ISS World Middle East is the world's largest gathering of Regional Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech Electronic Investigations and Cyber Intelligence Gathering.
ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety and Government Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network and the Internet.
Track 1: Lawful Interception and Criminal Investigation Training
Track 2: Cyber Threat Detection and Security Training
Track 3: Bitcoin, Blockchain, TOR and Dark Web Investigation Training
Track 4: Encrypted Traffic Monitoring and IT Intrusion Product Training
Track 5: LEA, Defense and Intelligence Analyst Product Demonstrations
Track 6: Social Network Monitoring and Big Data Analytics Product Demonstrations
Track 7: Mobile Signal Intercept and Electronic Surveillance Product DemonstrationsPlus Special Intel and LEA Training Sessions (13 March 2017)
ISS World Agenda From 2016 ISS World Middle East Program
ISS World Middle East 2017
Agenda and Registration Link
Available December 13, 2016
ISS World MEA Exhibits Schedule
Tuesday, 15 March 2016
10:00-17:00Wednesday, 16 March 2016
10:00-12:30
Special Intel and LEA Training Sessions (Monday, 14 March 2016)
Seminar #1
9:00-17:15Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
The aim of this 1 day seminar is to take the attendees from the basics of understanding the internet, how to find data, through to a full understanding of best practice of an internet investigator, having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.09:00-10:00
The Internet, and how suspects leave a digital footprint10:15-11:15
Recognizing Traffic Data and digital profiling11:30-12:30
WIFI, geolocation, and Mobile Data traces13:45-14:45
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxies15:00-16:00
Advanced Techniques in Tracing Suspects, and lateral problem solving
16:15- 17:15
Open source tools, resources and techniques
Seminar #2
9:00-12:30
Understanding ISS Technologies and Products Deployed in Telecommunications Networks for Lawful Interception and Mass Surveillance
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This half-day seminar covers how criminals and terrorists communicate over today’s public telecommunications wireline and wireless networks, over the top Internet services and social networks. This seminar is ideal for law enforcement, interior security, public safety and others who need to understand the ISS technologies and products used to lawfully intercept electronic communications and conduct mass network surveillance as discussed at ISS World Conference sessions and by exhibitors.
9:00-10:00
Introduction to Wireline Infrastructure and Related ISS Products for Lawful Interception and Mass Surveillance10:15-11:15
Understanding Mobile Wireless Infrastructure, and Related ISS Products for Lawful Interception and Mass Surveillance11:30-12:30
Understanding the Internet Over-the-Top (OTT) Services and Related ISS Products for Mass Intelligence Gathering and Surveillance
Seminar #3
13:45-14:45Bitcoin 101: Introduction to What Technical Investigators Need to Know about Bitcoin Transactions, Dark Web Commerce and Blockchain Analysis
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This 101 training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically this introduction to Bitcoin for technical investigators addresses:
- Bitcoin Basics for Technical Investigators
- Understanding Bitcoin Infrastructure, Blockchain and Bitcoin Mining
- How Criminals and Terrorists Use TOR and Dark Web
- Bitcoin Cryptography Demystified (For Non-Math Majors)
- Bitcoin 2.0 and the New Challenges Facing Law Enforcement
Seminar #4
15:00-16:00Understanding and Defeating Encryption, TOR and Dark Web Commerce
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This session covers how TOR is used to hide IP location of senders, HTTP log of files used and encrypt communications, TOR Hidden Services (Dark Web) and how to find Hidden Services and techniques for defeating TOR and encrypted services as used by criminals and terrorists.
- What's encryption, Where in the IP layer stack (2, 3, 4 and Applications) do you find encryption. Anonymity Services: Proxy Servers, VPNs and TOR
- How TOR hides IP addresses/identity/location
- TOR hosting, What is .ONION and content analysis
- "De-anonymizing" TOR: Investigation approaches, limitations and case studies
- Defeating Encryption Options: Brute force key cracking (?), force weak encryption, Man in the Middle (MITM) attacks and of course IT Intrusion Systems
Tuesday, 15 March 2016
Seminar #5
14:00-17:45Transitioning from Bitcoin to Next Generation Blockchain 2.0: What Technical Investigators Need to Know
Presented by: Roberto Capodieci, CEO, Capodieci.com
14:00-15:00
The difference between the Bitcoin Blockchain and Blockchain 2.0 – Conceptual and technical explanation
15:30-16:30
Overview of a crypto platform 2.0, live access and examples on how organized crime can use Blockchain 2.0
16:45-17:45
Covering tracks and keeping anonymity in Blockchain 2.0, Internet of things and Blockchain 3.0 overview
Wednesday, 16 March 2016
Seminar #6
8:30-13:00
Investigating Criminal Activities and Fraud Involving Bitcoin Blockchain and Blockchain 2.0: What Technical Investigators Need to Know
Presented by: Roberto Capodieci, CEO, Capodieci.com
8:30-9:30
Tips and tricks for LEAs when dealing with Blockchain 2.0 investigations – How to collect collateral data10:30-11:30
12:00-13:00
What to look for during searches in cases that involve the use of blockchain 2.0 and 3.0 – Difference between permanent data and data that change ownership (such as coins)
Confiscating values (currencies, assets, tokens, etc.): best practices by a technical point of view(Full Detailed Pre-Conference Seminar Agenda Appears After Track 7)
Tuesday, 15 March 2016
Welcoming Remarks
8:15-8:30 Tatiana Lucas, ISS World Program Director, TeleStrategies Keynote
8:30-9:00 Top Ten Internet Challenges Facing Law Enforcement and the Intelligence Community and Who at ISS World Middle East has Solutions
Dr. Jerry Lucas, President, TeleStrategies
Track 1: Lawful Interception and Criminal Investigation Training
This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.
Monday, 14 March 2016
10:15-11:15 Voice Biometrics Solutions for Security & Intelligence
Presented by Agnitio15:00-16:00 Voice Biometry and Speech Analytics for Intelligence, LEA and Police Forces
Radim Kudla, Head of BD, PhonexiaTuesday, 15 March 2016
9:00-10:00 Current and Future Standardization Challenges: Encryption, Network Function Virtualization, Cloud Computing and More
Alex Leadbeater, Chairman, SA3 LI and EU Data Retention Compliance Manager, BT11:30-12:00 Content Filtering - A technical answer to data growth
Rudolf Winschuh, Utimaco TS GmbH12:00-12:30 How to secure the connection with your confidential network with the Fox-It Data Diode
Presented by GSN14:00-14:30 Effectively Implementing the New UK Investigative Powers Requirements
Rick Robino, Yaana Technologies14:30-15:00 Protecting sensitive LIMS information on external hardware security models (HSM)
Sven Jonas, Utimaco TS GmbH15:30-16:00 100GE network traffic interception
Petr Kastovsky, CTO, Netcope Technologies16:00-16:30 Tools for Monitoring mixed type traffic on the Interfaces STM1/STM4, Ethernet 1G/10G/40G/100G
Mikhail Reznikov, NORSI-TRANSWednesday, 16 March 2016
10:30-11:00 Deep Packet Inspection in Clouds and NFV
Rick Robino,Yaana Technologies
Track 2: Cyber Threat Detection and Security Training
This track is for Intelligence Analysts and Law Enforcement agents who have to "connect the dots" between people, places and other entities by searching through massive amounts of unstructured data from various sources using visual analytics, semantic technologies, data mining, OSINT and other intelligence gathering tools and techniques.
Monday, 14 March 2016
10:15-10:45 Graphical means of OSINT data representation
Presented by Analytical Business Solutions11:30-12:30 Threat Detection from Automated OSINT Collection and Analysis
Presented by TasHeel
(Open to Law Enforcement and Intelligence Analyst Attendees Only)13:45-14:45 Managing Workforce Safety and Physical Security in a Complex Environment
Presented by Chenega Corporation15:00-16:00 Cyber Security, Tackling the Insider Threat
Sebastian Madden, Cyber and Technology Director, Protection Group InternationalTuesday, 15 March 2016
9:00-9:30 The 10 Commandments of Cyber Counter Intelligence
Limited stealth operations allow organisations and entities to significantly enhance their risk posture and situational awareness by enriching security data with data derived directly from the sources of risk. By embedding highly specialized teams of specially trained cyber-counterintelligence forces embedded deeply within the hackers trust zone, organizations can measurably achieve proactive gains in their security posture. How do we do this and the 10 Guiding Principles of Cyber Counter Intelligence will be discussed.
Stephen Brennan, Senior Vice President, Cyber Network Defence, DarkMatter
(Open to Law Enforcement and Intelligence Analyst Attendees Only)9:30-10:00 Can Cyber Security regulations help the authorities?
In this session, SVP of Cyber regulations at DarkMatter will cover the latest trends that authorities need to know and how / if the cyber regulations and laws can help. The key areas covered are:- role of authorities in the new era of Smart cities
Harshul Joshi, Senior Vice-President, Cyber Governance, Risk & Compliance, DarkMatter
- do we really understand the impact of a breach and are we prepared to respond?
- how the global world is tackling some of these issues
(Open to Law Enforcement and Intelligence Analyst Attendees Only)11:30-12:00 Securing the Mobile, Embedded and Cyber Physical Systems
Mobile and embedded systems are ubiquitously used to capture, communicate, store, and process confidential data at the level of Governments, Large Corporates, Businesses and personal needs and / or perform safety-critical functions.
As these systems feature significant complexity and ability to connect to public mobile networks and others, download any application and communicate to any user, security becomes a serious concern in their design, includingSecure Communications, Secure Network Access,
Secure Storage and Data at Rest Security, Identification and User Authentication, Security of Software Stack Entirety and hardware peripherals, as well as System Availability.
This session will address the challenges paused by embedded systems (including the mobile) vis-a-vis security, by considering various hardware and software co-design methodologies and architectures for securing a system across its software stack entirety and at the hardware level, optimizing and accelerating trusted computing functionalities, and cryptographic utilities on such systems.
The session will also address practical attacks against secure implementations and required countermeasures that are typically not covered by theoretical security proofs and models.
Dr. Najwa Aaraj, Vice-President, Special Projects, DarkMatter
(Open to Law Enforcement and Intelligence Analyst Attendees Only)
12:00-12:30 Through the looking glass: can I trust you or not?
As more and more interactions between entities take place in a virtual environment, how can we trust that we are dealing only with who we expected to be, and how many others are eavesdropping on the channel? This session will cover the common components of trust infrastructures and how each element contributes to determining if trust is achieved or not. Using Public Key Infrastructures as an example, we will show how the absence or deficiency of trust framework components can lead to the demise of, or non-establishment of overall trust. Some of the concepts covered include:
- Trust cannot be established by technology alone
- Identity assurance is a critical factor in any trust infrastructure
- Public Key Infrastructures as a good model for trust establishment
- Not all PKIs are created (or operated) equal
Scott Rea, Senior Vice-President, Public Key Infrastructure, DarkMatter
(Open to Law Enforcement and Intelligence Analyst Attendees Only)14:00-14:30 Session A Handling Multilingual Big Data with Automated Translation
Presented by SDL14:30-15:00 Session A Multiple data sources and integrated mining. DeepInsight “Thread” Solution
Presented by Nanjing Sinovatio Technology14:00-15:00 Session B Digital Forensic Investigations with Nuix
Muhannad Al Jabi, Gulf Cyber15:30-16:30 Communications Insight: Identify Leaks, Threats, and Cyber Attacks More Quickly, Easily, and Cost-Effectively
Presented by SS8Wednesday, 16 March 2016
10:30-11:00 Actionable Intelligence with SDL Government Language Platform (SDL GLP)
Presented by SDL
Track 3: Bitcoin, Blockchain, TOR and Dark Web Investigation Training
This track is for Criminal Investigators, Interior Security and Private Enterprise Investigators who have to understand Bitcoin, Blockchain, TOR and Dark Web Transactions
Monday, 14 March 2016
13:45-14:45 Bitcoin 101: Introduction to What Technical Investigators Need to Know about Bitcoin Transactions, Dark Web Commerce and Blockchain Analysis
Dr. Jerry Lucas, President, TeleStrategies15:00-16:00 Understanding and Defeating Encryption, TOR and Dark Web Commerce
Dr. Jerry Lucas, President, TeleStrategiesTuesday, 15 March 2016
14:00-17:45 Transitioning from Bitcoin to Next Generation Blockchain 2.0: What Technical Investigators Need to Know
14:00-15:00
The difference between the Bitcoin Blockchain and Blockchain 2.0 – Conceptual and technical explanation
15:30-16:30
Overview of a crypto platform 2.0, live access and examples on how organized crime can use Blockchain 2.0
16:45-17:45
Covering tracks and keeping anonymity in Blockchain 2.0, Internet of things and Blockchain 3.0 overviewRoberto Capodieci, CEO, Capodieci.com
Wednesday, 16 March 2016
8:30-13:00 Investigating Criminal Activities and Fraud Involving Bitcoin Blockchain and Blockchain 2.0: What Technical Investigators Need to Know
8:30-9:30
Tips and tricks for LEAs when dealing with Blockchain 2.0 investigations – How to collect collateral data
10:30-11:30
What to look for during searches in cases that involve the use of blockchain 2.0 and 3.0 – Difference between permanent data and data that change ownership (such as coins)
12:00-13:00
Confiscating values (currencies, assets, tokens, etc.): best practices by a technical point of viewRoberto Capodieci, CEO, Capodieci.com
Track 4: Encrypted Traffic Monitoring and IT Intrusion Product Training
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees
Monday, 14 March 2016
9:00-10:00 Getting Real - OSINT and FinFisher™ in Day to Day Investigations
Presented by FinFisher11:30-12:30 FinFisher™:End to End approach to IT Investigation
Presented by FinFisher15:00-16:00 Social Media Forensics!
Presented by AGTTuesday, 15 March 2016
9:00-10:00 A World of Possibilities - Remote Exploitation of Smartphones and PCs
Presented by FinFisher11:30-12:30 Session A Part I: Encryption hides the real identities of suspects. Time to Change...
Jitendra Verma, Director, Business Development, ClearTrail Technologies
Co-Presented by: Manohar Katoch, AVP - Business Development and Sanjeev Sharma, Director- Engineering, ClearTrail Technologies
11:30-12:30 Session B Cyber Disruption: Tactical on Field Activity
Presented by RCS S.p.A.14:00-15:00 Cyber Security Most Effective Defensive Solution!
Presented by AGT15:30-16:30 Zero in On Your Target: Lawful surveillance in the digital age
Presented by Hacking Team
Track 5: LEA, Defense and Intelligence Analyst Training and Product Demonstrations
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Monday, 14 March 2016
9:00-17:15 Practitioners Guide to Internet Investigations
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceTuesday, 15 March 2016
11:30-12:00 Session A Generating new Intelligence from call data records
Presented by trovicor11:30-12:30 Session B Lawful Interception, Integrated solution for Voice, Internet and Electronic Surveillance, Data Gathering, Correlation and Analysis
Presented by IPS11:30-12:30 Session C Intelligent Insight into IP Interception
Edgardo Gonzales/Frankie Chan & Coach Chen, Expert Team12:00-12:30 Session A Identifying suspects through text analysis - An introduction to mass email monitoring
Presented by trovicor14:00-14:30 Session A The trustable platform for network forensic investigations
JL Rouinvy, Digint Solutions14:00-15:00 Session B Exploiting Digital Footprints in Today's Threat Landscape
Paul McCarthy, Lead Information Architect, ME, BAE Systems15:30-16:30 Session B IP Address Resolution in Mobile Data Networks
Ray Hutton, Pre-Sales Consultant, Telesoft Technologies16:45-17:15 VITOK-3X: Advanced Analytical Solution for Data Collection and Analysis
Evgeniy Vladimirskij, NORSI-TRANSWednesday, 16 March 2016
8:30-9:30 Session A From metadata to active intelligence
Presented by RCS S.p.A.8:30-9:30 Session B Voiceprint Recognition System tell you who is speaking
Presented by Semptian10:30-11:30 Session A Part III: Conventional approaches no more comply with real life investigation scenarios. Time to Change...
Jitendra Verma, Director, Business Development, ClearTrail Technologies
Co-Presented by: Manohar Katoch, AVP - Business Development and Sanjeev Sharma, Director- Engineering, ClearTrail Technologies10:30-11:30 Session B INVEA-TECH DR and LI Solution Demonstration
Milan Pavlíček, Netcope10:30-11:30 Session D Voice Biometrics, a detailed insight into the operational aspects of the main uses cases - Criminal ID & Intelligence
Presented by Agnitio11:00-11:30 Session C Geographical area monitoring - Using geo-fencing to monitor real time target activities in areas of interest
Presented by trovicor
Track 6: Social Network Monitoring and Big Data Analytics Training and Product Demonstrations
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees
Monday, 14 March 2016
10:15-10:45 OSINT Labs from an empty building to a cornerstone of any intelligence organization
Presented by Gamma Group11:30-12:30 Live Demonstration of SnapTrends: Real-Time Location-Based Social Media Intelligence
Presented by Snaptrends13:45-14:45 Session A Enhanced Target Profiling tool with automatic exploitation of Open Source Information
Presented by IPS13:45-14:45 Session B Capture and translate Social Media content with SDL GLP
Presented by SDL15:00-16:00 Aegis, the overall interception system based on big data
Presented by Semptian15:00-15:30 Location Analytics and Global Security
This presentation will discuss how GIS is essential to identifying threats and assessing vulnerabilities to develop mitigation and protection procedures for at risk facilities and at risk communities. At the same time, we will show how GIS is essential for creating a spatial data infrastructure and provide the analytics supporting global security mission objectives – intelligence collection/analysis, incident response, crisis management, and national security.
Carl A. Walter, National Security Industry Solutions Manager (Global), ESRI
Kevin Armstrong, Solutions Engineer, ESRITuesday, 15 March 2016
9:00-10:00 Session A The New Forensic Investigator Toolbox: from Tactical to Open Source Investigations
Luca Di Muccio, Business Development Manager, AREA
Emanuele Fontana, Senior Program & Solution Architect, AREA9:00-10:00 Session B Aurora, Interception system for mobile base on big data
Presented by Semptian9:00-9:30 Session C Location Analytics and Global Security
This presentation will discuss how GIS is essential to identifying threats and assessing vulnerabilities to develop mitigation and protection procedures for at risk facilities and at risk communities. At the same time, we will show how GIS is essential for creating a spatial data infrastructure and provide the analytics supporting global security mission objectives – intelligence collection/analysis, incident response, crisis management, and national security.
Carl A. Walter, National Security Industry Solutions Manager (Global), ESRI
Kevin Armstrong, Solutions Engineer, ESRI11:30-12:30 Session A 10 Best Practices on Social Media Monitoring
Presented by Knowlesys International Limited11:30-12:30 Session B Live Demo: How to catch your target in YouTube - Using OSINT and biometric voice recognition
Presented by ATIS systems14:00-15:00 Session B Live Demonstration of SnapTrends: Real-Time Location-Based Social Media Intelligence
Presented by Snaptrends14:30-15:00 Session A What OSINT can do especially when multilingual and multimedial
Presented by Gamma Group15:30-16:30 Session A Deepinsight Demo: Experiential Solution of Intelligence Mining
Presented by Nanjing Sinovatio Technology15:30-16:30 Session B Open Source Intelligence: How to find the needle inside the haystack?
Presented by GSN16:45-17:45 Session A Post Trojan Infiltration: The new Digital Undercover Agent.
Luca Di Muccio, Business Development Manager, AREA
Emanuele Fontana, Senior Program & Solution Architect, AREA16:45-17:45 Session B Part II: OSINT alone will never lead you to the target. Time to Change...
Jitendra Verma, Director, Business Development, ClearTrail Technologies
Co-Presented by: Manohar Katoch, AVP - Business Development and Sanjeev Sharma, Director- Engineering, ClearTrail TechnologiesWednesday, 16 March 2016
8:30-9:30 Facebook, Gmail, Skype, WhatsApp... Communication goes encrypted! Get access to encrypted content in minutes. A new approach to the IP investigation, beyond the Lawful Interception without Hacking Capabilities
Presented by IPS12:00-13:00 Session A Open Source Tools (OSINT) Used in Cybercrime Investigations
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police12:00-12:30 Session B OSINT to Identify, Prevent and Neutralize Threats monitoring the Public Sentiment
Presented by IPS
Track 7: Mobile Signal Intercept and Electronic Surveillance Training and Product Demonstration
This track is for Law Enforcement, Interior Security and the Government Intelligence Community who must work with cellular and mobile satellite operators regarding mobile location, electronic surveillance and RF intercept.
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Monday, 14 March 2016
10:45-11:15 ‘The Naked Man’ - How to build up a covert surveillance operation
Presented by Gamma Group11:30-12:30 Tactical LTE 4G, 3G Mobile Phone Identification
Presented by BTT13:45-14:45 Precisely Locate Your Target in Half the Time
Presented by Kommlabs15:30-16:00 Latest technologies for advanced Passive Interception of Wireless Traffic. <<Vitok-WiFi>> and <<Vitok-PAD>> with brand-new functions.
Nikita Yaroshevich, NORSI-TRANSTuesday, 15 March 2016
9:00-10:00 Session A NeoSoft tactical solutions for Mobile monitoring.
GSM/3G/LTE IMSI catcher basics. Public number detection. Mass Emergency notification by SMS. Target localization for LEAs and Search & Rescue operations.
Presented by NeoSoft9:00-10:00 Session C Advanced analytics to uncover targets and patterns based on mass data from a mobile communications capture system
Presented by Vastech11:30-12:30 Session A Carrier In Carrier (Double Talk ®) Satellite Interception
Presented by Advanced Systems11:30-12:30 Session B Tactical Audio Monitoring via IP
The use of the IP infrastructure as a means of monitoring has traditionally been for fixed installation use. This session will discuss the use of IP in tactical audio operations.
Rikus Viljoen, CEO, Seartech14:00-14:30 Session B Asset Tracking and Surveillance with Gamma EYE
Presented by Gamma Group14:00-15:00 Session C Crime Prevention by Combining Invisible Cell Phone Positioning and Behavioral Analysis
Amalendu Parasnis, Mobilaris14:00-15:00 Session D The Value for High Accuracy Mass Location
Olof Henricsson, Senior Vice President, Global Sales, Polaris Wireless15:30-16:30 Session A Command and Control Center for Tactical Operations with Audio, Video and GPS in a Strategic Vision
Presented by IPS15:30-16:30 Session B GSM Tactical Interception System for 3G and 4G
Presented by Advanced Systems15:30-16:30 Session C Tactical and Strategic GSM-Monitoring / Covert Acquisition of GSM-Data
Presented by Secure Information Management GmbHWednesday, 16 March 2016
8:30-9:30 Forensic Data Fusion Center: Passive, Active and Tactical in one frame.
Luca Di Muccio, Business Development Manager, AREA
Emanuele Fontana, Senior Program & Solution Architect, AREA10:30-11:30 Mobile Phone Forensic, a new way
Presented by Secure Information Management GmbH
Special Intel and LEA Training Sessions (Monday, 14 March 2016)
Seminar #1
9:00-17:15Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
The aim of this 1 day seminar is to take the attendees from the basics of understanding the internet, how to find data, through to a full understanding of best practice of an internet investigator, having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.09:00-10:00
The Internet, and how suspects leave a digital footprint10:15-11:15
Recognizing Traffic Data and digital profiling11:30-12:30
WIFI, geolocation, and Mobile Data traces13:45-14:45
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxies15:00-16:00
Advanced Techniques in Tracing Suspects, and lateral problem solving
16:15- 17:15
Open source tools, resources and techniques
Seminar #2
9:00-12:30Understanding ISS Technologies and Products Deployed in Telecommunications Networks for Lawful Interception and Mass Surveillance
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This half-day seminar covers how criminals and terrorists communicate over today’s public telecommunications wireline and wireless networks, over the top Internet services and social networks. This seminar is ideal for law enforcement, interior security, public safety and others who need to understand the ISS technologies and products used to lawfully intercept electronic communications and conduct mass network surveillance as discussed at ISS World Conference sessions and by exhibitors.
9:00-10:00
Introduction to Wireline Infrastructure and Related ISS Products for Lawful Interception and Mass Surveillance
- Wireline Interception Points
- PSTN Interception: Content, CDRs and MetaData
- Lawful Interception: Telecom to Monitoring Center
- Mass Metadata Surveillance and SS7
- IP Network Basics: Why IP Layers 1 to 7 needs to be understood
- Internet Access: Landline, Mobile, WiFi and others
- Deep Packet Inspection (DPI) and Intelligent Probes
- Optical Network Probe Intercept
- No. 1 Future Wireline Intercept Challenge: Network Function Virtualization
10:15-11:15
Understanding Mobile Wireless Infrastructure, and Related ISS Products for Lawful Interception and Mass Surveillance
- Wireless Providers with Intercept Mandates and those with none
- Why Understand 2G, 3G, 4G and 4.5G Architecture need to be understood for Interception
- Wireless phone ID's and SIM cards
- Wireless Call Detail Record (CDR) Mining
- Wireless Data Services Option and Smartphone
- Cellular Roaming and Target Tracking with SS7
- Tracking and Location with IMSI Scanners and CDR Feeds
- Other Wireless Intercept: Satellite, Wi-Fi, WiMax and more
- No. 1 Future Wireless Intercept Challenge: True 4G and 4.5G
- ISS Products for Wireless Tracking Intercept and Mass Surveillance
11:30-12:30
Understanding the Internet Over-the-Top (OTT) Services and Related ISS Products for Mass Intelligence Gathering and Surveillance
- What's meant by Over the Top (OTT)
- Understanding IP Layering for Lawful Interception
- Internt Players and NSP/ISP/IXP Intercept Infrastructure
- Social Network and Web Monitoring Techniques
- VoIP (Skype & VUPEN) Intercept
- TOR and Dark Web Intercept
- Bitcoin and Blockchain Traceback for LEAs and Intel
- No. 1 Future Internet Intercept Challenge: Neew IETF Privacy Standard Initiatives
- ISS Products for OTT Tactical and Mass Surveillance
Seminar #3
13:45-14:45Bitcoin 101: Introduction to What Technical Investigators Need to Know about Bitcoin Transactions, Dark Web Commerce and Blockchain Analysis
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This 101 training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically this introduction to Bitcoin for technical investigators addresses:
- Bitcoin Basics for Technical Investigators
- Understanding Bitcoin Infrastructure, Blockchain and Bitcoin Mining
- How Criminals and Terrorists Use TOR and Dark Web
- Bitcoin Cryptography Demystified (For Non-Math Majors)
- Bitcoin 2.0 and the New Challenges Facing Law Enforcement
Seminar #4
15:00-16:00Understanding and Defeating Encryption, TOR and Dark Web Commerce
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This session covers how TOR is used to hide IP location of senders, HTTP log of files used and encrypt communications, TOR Hidden Services (Dark Web) and how to find Hidden Services and techniques for defeating TOR and encrypted services as used by criminals and terrorists.
- What's encryption, Where in the IP layer stack (2, 3, 4 and Applications) do you find encryption. Anonymity Services: Proxy Servers, VPNs and TOR
- How TOR hides IP addresses/identity/location
- TOR hosting, What is .ONION and content analysis
- "De-anonymizing" TOR: Investigation approaches, limitations and case studies
- Defeating Encryption Options: Brute force key cracking (?), force weak encryption, Man in the Middle (MITM) attacks and of course IT Intrusion Systems
Tuesday, 15 March 2016
Seminar #5
14:00-17:45Transitioning from Bitcoin to Next Generation Blockchain 2.0: What Technical Investigators Need to Know
Presented by: Roberto Capodieci, CEO, Capodieci.com
13:45-14:45
The difference between the Bitcoin Blockchain and Blockchain 2.0 – Conceptual and technical explanation
15:00-16:00
Overview of a crypto platform 2.0, live access and examples on how organized crime can use Blockchain 2.0
16:15-17:15
Covering tracks and keeping anonymity in Blockchain 2.0, Internet of things and Blockchain 3.0 overview
Wednesday, 16 March 2016
Seminar #6
8:30-13:00
Investigating Criminal Activities and Fraud Involving Bitcoin Blockchain and Blockchain 2.0: What Technical Investigators Need to Know
Presented by: Roberto Capodieci, CEO, Capodieci.com
8:30-9:30
Tips and tricks for LEAs when dealing with Blockchain 2.0 investigations – How to collect collateral data10:30-11:30
What to look for during searches in cases that involve the use of blockchain 2.0 and 3.0 – Difference between permanent data and data that change ownership (such as coins)12:00-13:00
Confiscating values (currencies, assets, tokens, etc.): best practices by a technical point of view