar Katoch, AVP, Business Development, ClearTrail Technologies16:00-17:00 Defeating Network Encryption: What Law Enforcement and The Intelligence Community Needs to Understand
The starting point to defeating encryption is to separate techniques addressing stored encrypted data such as with the Apple iPhone issue. The other challenge is defeating encrypted data in transit (e.g. Telegram, Whatsapp, etc.) or Network Encryption. This webinar is about defeating the later.
When it comes to defeating network encryption the technical community separates into two camps. Those who want to impede law enforcement and the government intelligence community from defeating network encryption: IETF, Silicon Valley and hundreds of third party encryption services. And your camp, those who want to investigate criminals and terrorist group who depend on network
encryption. Dr. Matthew Lucas (Ph.D Computer Science), Vice President, TeleStrategiesTuesday, 13 March 2018
9:00-10:00 The end of Zero-Days and what to do about it
To evade strong encryption in communication LEA may be forced to get access for digital investigations by using zero-day exploits. Initiatives like bug bounties and Google Project Zero together with an higher awareness for secure programming by the big software vendors the availability of such exploits will become harder even next to impossible and market prices are already skyrocketing. Malware analysis capability may become a key factor for LEA to evade that issue. Using own expertise for finding new vectors based on own malware forensics or using cheaper half day exploits for legal purposes will be a key factor for future investigations. RME will dive into the topic and explain how to close the gap and how to increase the lifecycle for remote forensic or tactical access tools in digital operations.
Mr. André Reichow-Prehn, Head of Programme Cyber, Product Unit Cyber Solutions, Rheinmetall Electronics GmbH11:30-12:30 Strategic and Tactical Wi-Fi Surveillance
Presented by FinFisher
Track 3: LEA, Defense and Intelligence Analyst Training and Product Demonstrations
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Monday, 12 March 2018
13:30-14:30 Cellebrite Analytics, Harness the Power of Digital Data
Alexander Schuetterle, VP Advanced Solutions EMEA, Cellebrite14:45-15:45 Mobile Acquisition Uncovered: The Past, Present and Future of Mobile Device Investigations
As manufacturers continue to improve device security and encryption, we ask: Where will the most valuable data reside? What can you do to both acquire and analyse it effectively? This session discusses the past, present, and future of mobile investigations and explains how these trends may shape your investigations. In particular, we will explore alternative acquisition methods and will de-mystify mobile forensic acquisition tools and techniques so that you will be better equipped to get more value from your toolset.
Martin Barrow, Sales Engineer, Magnet Forensics16:00-17:00 Hushmeeting: creating an iron-clad and quantum-safe communication environment
Preventing attacks, detecting intruders and collaborating within a backdoor-free and malware-proof communicaiton framework. Real use cases and attacking scenarios
Presented by Feedback ItaliaTuesday, 13 March 2018
9:00-10:00 Session A Lawful Interception in 2018. VoLTE and encrypted services like Facebook, WhatsApp and Telegram. How Social Media Intelligence benefits investigators in a holistic vision
Presented by IPS9:00-10:00 Session B LIVE DEMO: Biometric Voice Recognition System to identify people in phone calls, videos and social media
Presented by ATIS11:30-12:30 Session A Latest updates on Forensic Investigator Toolbox
Presented by AREA11:30-12:00 Session B How to quickly and efficiently identify suspects
Live demonstration analysing complex data generated from multiple monitoring centers
Presented by Trovicor14:00-15:00 Session A Language Technology Solutions for Big Data Analytics & Intelligence. How to understand your target in any language
Patrick Vanderper, SDL14:00-15:00 Session B Generate Powerful evidence from Internet Data, CDR/IPDR & Social Media Data from a Single Interface. Agencies have to deal with variety of data like PCAP, CDR/IPDR and Open Source Data etc. coming from different sources. A typical investigation of such data involves manual correlation using different tools that eventually leads to disconnected intelligence and doesn't provide a single view of a "Person of Interest". Moreover, the communications are moving to encrypted channels, which further limits the target’s visibility.
What if you could bring data, tools and systems together on a single interface?
Experience a seamless Investigation Workbench that assists investigators to collaboratively discover evidences, profile suspects, build stories and solve cases rapidly.
Jitendra Verma- Director Business Development, ClearTrail Technologies14:30-15:00 Session C Lampyre: Universal platform for visual data analysisOleg Kozhanov, NORSI-TRANS15:30-16:30 Session A Relational & Predictive: Future of Intelligence analytics
Presented by Advanced Systems15:30-16:00 Session B Taking Lawful Interception and Monitoring into the 21st Century
Presented by AQSACOM15:30-16:30 Session C A detailed understanding of the traffic on optical fibres ; performingmetadata + content analysis and exposing their intelligence value.
Presented by VASTechWednesday, 14 March 2018
9:00-9:30 Massive Investigation, with a care for privacy: Carrier Grade Nat disambiguation and Rich IPDRs Analysis
Presented by AREA10:30-11:00 Anomaly Detection: Recognizing pattern changes in targets' activities
Presented by Trovicor12:00-13:00 Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
Track 4: Social Network / Dark Web Monitoring and Analytics Product Training
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees
Monday, 12 March 2018
10:15-11:15 Artificial Intelligence (AI) and the future of Web Intelligence (WEBINT)
Presented by CWA Webint Applications11:30-12:00 Extremist communication: what is out there, how to collect it, what it does, how to make sense of it and how to counter it – OSINT from a practitioners view
Presented by Gamma Group12:00-12:30 Evidence-based, operational mission management – from the simple to the sophisticated
Presented by Gamma Group13:30-14:30 Session A SNS Network Analysis
Presented by Esafenet13:30-14:30 Session B Live Demonstration of SnapTrends: Real-Time Location-Based Social Media Intelligence
Presented by Snaptrends14:45-15:45 Session A Advanced analytics and identification through processing of social networks, audio sources and video surveillance
Presented by everis14:45-15:45 Session B VASTech Mass Monitoring Analytics: Who was where and when ; if you touch the network, you leave footprints.
A demonstration through use cases of the new powerful intelligence analytical capabilities and toolset from VASTech that identify, track and expose local and foreign targets on mobile networks.
Presented by VASTech16:00-17:00 Session A How to monitor and influence Public Sentiment with a platform able to listen, analyse and react through propaganda campaigns on Social Media
Presented by IPS16:00-17:00 Session B Digital Investigations in dark net
Presented by AREATuesday, 13 March 2018
9:00-10:00 Session A Voice Analytics
Patrick Pray, Pegasus9:00-10:00 Session B Connecting dots using all information, voice, IP data, location, movement, behavior, biometric, A egis, the one stop solution for you
Presented by Semptian11:30-12:30 Session A Bridging discipline gaps in the hunt for perpetrators: Bringing together Metadata, OSINT, SOCMINT, SIGINT, Dark Web, Surveillance techniques and various other capabilities to support law enforcement
Presented by Gamma Group11:30-12:30 Session B 10 Best Practices on All Media Monitoring
A live demo of National Intelligence System for Mobile/Twitter/Facebook/Youtube/News/Forums/Any website.
Monitor your targets' messages, profiles, locations, behaviors, relationships, and more
Bear Xu, CEO, Knowlesys International Limited14:00-15:00 Session A Dark Web – Can Governments afford not knowing? Hunting criminals on the dark side.
Presented by Gamma Group14:00-15:00 Session B GoldenSpear Deep WEBINT – Reaching the Deepest corners of the Deep Web and the Darkest corners of DarkNet
Presented by S2T14:00-15:00 Session C Advanced analytics and identification through processing of social networks, audio sources and video surveillance
Presented by everis15:30-16:00 Session A Automatic Exploitation of Social Network, Deep and Dark Web to complement traditional Lawful Interception Infrastructure
Presented by IPS15:30-16:30 Session B Intelligence Analysis on Big Data
Presented by Sinovatio15:30-16:30 Session C Tactical Web Intelligence (WEBINT) and Social Engineering: a sneak-peak into the power of hollistic WEBINT platform
Presented by CWA Webint Applications16:45-17:45 Session A Build Bridges from OSINT & Breached Data to Profiling
Presented by Indafo16:45-17:45 Session B Fortion MediaMining : An advanced solution for OSINT and social media analysis
Mohamed Khaled Khelif, AIRBUSWednesday, 14 March 2018
8:30-9:30 Data Fusion and Analytics for National Security and Intelligence
Presented by Yaana Technologies10:30-11:30 Voice Analytics
Patrick Pray, Pegasus12:00-13:00 VASTech Mass Monitoring Analytics: Who was where and when ; if you touch the network, you leave footprints.
A demonstration through use cases of the new powerful intelligence analytical capabilities and toolset from VASTech that identify, track and expose local and foreign targets on mobile networks.
Presented by VASTech
Track 5: Mobile Signal Intercept and Electronic Surveillance Training and Product Demonstration
This track is for Law Enforcement, Interior Security and the Government Intelligence Community who must work with cellular and mobile satellite operators regarding mobile location, electronic surveillance and RF intercept.
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.Monday, 12 March 2018
11:30-12:30 A, B & CX, Y & Z of Location for National Security
Polaris Wireless brings you the latest on cutting edge location technologies. Explore the best practices and advanced technologies available today to pinpoint location (X,Y coordinates) and elevation (Z) of any mobile device, anywhere in the country, in real-time. Discover how this high-accuracy location information for mobile devices can strengthen your national security initiatives.
Presented by Polaris Wireless13:30-14:30 Command and Control Center for covert field operations using Audio, Video and GPS feeds
Presented by IPS14:45-15:45 Al-Sensor Integration and Mobile Location Finding Technologies
Presented by Darkblue Technologies16:00-16:50 Satellite Signal Analysis - Expanding Traditional Approaches
Presented by MathesisTuesday, 13 March 2018
9:00-10:00 Session A IP enabled Covert Surveillance
Tobias Jensen, Domo Tactical Communications9:00-10:00 Session B Drone Threat Mitigation
Edgardo Gonzales, Expert Team
Frankie Chan, Expert Team11:30-12:30 Session A IMSI Catcher, 2G/3G/4G Interception, New Challenges and Solutions
Presented by NeoSoft AG11:30-12:00 Session B Tactical tools against encrypted protocols
Presented by Advanced Systems14:00-15:00 Session B Challenges in Tactical IP Network Monitoring
Presented by EXFO Homeland Security
15:30-16:30 Session A Web-I-Qs DarkCloud darknet datasets, together withmh-SERVICE’s Forensic Cube enables extensive targeted Dark Net web-crawling, searches, insights and alerts.
The DarkCloud darknet dataset is now available to law enforcement, local government and corporate clients, enabling them to perform their own searches in millions of pages from the Tor hidden services, and use it to learn, prevent, detect and investigate.
Annemarie Brockmöller from Web-I-Q/mh-SERVICE15:30-16:30 Session B Cellular Intelligence in Action-Real use cases solved by combining mobile location and traffic data from cellular networks
Sven Amalendu Parasnis, Mobilaris16:45-17:45 A, B & CX, Y & Z of Location for National Security
Polaris Wireless brings you the latest on cutting edge location technologies. Explore the best practices and advanced technologies available today to pinpoint location (X,Y coordinates) and elevation (Z) of any mobile device, anywhere in the country, in real-time. Discover how this high-accuracy location information for mobile devices can strengthen your national security initiatives.
Presented by Polaris WirelessWednesday, 14 March 2018
8:30-9:30
Session BFrom office to the field your Investigation is reaching a new level of expertise with Real Time Location Data
Presented by Deveryware
Track 6: Investigating DarkNets and Associated Bitcoin Transactions
This track is for law enforcement and private enterprise investigators who have to monitor and investigate the DarkNet along with Bitcoin transactions associated with criminal activities
Track 6 open to all government and commercial cyber crime investigators.
Monday, 12 March 2018
9:00-10:00 Cryptocurrency 101: Introduction to What Technical Investigators Need to Know about Bitcoin and Altcoin Transactions, Dark Web Commerce and Blockchain AnalysisThis 101 training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically, this introduction to Bitcoin for technical investigators addresses: • Bitcoin Basics for Technical InvestigatorsPresented by: Dr. Matthew Lucas, Vice President, TeleStrategies
• Understanding Bitcoin Infrastructure, Blockchain and Bitcoin Mining
• How Criminals and Terrorists Use TOR and Dark Web
• Bitcoin Cryptography Demystified (For Non-Math Majors)
• Popular Altrcoins used by Criminals and the New Challenges Facing Law Enforcement10:15-11:15 How to use investigative blockchain analytics and get comprehensive data for bitcoin transactions
**LEA and Government Attendees Only**
Willem-Jan Bruin, Director Western Europe - Enterprise-Grade Blockchain Solutions, Bitfury11:30-12:30 Dark Markets and Bitcoin Laundering
This session will focus on the illicit use of Bitcoin, ranging from dark market vendors and shops, to the popular methods used for laundering Bitcoin. By the end of the session you will have an understand of the wide range of illicit uses for Bitcoin, different methods in which funds can be laundered, in what geographic regions this laundering occurs in, and the popularity of different methods of laundering.· Illicit uses of Bitcoin
· Flows of illicit funds
· Methods of Bitcoin laundering
· Popularity of services, and geographic location of these services
Presented by Elliptic13:30-14:30 Session A What Investigators Need to Know about Blockchain Architectures Supporting Altcoins or Cyber Currencies Other than Bitcoin (e.g. Ethereum, Monero, Litecoin, Dash, Ripplo, etc.).
Roberto Capodieci, Blockchain Zoo14:45-15:45 Session B Investigation Techniques for Unmasking TOR Hidden Services and Other Dark Web Operations
Presented by: Dr. Matthew Lucas, Vice President, TeleStrategies14:45-15:45 Session A What Investigators Need to Know about Blockchain 2.0 & 3.0 Application Developments and How Criminals Will Likely Exploit Unexpected Weaknesses as well as Support New Criminal Activities.
Roberto Capodieci, Blockchain Zoo16:00-17:00 Session A What Financial Crime Investigators need to Know about Blockchain Investigation Techniques.
Roberto Capodieci, Blockchain ZooTuesday, 13 March 2018
9:00-10:00 Bitcoin in Practice
This is an introductory session to the practical uses of Bitcoin. By the end of this session you should be comfortable with using and interpreting block explorers, methods of purchasing and storing bitcoin, and the basic structure of Bitcoin transactions. This will include a demonstration of Elliptics’ Bitcoin analytics software.· The blockchain - how to access and interpret it
· Using a block explorer· How Bitcoin is used in practice: buying and selling, sending and receiving
· Bitcoin addresses and transactions
Presented by Elliptic11:30-12:30 Advanced Bitcoin Concepts and an Introduction to Bitcoin Investigations Assuming an understanding of basic Bitcoin concepts, such as addresses and transactions, this session will cover more advanced topics, such as mixing and address clustering. By the end of this session you should have an understanding of why these concepts are useful, their impact on tracing payments, and how they work in practice. We will also look at the basics of Bitcoin investigations; how to identify evidence, types of investigations, and contacting exchanges to identify Bitcoin users.
· Address clusters
· Mixers
· An introduction to Bitcoin analytics software
· Identifying Bitcoin evidence
· Types of Bitcoin investigations
· Identifying wallet holders
· Case study: ransomware
Presented by Elliptic14:00-17:45 Special Half Day DarkNet Seminar
by Andrew Lewman, Vice President, DarkOWL and Former Exectuve Director, The TOR Project14:00-15:00
Indexing the dark net – how do you catalog and search something that is not meant to be easily scrubbed? What’s possible?
Presented by:
Andrew Lewman, Vice President, DarkOWL15:30-16:30
Case studies / examples in dark net investigations – de-anonymizing examples / approaches / best practices / lessons learned.
Presented by:
Andrew Lewman, Vice President, DarkOWL16:45-17:45
Future directions - what’s next in dark net infrastructure, dark markets and investigation implications
Presented by:
Andrew Lewman, Vice President, DarkOWLWednesday, 14 March 2018
10:30-11:30 Session A Case Studies and Emerging Threats In the Criminal Use of Virtual Currencies
**(Only Open to Government and Law Enforcement Attendees)**The dark web economy is booming, thanks largely to the emergence of virtual currencies that enable quick, pseudonymous transfer of value across borders. In this session, we will explore a number of case studies showing how Bitcoin is being used to facilitate criminal activity and how blockchain analysis techniques have been used to counter this. We will also explore the new generation of cryptocurrencies, such as Monero and Zcash, which promise much higher levels of anonymity, and which are already gaining traction on the dark web.
Luke Wilson, Vice President of Business Development-Investigations, Elliptic
Track 7: Financial Crime: Prevention, Detection and Investigation
This track is for law enforcement and private enterprise investigators who are responsible for money laundering, fraud prevention, detection and investigaiton and other cyber crime activities.
Track 7 open to all government and private enterprise financial crime investigators.Monday, 12 March 2018
9:00-16:00 Concerns and Considerations in Financial Crime Investigations
Presented by: Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC and retired 27 year US Federal Law Enforcement Officer09:00-10:00
Criminal Essentials: The Needs of a Successful Illicit Network10:15-11:15
Illicit Schemes: Money Laundering and Terror Finance: Similarities and Differences11:30-12:30
Trade Based Money Laundering Techniques: Red Flags for Investigators13:45-14:45
World Finance Basics 1: How Investigators Can "Follow the Money": FedWIRE, Clearing Houses, and SWIFT15:00-16:00
World Finance Basics 2: Hawala, Red SIMS, and Alternate Remittance Systems16:15-17:15
Financial Investigation Case Planning: Application of Critical Thinking to your Case11:30-12:30 Dark Markets and Bitcoin Laundering
This session will focus on the illicit use of Bitcoin, ranging from dark market vendors and shops, to the popular methods used for laundering Bitcoin. By the end of the session you will have an understand of the wide range of illicit uses for Bitcoin, different methods in which funds can be laundered, in what geographic regions this laundering occurs in, and the popularity of different methods of laundering.· Illicit uses of Bitcoin
· Flows of illicit funds
· Methods of Bitcoin laundering
· Popularity of services, and geographic location of these services
Presented by EllipticTuesday, 13 March 2018
9:00-10:00 Session B Bitcoin in Practice
This is an introductory session to the practical uses of Bitcoin. By the end of this session you should be comfortable with using and interpreting block explorers, methods of purchasing and storing bitcoin, and the basic structure of Bitcoin transactions. This will include a demonstration of Elliptics’ Bitcoin analytics software.· The blockchain - how to access and interpret it
· Using a block explorer· How Bitcoin is used in practice: buying and selling, sending and receiving
· Bitcoin addresses and transactions
Presented by Elliptic11:30-12:30 Session B Advanced Bitcoin Concepts and an Introduction to Bitcoin Investigations Assuming an understanding of basic Bitcoin concepts, such as addresses and transactions, this session will cover more advanced topics, such as mixing and address clustering. By the end of this session you should have an understanding of why these concepts are useful, their impact on tracing payments, and how they work in practice. We will also look at the basics of Bitcoin investigations; how to identify evidence, types of investigations, and contacting exchanges to identify Bitcoin users.
· Address clusters
· Mixers
· An introduction to Bitcoin analytics software
· Identifying Bitcoin evidence
· Types of Bitcoin investigations
· Identifying wallet holders
· Case study: ransomware
Presented by Elliptic14:00-17:45 Special Half Day DarkNet Seminar
by Andrew Lewman, Vice President, DarkOWL and Former Exectuve Director, The TOR Project14:00-15:00
Indexing the dark net – how do you catalog and search something that is not meant to be easily scrubbed? What’s possible?
Presented by:
Andrew Lewman, Vice President, DarkOWL15:30-16:30
Case studies / examples in dark net investigations – de-anonymizing examples / approaches / best practices / lessons learned.
Presented by:
Andrew Lewman, Vice President, DarkOWL16:45-17:45
Future directions - what’s next in dark net infrastructure, dark markets and investigation implications
Presented by:
Andrew Lewman, Vice President, DarkOWL
Wednesday, 14 March 2018
8:30-9:30 Practitioners Guide to Understanding Cyber Attacks on Banks - Exploring Vulnerabilities from The Perspective Of The Hacker
This one hour session will explore the viewpoints of both the banks perception of vulnerabilities, and that of the attacker. A follow-up session at 10:30 will address Practitioners Guide to Defending Banks Against Cyber Attacks.
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police10:30-11:30 Session A Practitioners Guide to Defending Banks Against Cyber Attacks – Identifying And Protecting Vulnerabilities To Frustrate The Thief, and Integrity Proof The Systems
This one hour session will explore the protection of weak points and future proofing banks against cyber attacks.
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police10:30-11:30 Session B Case Studies and Emerging Threats In the Criminal Use of Virtual Currencies
**(Only Open to Government and Law Enforcement Attendees)**The dark web economy is booming, thanks largely to the emergence of virtual currencies that enable quick, pseudonymous transfer of value across borders. In this session, we will explore a number of case studies showing how Bitcoin is being used to facilitate criminal activity and how blockchain analysis techniques have been used to counter this. We will also explore the new generation of cryptocurrencies, such as Monero and Zcash, which promise much higher levels of anonymity, and which are already gaining traction on the dark web.
Luke Wilson, Vice President of Business Development-Investigations, Elliptic
Training Seminars Led by Law Enforcement Officers and Ph.D Scientists
23 classroom training hours, presented by Law Enforcement Officers and Ph.D. ScientistsMonday, 12 March 2018
Seminar #1
9:00-17:00
Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
The aim of this 1 day seminar is to take the attendees from the basics of understanding the Internet, how to find data, through to a full understanding of best practice of an Internet investigator, having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.
9:00-10:00
The Internet, and how suspects leave a digital footprint
How it works. Why it works. How data traffic leaves a trace ; What the internet is; what is an IP and how is it significant to trace a person. IPv4 and IPv6 – understanding the changes- the benefits and pitfalls for the investigator. The internet has millions of copies of data on it - why, and where can we find this. Tracking and evaluating data
10:15-11:15
Recognizing Traffic Data and digital profiling
What data is available. How to harvest and analyze it. Best practice to identify suspects and build profiles. Good practice, virtual data 'housekeeping' and tradecraft .Data collection and interrogation, significance and value. IP usage, exploitation and dynamics; IP plotting and analysis how to look for suspect mistakes and exploit them ( where they show their id). Dynamic approaches to identifying suspects through internet profiles. What investigators get from tech and service providers, and how to analyse it. Investigator capabilities and opportunities.
11:30-12:30
WIFI, geolocation, and Mobile Data traces
A detectives look at Wi-Fi, attribution, cell site data, GPRS location services and technology. How an investigator can track devices, attribute suspects locations, devices and movement. Unique communication identifiers . Dynamic live time tracing. Geo location services and uses. Online Surveillance and tracking movement and speed.
13:30-14:30
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxies
How suspects are using emerging and new technologies.
An introduction to where technology is going, and how Law enforcement can use this to our advantages. dynamic and pro-active problem solving. Darknet, (Deep web) , TOR and IRC use. VOIP, Skype and FaceTime exploits. Advanced data sniffing and profile building. TOR systems, applications and ways to coax offenders out of the system.
14:45-15:45
Advanced Techniques in Tracing Suspects and lateral problem solving
Using innovative and dynamic methods to trace offenders. Tricks used by suspects and how to combat them- Play them at their own game?. Covert internet investigations. Proxy servers and hiding. Managing collateral intrusion. Reverse and social engineering. Thinking outside the box. Lateral thinking. Possible missed opportunities. Profile building and manhunts through device footprints, speed and movement.
16:00-17:00
Open source tools, resources and techniques
"Just google it" doesn't work anymore. A look at good tradecraft, practice and methodology in profiling, tracking and tracing digital footprints and shadows on the internet, by means of best available tools. A look at a selection of 200+ tools available on Mark's open source law enforcement tools website, that search engines can’t see, with login and password provided during the session. Do's and do nots. Best tools for best results. When was the last time you 'googled' something in an investigation, and it returned 5 results, all specifically relating to your suspect? This session will teach you how.Seminar #2
09:00-17:00
Concerns and Considerations in Financial Crime Investigations
Presented by: Michael Loughnane, CAMS, CFE, Loughnane Associates, LLC and retired 27 year US Federal Law Enforcement Officer
09:00-10:00
Criminal Essentials: The Needs of a Successful Illicit Network10:15-11:15
Illicit Schemes: Money Laundering and Terror Finance: Similarities and Differences11:30-12:30
Trade Based Money Laundering Techniques: Red Flags for Investigators13:45-14:45
World Finance Basics 1: How Investigators Can "Follow the Money": FedWIRE, Clearing Houses, and SWIFT15:00-16:00
World Finance Basics 2: Hawala, Red SIMS, and Alternate Remittance Systems16:15-17:15
Financial Investigation Case Planning: Application of Critical Thinking to your Case
Seminar #3
09:00-12:30
Understanding ISS Technologies and Products Deployed in Telecommunications Networks for Lawful Interception and Mass Surveillance
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This half-day seminar covers how criminals and terrorists communicate over today's public telecommunications wireline and wireless networks, over the top Internet services and social networks. This seminar is ideal for law enforcement, interior security, public safety and others who need to understand the ISS technologies and products used to lawfully intercept electronic communications and conduct mass network surveillance as discussed at ISS World Conference sessions and by exhibitors.
9:00-10:00
Introduction to Wireline and IP Infrastructure and Related ISS Products for Lawful Interception and Mass Surveillance
• Wireline Interception Points
• PSTN Interception: Content, CDRs and MetaData
• Lawful Interception: Telecom to Monitoring Center
• Mass Metadata Surveillance and SS7
• IP Network Basics: Why IP Layers needs to be understood
• Internet Access: Landline, Mobile, WiFi and others
• Deep Packet Inspection (DPI) and Intelligent Probes
• Optical Network Probe Intercept
10:15 - 11:15
Understanding Mobile Wireless Infrastructure, and Related ISS Products for Lawful Interception and Mass Surveillance
• Wireless Providers with Intercept Mandates and those with none
• Why Understand 2G, 3G, 4G and 4.5G Architecture need to be understood for Interception
• Wireless phone ID's and SIM cards
• Wireless Call Detail Record (CDR) Mining
• Wireless Data Services Option and Smartphone
• Cellular Roaming and Target Tracking with SS7
• Tracking and Location with IMSI Scanners and CDR Feeds
• Other Wireless Intercept: Satellite, Wi-Fi, WiMax and more
• No. 1 Future Wireless Intercept Challenge: True 4G and 5G
• ISS Products for Wireless Tracking Intercept and Mass Surveillance
11:30-12:30
Understanding Internet Infrastructure and Related ISS Products for Mass Intelligence Gathering and Surveillance
• Understanding IP Layering Architecture for Lawful Interception
• IP Addressing, IPv4 vs. IPv6, Address Reuse and DNSs
• Internet Infrastructure Supporting Email, Chat, IM, Skype and Blogging
• Internet Searching, How Google searches, Wikis and Search tools Law Enforcement Need to Understand
• Why Law Enforcement Needs to Know About how Crypto systems work, Public Key Cryptography, Certificate Authorities and Man In The Middle Attacks
• Basic Surveillance Techniques: Packet Sniffers, Web Bugs, Spyware, Phishing, Carnivore, Key Logging and MoreSeminar #4
9:00-10:00
Cryptocurrency 101: Introduction to What Technical Investigators Need to Know about Bitcoin and Altcoin Transactions, Dark Web Commerce and Blockchain Analysis
Presented by: Dr. Matthew Lucas, Vice President, TeleStrategies
This 101 training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically, this introduction to Bitcoin for technical investigators addresses:
• Bitcoin Basics for Technical Investigators
• Understanding Bitcoin Infrastructure, Blockchain and Bitcoin Mining
• How Criminals and Terrorists Use TOR and Dark Web
• Bitcoin Cryptography Demystified (For Non-Math Majors)
• Popular Altrcoins used by Criminals and the New Challenges Facing Law EnforcementSeminar #5
14:45-15:45
Investigation Techniques for Unmasking TOR Hidden Services and Other Dark Web Operations
Presented by: Matthew Lucas, (Ph.D Computer Science), VP, TeleStrategies
TOR networks are notoriously effective at hiding the online identity of criminals, terrorists and others who are up to no good. The other side that receives less attention are TOR hidden services. These are services that leverage TOR's anonymizing capabilities to mask the identity of criminally-hosted online services - forming the basis of just about all illegal gambling sites, drug markets, child exploitation material, firearm sales, terrorism propaganda, and more.
• How TOR hides IP addresses/identity/location
• TOR hosting, What is .ONION and content analysisSeminar # 6
16:00-17:00Defeating Network Encryption: What Law Enforcement and The Intelligence Community Needs to Understand
Presented by: Dr. Matthew Lucas (Ph.D Computer Science), Vice President, TeleStrategies
The starting point to defeating encryption is to separate techniques addressing stored encrypted data such as with the Apple iPhone issue. The other challenge is defeating encrypted data in transit (e.g. Telegram, Whatsapp, etc.) or Network Encryption. This webinar is about defeating the later.
When it comes to defeating network encryption the technical community separates into two camps. Those who want to impede law enforcement and the government intelligence community from defeating network encryption: IETF, Silicon Valley and hundreds of third party encryption services. And your camp, those who want to investigate criminals and terrorist group who depend on network
encryption.
Wednesday, 14 March 2018
Seminar #7
8:30-9:30
Practitioners Guide to Understanding Cyber Attacks on Banks - Exploring Vulnerabilities from The Perspective Of The Hacker
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
This one hour session will explore the viewpoints of both the banks perception of vulnerabilities, and that of the attacker. A follow-up session at 10:30 will address Practitioners Guide to Defending Banks Against Cyber Attacks.
- What is the current typical attack
- Vulnerabilities leak points, and weak points
- Hacking the Bank by traditional social engineering
- Man in the middle/mobile (MITM)
- Man in the Browser (MITB) attacks
- DDOS, Zeus, Zbot, and other exploits
- BHO poisoning (browser helper objects)
- DNS poisoning
- Pineapple and Rasberry Pi devices
- Clickjacking
- Formgrabbers
- Cloning and contactless card vulnerabilities
- PCI-DSS attacks and vulnerabilities
- The hackers point of viewSeminar #8
10:30-11:30
Practitioners Guide to Defending Banks Against Cyber Attacks – Identifying And Protecting Vulnerabilities To Frustrate The Thief, and Integrity Proof The Systems
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
This one hour session will explore the protection of weak points and future proofing banks against cyber attacks.
-PCI-DSS security and tightening
-WiFi encryption to avoid MITM
-Pen testing
-Dynamic virus signatures and monitoring
-End user verification and login
-Customer vulnerabilities and verification
-Quantum Dawn and Waking Shark II (wargaming) benefits
-Future proofing and horizon scanning
-Playing the hacker at his own game.
Seminar #9
12:00-13:00
Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
Seminar #10
12:00-13:00Understanding Defeating Encryption with Quantum Computing for Non-Engineers
Presented by: Jerry Lucas, (Ph.D, Physics) President, TeleStrategies
Countless news articles have been written about quantum computers, the magic of entangled qubits and all the new business opportunities that will be created with these general-purpose computing machines. But what is not addressed in these articles is you don’t need a general purpose quantum computer to defeat today’s cryptography. While these general-purpose machines are likely a decade away from deployment, an application specific quantum circuit designed for one purpose only, e.g. defeating today’s public key encryption may be but a few years away.
This webinar is for cyber security executives and specialists who have the responsibility of assessing the lead time they have before deploying quantum safe cryptography solutions but don't have a technical background. If you believe nation state security agencies are developing quantum computers to decrypt your past and future intercepted transmission sessions, this high level webinar should be a must attend briefing.
"Keep it simple but not that simple"
- Albert EinsteinMeantime in order to make this lead time assessment for quantum safe cryptography deployment you need to track performance metrics of key components of quantum computing technology. And to do this you need to understand how a quantum computing circuit works when designed for the sole purpose of defeating public key encryption only.
This "30,000 foot view" Webinar (10 sessions, 5 minutes each) Addresses:
- What potentially makes quantum computers more powerful than today's electronic computers: qubit superpositioning, entanglement & interference (light on quantum mechanics)
- A one-to-one functional comparison of a general-purpose computer with an application specific quantum circuit designed to do but one thing, defeat today's public key encryption (light on computer technology)
- Qubit gates and circuits explained (light on mathematics)
- The encryption busting, Shor’s Factoring Algorithm explained (again, light on mathematics)
- A Step-by-Step walk through of what goes on within a quantum circuit designed to process a small public encryption key as numerical input, probablistic measurements along the way through the delivery of numerical private key as output thereby defeating encryption (light on physics and mathematics as well)
- Quantum computer challenges with decrypting large public keys (e.g. RSA 2048 class) and the performance metrics (number of entangled qubits, logic gates, longevity, etc.) cyber security specialists need to be monitoring.
- Leading quantum computer hardware options supported by IBM, Microsoft & Google vs. defeating encryption only, application specific quantum circuit architectures.
- Why annealing quantum computers boasting of having thousands of qubits are not today able to successfully run Shor Type (e.g. defeating encryption) algorithms.
- Quantum Safe Cryptography Options (QSA & QKD) and deployment readiness challenges.
- Webinar Audience Questions and/or Comments