Training Seminars Led by Law Enforcement Officers and Ph.D., Computer Scientists

20 classroom training hours, presented by Law Enforcement Officers and Ph.D. Scientists

Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police
(6 classroom hours)

Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
(7 classroom hours)

Jerry Lucas (Ph.D., Physics), President, TeleStrategies

(1 classroom hours)

Matthew Lucas (Ph.D., Computer Science), VP, TeleStrategies
(3 classroom hours)

Vladimir Vesely (Ph.D., Computer Science) Researcher, Brno University of Technology
(3 classroom hours)

Tuesday, 4 June 2024

Seminar #1
08:30-15:05

Online Social Media and Internet Investigations　
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police

08:30-09:15
Proxies and VPNs: Identity Concealment and Location Obfuscation

09:30-10:15
Tor, onion routers, Deepnet, and Darknet: An Investigator's Perspective

10:30-11:15
Tor, onion routers, Deepnet, and Darknet: A Deep Dive for Criminal Investigators

11:30-12:15
Cellular Handset Geolocation: Investigative Opportunities and Personal Security Risks

13:15-14:00
Ultra-Wideband Geolocation and Cyber OSINT

14:15-15:00
Collecting Evidence from Online Social Media: Building a Cyber-OSINT Toolbox

Seminar #2
08:30-15:05

(THIS SEMINAR IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)

The cyber investigators essential toolbox - Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UKPolice

The aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet, how to covertly discover live and deleted data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox. Having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement military and government only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar. Free tools in every session. This seminar is not structural or theoretical practices and awareness. Its hands-on practical techniques.

08:30-09:15
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators

09:30-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows

10:30-11:15
WIFI, geolocation, and Mobile Data traces and tracking

11:30-12:15
Exploiting and circumnavigating Masking Tech,( encro’s, VPN’s, TOR and proxies)

13:15-14:00
Advanced Techniques in Tracing Suspects, and lateral problem solving.

14:15-15:00
Open-Source Tools, PART 1. Resources, tradecraft and techniques – Before you use the tools you need to know the tools that enable you to be safe and how to hide……. PART 2 on Thursday.

Seminar #3
08:30-09:20

Understanding Mobile 2G, 3G, 4G & 5G NSA Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategies

This session addresses the infrastructure evolution of 2G to 3G to 4G to 5G NSA and the impact on lawful interception. 

Seminar #4
09:25-10:15

Understanding 5G Stand Alone NFV, Edge Computing and Network Slicing
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies

Cellular market analysts collectively have identified 5G services deployed in over 400 cities spread over 30 or so countries. The one common feature of all these operations is that they are providing 5G services with a 4G/5G hybrid network infrastructures or so called non-Stand Alone (NSA) architecture. This session addresses the transition to 5G stand alone. (Full description below Track 9)

Seminar #5
10:35-11:25

Understanding How AI Empowers ISS Products, LEAs and Intelligence Agencies
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies

Seminar #6
11:30-12:20

Generative AI (e.g., ChatGPT): Hype vs. Reality and Law Enforcement Friend or Foe
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies

Thursday, 6 June 2024

Seminar #7
13:00-14:00

(THIS SEMINAR IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)

Open Source Tools, PART 2. Top 20 FREE Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police

Pre-Conference Sessions Description At The End of Agenda PostinG

---

Welcoming Remarks and Top Ten Challenges

Wednesday, 5 June 2024

8:15-8:30	Tatiana Lucas, ISS World Program Director, TeleStrategies
8:30-9:00	Top Ten Internet Challenges Facing Law Enforcement and the Intelligence Community and Who at ISS World Europe has Solutions Dr. Jerry Lucas, President, TeleStrategies

---

ISS World Europe Exhibit Hours:

Wednesday, 5 June 2024
10:00-18:15 

Thursday, 6 June 2024
10:00 -13:00

---

Track 1: Lawful Interception and Criminal Investigation Training

This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.

Tuesday, 4 June 2024

15:25-16:05 Session B
Accelerating investigation workflows with specially designed IT-forensic laboratories
incl. Cyfluene, fake news and campaign detection
Presented by mh-service GmbH

15:25-16:05 Session C
AI-enabled Government Intelligence for multilingual content using Language Weaver Machine Translation
Claudiu Stiube, Senior Principal Solutions Consultant, RWS

16:10-17:00
ETSI/3GPP LI/LD Standards Update
Martin Kissel, ETSI TC LI Chairman and Coordinator Lawful Interception, Telefónica Germany
Carmine Rizzo, ETSI TC LI Technical Officer and 3GPP SA3-LI Secretary, ETSI

Wednesday, 5 June 2024

13:00-13:40
5G LI Technical Compliance Challenges from a Mobile Operator Industry Perspective
Alex Leadbeater, Technical Security Director GSMA, Chair 3GPP SA3-LI / ETSI TC Cyber

13:45-14:30 Session A
Location investigations: beyond compliance using mass location techniques
Presented by Intersec

13:45-14:30 Session B
Fighting Crime with Cutting-Edge Speech Technologies
In this session, you will discover the latest capabilities of voice biometrics and speech recognition and how these technologies can help law enforcement agencies fight crime efficiently.
Jiří Nezval, Phonexia

15:00-15:40 Session A
Analyzing Social Networks
BREVIS and OSINT Plugin for i2 Analyst Notebook. Analyze Social Networks – Twitter, Facebook, Linkedin, YouTube, VK, Instagram, TikTok, Telegram, WhatsApp and Pipl.
Presented by MKCVI

15:00-15:40 Session B
Interception Challenges on VoLTE Network for LEA's
Serkan Altınışık, General Director, Interprobe & Mustafa Göksu Gürkaş, Director of Software Development, Interprobe

16:30-17:15 Session A
Unlocking Hidden Insights: Exploring Metadata Extraction against Encrypted Data
Introducing IP metadata extraction and analysis—a transformative solution for tackling new investigative challenges head-on.
Presented by RCS S.p.A.

16:30-17:15 Session B
Using OSINT in offensive operations’
Sylvain HAJRI, Epieos

Thursday, 6 June 2024 

08:30-9:10 Session B
Understanding the Implications of Online Social Media and OSINT During Critical Incidents
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police

9:15-10:00 Session A
Thou shalt wirelessly intercept your neighbor: Leveraging WiFi and Bluetooth in operative
In this talk, we shall discuss various security mechanisms used in WiFi and Bluetooth networks and how to abuse them to obtain mission-critical intel. Apart from explaining all principles, we will demonstrate them (hopefully live) on our tactical device! Starting with an access point and client scans, we will continue with client targetted jamming and total Denial-of-Service of the whole network that may even result in authentication handshake capture. This handshake contains information to recover the WiFi password to access the targeted network. Once inside the network, we will show essential hacking tools to conduct IP-level reconnaissance. But we will not limit ourselves to WiFi and demonstrate how Bluetooth can be leveraged to notify you about a person's presence or exploit various IoT devices.
Vladimir Vesely (Ph.D., Computer Science) and Jan Pluskal, Researchers, Brno University of Technology

9:15-10:00 Session B
Cost effective network monitoring systems
As internet traffic continues to double every two years and as the data rates across the networks increase from 10G to 100G and even 400+ Gbps, how can you cost effectively access the droplets of information buried in the sea of data traversing your monitored networks.  How do you architect the collection system so that you don’t have to rip out the entire monitoring system and replace it in the future when 100 Gbps networks migrate to 400, 800 Gbps or even higher rates?  Come and learn how an optical circuit switch based network monitoring system can provide a future-proof front end to your network monitoring systems while also providing up to a 10 times reduction in CAPEX outlay, an 8 times reduction in rack space and over 100 times reduction in power and cooling.
Mike Bitting (Worldwide VP, HUBER+SUHNER Polatis), Huber+Suhner

9:15-10:00 Session C
Securing Government Infrastructure in 2023: Insights from Dark Web Intelligence on Emerging Cyber Threats
Protecting critical infrastructure is crucial for national security, and the dark web has emerged as a potential threat vector. Criminals exploit the anonymity of the dark web to exchange information, plan attacks, and sell illicit tools to target critical infrastructure.
In this session, we will examine the prominent patterns and risks faced by critical infrastructure and explore the potential of dark web monitoring as a means to alleviate these challenges.
Presented by Webz.io

11:00-11:40 Session A
From Academia to Industry: Dealing with Cryptography in Real Life
It is a common thought that cryptography is so theoretical to understand, and so technical to defeat, that it can’t be done without enormous effort and technical prowess only found in State Agencies. That is not completely true. In fact, there are many cryptographic problems developers and investigators routinely encounter that they think are insurmountable, but are not. Instead, with a systematic cryptographic approach, these issues can be overcome with modest effort and cost-effective tools.There is a need to use mechanisms that include algorithms, protocols and primitives in accordance with international standards such as ISO and FIPS, with a well-planned development, comprehensive testing and validation process. On the other hand, the strong analysis mechanism to obtain the decryption key is important for investigators. Forensics, reverse engineering, binary analysis, as well as the use of cryptanalysis attacks with AI-based dictionaries or rainbow tables are also used. For these reasons, tools that can operate all these mechanisms systematically that can manage them from a single point make it easier for investigators to deal with real-life use cases.
Pınar Gürkan Balıkçıoğlu (Ph.D. Cryptography), Chief Cryptography Officer, Interprobe & Adjunct Professor, Middle East Technical University, Interprobe

11:45-12:30 Session A
Trending Topics in Cryptocurrency Forensics
Bitcoin, Ethereum and other cryptocurrencies are becoming mainstream for financial interactions and standard tools when conducting cybercrime such as scams, frauds, ransomware, darknet markets, sextortion, etc. LEAs also adapted to a new situation, and many investigators are already familiar with cryptocurrency basics and how to trace transactions on publicly available blockchain explorers. This session aims to extend the knowledge of participants about more advanced topics such as: a) address clustering techniques and their applicability to various cryptocurrencies; b) monitoring of cryptocurrency networks and their peers with the help of network intelligence; c) geolocating cryptocurrency transaction with IP address or originator; d) overcoming obfuscation of transactions entering and leaving mixers; e) correlating activities on darkweb with blockchain events. Each subtopic will be thoroughly explained, including currently existing methods and tools for addressing associated challenges.
Vladimir Vesely (Ph.D., Computer Science) and Jan Pluskal, Researchers, Brno University of Technology

---

Track 2: LEA, Defense and Intelligence Analyst Product Presentations

This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.

Tuesday, 4 June 2024 

08:30-9:20 Session A
Beyond Autonomous Cyber Intelligence : Leveraging Adequate Darknet Collection and Processing to Deliver Differentiating Value in an Integrated Approach to Intelligence.
Presented by Corexalys

09:25-10:15 Session A
ORCA - rule the ocean of metadata
Presenting VASTech’s solution for fusing telecommunications, IP, and location data from fibre cables, mobile networks, and satellite signals. 
Using metadata to answer the important questions of Who, What, Where, and When?
Presented by VASTech

09:25-10:15 Session B
Beyond LI: Advanced Investigative Fusion Techniques for an Evolving Digital Landscape
As lawful intercept (LI) continues to evolve, the value of LI data is diluted by the increased use of encryption and over-the-top communication. Law enforcement professionals must look for ways to enhance LI data by overlaying other sources, such as digital forensics, OSINT, deep/dark web, even blockchain, to gain a more complete picture of target activities and patterns of life. In this presentation, we will demonstrate a multi-source approach to investigations, how ML/AI can help increase focus, and examine the tools/techniques that can help get to outcomes faster in a rapidly evolving digital landscape.
Presented by JSI Group

10:35-11:25 Session B
Intelligence that Goes Above and Beyond: Combining ADINT and VISINT for a Better Decision Making
Presented by Rayzone Group

11:30-12:20 Session A
The future of digital data collection and analytics
Take a step into the future of policing. During this session, you'll discover new ways of uncovering digital intelligence with the most advanced technology. Prepared to have your mind blown away!
Ariel Karayev, Strategic Pre-Sales Expert, Cellebrite

11:30-12:20 Session C
Forensic analysis of smartwatches, mobile phones and clouds
Presented by Compelson

13:20-14:10 Session A
Silent Data Gathering on Latest Generation Devices.
Presented by RCS S.p.A.

13:20-14:10 Session B
FUSION – The single investigation platform
Presented by ATIS

13:20-14:10 Session C
The Future of AI-Powered Data Fusion for Intelligence
Presented by Rayzone Group

14:15-15:05
The Future of Digital Forensics with FTK 8!
Presented by Exterro

15:25-16:05 Session C
Modernizing Digital Investigations: Automation and Data Enrichment for Efficient and Effective Case Resolution
In this session, you'll discover how leading investigation units are adopting a modern approach to digital investigations with automation and data enrichment. Learn how to tackle the challenges of managing large data volumes and drive faster and more efficient case resolutions.
Meirav Gingold, Product Owner, Cellebrite

16:10-17:00 Session A
Drowning in audio data ? Speech technologies to the rescue.
Understand how to exploit our leading-edge language identification, speech transcription and keyword spotting solutions to ease your OSINT and COMINT activities. 
Jodie Gauvain, Director, Vocapia Research

16:10-17:00 Session B
Complex investigation Use Case. 
Multiple Cyber Intelligence tools coordinated to achieve significative results.
Presented by AREA

Wednesday, 5 June 2024

09:10-10:00 Session A
NSO: The unencrypted story
Presented by NSO

09:10-10:00 Session B
Special IT-forensic workflow including tactical and covert rapid on-scene triage and acquisition
Presented by mh-service GmbH and Detego Global

13:00-13:40 Session A
Intelligence IoT: Networked Tactical Intelligence
Presented by Ateros

13:00-13:40 Session B
Transform terabits per seconds into valuable information.
Unleash all intelligence in the data, combining analytics solution at the top. Use cases and demonstration.
Presented by AREA

13:00-13:40 Session C
VASTech Cyclops: Real-world results showing the impact of Carrier-in-Carrier technologies on your satellite monitoring capabilities
Presented by VASTech

13:45-14:30 Session A
Future of Traffic Summarization for LI: Correlating Carrier-Grade NAT (CGNAT) at Carrier Scale and Speed
Presented by Packet Forensics

15:00-15:45 Session A
Advancing Data Inception Solutions for Narrow Bandwidth and IoT Devices
Lawful Interception solutions need to take into account the unique data exchange attributes associated with IoT devices. As these become more and more prevalent, a real-time and mediation solution can help intelligence agencies visualize additional information about a suspect of interest.
Presented by SS8 Networks

15:00-15:40 Session B
The Encryption Battlefield: Leveraging Metadata for Real-World Intelligence Missions
Presented by ClearTrail

15:00-15:40 Session C
Exploiting the power of Advanced AI to anticipate and prevent attacks on critical infrastructure
Investigators have access to enormous amounts of publicly available unstructured data that could hold the key to identifying and preventing potential infrastructure attacks. But while this data is accessible to all, it’s not possible for analysts to search, sift and analyze it quickly and effectively enough using manual methods. Join us to learn how AI-based technology can act as a force multiplier to accelerate digital investigations to help mitigate risk, identify threats and divert attacks.
Sam Holt, Sr. Solutions Architect, Voyager Labs

15:00-15:40 Session D
Zero-Click Attacks - The Holy Grail:
Demystifying zero-click attacks and shedding light on the essential traits of the most sought after infiltration capability
Presented by Candiru

15:00-15:40 Session E
OSINT and Forensic Data Consolidation For Modern Investigations
This session will walk you through the journey to digital intelligence maturity, the art of the possible for law enforcement, corporate and investigative professionals, and explain the practical steps along the way. 
John Randles, CEO, Siren
Richard Chen, EMEA Professional Services, Siren

15:45-16:25 Session A
Every piece of data tells a story – combine and analyze data from any source in your digital investigation.
Mark Uldahl, CTO, XCI A/S 

15:45-16:25 Session B
Fast visualization, analysis and fusion of large data sets from different sources
Presented by ATIS

15:45-16:25 Session D
Smartphones and PCs interception
Enable LEA and Intelligent Services the anonymous interception and the remote control of multiple devices
Presented by MOLLITIAM CYBERINTELLIGENCE

16:30-17:15 Session A
Effective photo and video investigations: from CCTV enhancement and analysis to deepfake detection in OSINT media
Presented by Amped Software

16:30-17:15 Session C
How Lawful Interception benefits from Traffic Filtering.
High bandwidth networks like fiber and eMBB (LTE / 5G) put new requirements to a Lawful Interception solution. With high throughput data streams, the costs of processing this data increases. However, not all data is relevant for an investigation, e.g., Netflix and application and OS updates carry no user data. Within this session we will discuss how Lawful Interception benefits from Traffic Filtering capabilities.
Presented by Group 2000

16:30-17:15 Session D
Linking and analyzing data with different classifications or sensitivity across intelligence fields on the TOVEK platform
A live demonstration of the versatility of TOVEK in the analysis of data from various sources and systems enabling the cooperation of various police or intelligence departments such as OSINT, COMINT, FININT, forensics, etc.
Presented by Tovek

16:30-17:15 Session E
A Deep Dive in to Mobile Exploitation - A Full Chain overview
Presented by SecFence

Thursday, 6 June 2024

08:30-09:10 Session A
Operations Security (OpSec) in Offensive Mobile & PC operations (ft. How to make your Zero-Days last longer)
Presented by SecFence

08:30-09:10 Session B
From Leaks to Lockdown: Profiling Suspects Using Their Compromised Credentials
Presented by StealthMole

09:15-10:00 Session B
Expanding Operational Awareness and Uncovering Digital Footprints with AI-Driven Data Fusion   
LLaw Enforcement and Security organizations are faced with an ever-increasing explosion of data, including OSINT, deep/dark web, mobile forensics, surveillance, financial transactions (including cryptocurrency), and more. Taking a multi-source approach to investigations has become essential to surfacing insights and eliminating the blind spots caused by organizational silos. This presentation will demonstrate how AI-enabled data fusion can help expand and enhance operational awareness, accelerate investigative outcomes and de-anonymous criminals and their behavior to keep countries and communities safe.
Presented by JSI Group

09:15-10:00 Session C
Supercharged IPDR extraction and analysis - Encrypted IP Applications and Advanced Internet Activity Analytics
John Senior, CEO, Trovicor Intelligence

11:00-11:40 Session A
Breaking Barriers: How SATCOM Intelligence Can Fill Communication Gaps in Law Enforcement Investigations
Presented by Cognyte

11:00-11:40 Session B
Using situational awareness and C2 tools to achieve faster decisions and actions during operations
Presented by Drakontas LLC

11:45-12:30 Session B
VASTech Cyclops: Real-world results showing the impact of Carrier-in-Carrier technologies on your satellite monitoring capabilities
Presented by VASTech

---

Track 3: Social Network Monitoring, Artificial Intelligence and Analytics Product Training

Sessions in this track are only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees, unless marked otherwise.

Tuesday, 4 June 2024

08:30-09:20 Session A
Massive Social Media data collection and analysis for Counter-Terrorism Intelligence Activities
Presented by IPS

08:30-09:20 Session C
Breaking Data Silos. Prevent Crime. Enhancing collaboration with SCOPE Mass-Data-Analysis.
Presented by Innosystec

09:25-10:15 Session A
WhatsApp, Telegram, Facebook...how IPS helps you to locate most wanted targets with LI
Presented by IPS 

09:25-10:15 Session B
Exploiting the power of Advanced AI to anticipate and prevent attacks on critical infrastructure
Investigators have access to enormous amounts of publicly available unstructured data that could hold the key to identifying and preventing potential infrastructure attacks. But while this data is accessible to all, it’s not possible for analysts to search, sift and analyze it quickly and effectively enough using manual methods. Join us to learn how AI-based technology can act as a force multiplier to accelerate digital investigations to help mitigate risk, identify threats and divert attacks.
Sam Holt, Sr. Solutions Architect, Voyager Labs

10:35-11:25 Session A
LEVARAGING THE BIG DATA POWERHOUSE TO ADDRESS THE FINANCIAL CRIME OF ANTI MONEY LAUNDERING (AML)
Using a real case we will demonstrate how a BIG DATA PLATORM can enhance analysts/ investigators ability for early detection, prevention and resolution of anti-money laundering  crimes , fraud etc. We will show how big data platforms can do more than just follow the money. It can predict where it will go, making analysts and investigators faster and more effective in addressing what is and will become the greatest threat to economic stability, sustainability and growth in the 21stcentury.
Omri Raiter, RAKIA Group

10:35-11:25 Session B
Link analysis in 2024: how to find intelligence in connected data
Presented by Cambridge Intelligence

11:30-12:30
The Evolution of Mass Media for Data Fusion: Will AI wield the controls for OSINT data curation
Presented by DataScouting

13:20-14:10 Session B
Future of Mass Data Visualisation for fast and precise actionable intelligence.
Presented by Innosystec

14:15-14:40 Session A
TikTok challenges: Adapting to new and evolving platforms
While communities and governments are justifiably concerned about threats related to censorship and espionage, this talk examines the variety of nefarious and criminal behaviour playing out on TikTok, the challenges for law enforcement SOCMINT efforts and how these can be overcome. 
Presented by Fivecast

14:15-14:40 Session B
Automatic Exploitation of Social Network, Deep and Dark Web to complement traditional Lawful Interception Infrastructure for Target Profiling. 
Presented by IPS

14:15-14:40 Session C
Unleashing the potential of Data-Centric A.I.: Revolutionize Network Security with Enhanced Traffic Classification and Malware Detection
In an era where encryption dominates over 90% of network traffic, traditional DPI methods fall short.  A.I. and Machine Learning techniques have now replaced traffic flow classification where DPI has failed. However, these tools depend on data labeling, leaving room for errors, posing significant risks. Data-Centric A.I autonomously rectifies input data, paving the way for heightened accuracy. This not only refines classification but also enhances malware detection capabilities.
Presented by Quant Azimuth

14:40-15:05 Session B
Cyber Threat Intelligence to accelerate online investigations
Presented by IPS

15:25-16:05 Session A
How to Uncover a Money Laundering Network in 7 Steps
Presented by Cognyte

16:10-17:00 Session A
Investigative Analytics - Looking into the future of intelligence with advanced data analytics
Presented by Cognyte

16:10-17:00 Session B
"What will be the future of OSINT?"
Presented by PredictaLab

16:10-17:00 Session C
Accelerating Social Media and OSINT Investigations with ShadowDragon
Presented by Shadow Dragon

Wednesday, 5 June 2024

9:10-10:00 Session A
Location & Open Source Intelligence: Real Life Case Studies & Live Demonstration
Presented by Cobwebs

13:00-13:40 Session A
From IOC to threat actors hunting
Presented by Cobwebs

13:00-13:40 Session C
Revolutionize OSINT with ChatGPT and LLMs: a Practical Guide
This presentation explores the transformative potential of ChatGPT and other large language models (LLMs) in revolutionizing open-source intelligence (OSINT) collection and analysis. We will discuss practical applications of these advanced AI technologies in streamlining OSINT processes. Attendees will learn how to effectively harness the power of ChatGPT and LLMs to enhance their OSINT operations and discover best practices for implementing these cutting-edge tools in real-world scenarios.
Presented by S2T Unlocking Cyberspace

13:45-14:30 Session A
AI-powered Language Technology Solution to handle Multi-language OSINT & COMINT
Emmanuel Tonnelier, Director, Defence and Intelligence Solutions, SYSTRAN

13:45-14:30 Session B
Automation meets Intelligence – Our view of AI-powered Analytics.  
Presented by Innosystec

15:00-15:45 Session B
trovicor’s Latest interception Innovations – Speech Analysis, Encrypted IP applications and hyper efficient Big Data Analytics.
Renita John, CPO, Trovicor Intelligence

15:45-16:25 Session A
Using OSINT with visual link analysis to enhance your investigations
Presented by Maltego

15:45-16:25 Session B
Translate alternative socials into actionable data
Web-IQ’s Open Language Intelligence (OLI) combined with data from alternative socials such as Sina Weibo, Discord, Naver or even Telegram discloses intelligence as never shown before. Our experts will show how to activate these new intelligence sources using Voyager and its features such as OCR, entity resolution and -relation analyses, account discovery and more. Welcome!
Presented by Web-IQ

Thursday, 6 June 2024

08:30-9:10 Session A
Our Cross Domain Solutions and what we do for Classified C2 and GOVERNMENT Networks
Presented by Arbit

08:30-9:10 Session B
Transforming OSINT, Cyber and POI investigations with the power of Maltego
Presented by Maltego

08:30-9:10 Session C
Anonymity vs You: Accelerated WEBINT insights to identify virality, influencers and unmask suspects across social networks
Presented by ClearTrail 

08:30-09:10 Session D
Follow your suspect down the OSINT Rabbit Hole.
Cyber Intelligence platform to get deeper into the OSINT of online social communities and Dark Web. Use cases and demonstration.
Presented by AREA

09:15-10:00 Session B
OSINT Case Study: Leveraging Open Data to Make Breakthroughs in an Arms Trafficking Investigation
Open data can provide the connections required to expand cases around existing leads. In this presentation, the team will demonstrate how the Social Links’ OSINT solution, SL Professional, enabled investigators to greatly enhance internal data with open sources. This led to significant breakthroughs in an arms trafficking case, where the main actors were successfully identified.
Christof De Windt, OSINT Specialist at the Federal Judicial Police of Belgium; and Alexandra Samuseva, Customer Success Manager, Social Links 

09:15-10:00 Session C
How to accelerate avatar-based social network intelligence gathering while staying secure?
Presented by Corexalys

11:00-11:40 Session A
AI & geolocation for homeland security
Presented by Intersec

11:00-11:40 Session B
OSINT For Counter Extremism in Europe
Ideologically motivated violent extremism is on the rise across Europe. Widespread adoption of social media has exacerbated the situation, as it has become a conduit for spreading and sharing extremist propaganda and false information. This presentation discusses the history of extremism over the past decade, and how the current threat is being mitigated through open-source intelligence.
Presented by Fivecast

11:00-11:40 Session C
BIG DATA PLATFORM – A comprehensive, practical guide to getting the most out of your DATA
A practical and comprehensive guide on the ins and outs of big data platforms and how they have been used to address key problems/challenges in law enforcement agencies . Through a specific use case we will highlight the highest value insight that everyone should have with regards these matters. Some of the elements covered include defining needs, devising algorithms using a no-code rule engine, how to link databases , report generator  and much more. 
Omri Raiter, RAKIA Group

11:00-11:40 Session D
Investigate, prevent and mitigate, risks of riots, terrorism, and crimes through a country-wide geo-analyticsl AI.
Presented by Butterfly Effect

11:45-12:30 Session A
Open Source Tools, PART 2. Top 20 FREE Open Source Tools (OSINT) Used in Cybercrime Investigations
(THIS SEMINAR IS RESTRICTED TO LEA, MILITARY, AND GOVERNMENT ATTENDEES. PHOTOS AND VIDEO RECORDING ARE PROHIBITED).
Now I’ve shown you how to hide, let us go and start covertly searching and gathering online intelligence with the best tools available.
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement,  UK Police

---

Track 4: Threat Intelligence Gathering and Cyber Security Product Training

This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees

Tuesday, 4 June 2024  

09:25-10:15 Session B
Connecting the Dots for Proactive Threat Detection - stay ahead of your targets with KELA Cyber Threat Intelligence - Live demo
Effective Cyber Threat Intelligence (CTI) requires a comprehensive understanding of a target's activities and intentions. In this session, we will explore how CTI can be leveraged to gain insights into a target's identity, behavior, and potential next steps. We will introduce our unique CTI solution, which uses innovative capabilities to collect, investigate and analyze data from cybercrime sources. Through a live demo, attendees will see how our solution can assist in exposing the bad guys and staying one step ahead of them.
David Carmiel, CEO, KELA

15:25-16:05
OSINT Case Study: How the Analysis of TikTok Led to the Identification of a Fugitive Criminal
This talk will have two parts. The first will focus on a real case in which a suspect had disappeared. We’ll demonstrate how investigators used SL Professional to carefully analyze media from TikTok, leading to the fugitive’s identification. Following on from this, part two will cover how the OSINT solution can process a whole range of open-source media to boost investigations.
Speakers: Christof De Windt, OSINT Specialist at the Federal Judicial Police of Belgium; and Dmitry Danilov, Head of the Expertise Centre at Social Links.
Christof De Windt, OSINT Specialist at the Federal Judicial Police of Belgium; and Dmitry Danilov, Head of the Expertise Centre, Social Links

16:10-17:00
Complex OSINT and CSINT in two unique solutions
How to collect high-value intelligence by accesing  public and private data
Presented by MOLLITIAM CYBERINTELLIGENCE

Wednesday, 5 June 2024

09:10-10:00 Session B
COUNTER ΙLLEGAL ACTIVITY– From a mere hint to real threat mitigation!
A step-by-step guide to harnessing OSINT and fusion technology to effectively support the entire process of identification and mitigation of nation illegal  threats. We will include the entire OSINT & WEBINT collection capabilities from all aspects , target , mass collection ,darknet , avatar design and management , fake accounts identification and mitigation and no code crawlers
Omri Raiter, RAKIA Group

13:00-13:40 Session A
Emerging Technologies for Espionage Tradecraft: Why Encryption Matters
This presentation examines the confluence of emerging technologies that could potentially be exploited by adversaries for espionage tradecraft and we discuss the critical role of encryption in cyber defense.
Presented by Asperiq

15:00-15:40
Enabling Network-centric operations: Vision and Strategy for Secure Communications
This presentation examines the latest innovation trend in network centric operations and proposes a vision and strategy for implementation of secure communications to cater for the diverse needs of national security, intelligence, and defense.
Presented by Asperiq

15:45-16:25
Combine DPI-based Traffic Visibility with Threat Detection Capabilities to Raise the Performance of Government Security Operations 
Discover a new generation of DPI-based cyber sensors that leverage years of experience in cyber defense environments to raise the performance of government-run Security Operations Centers (SOCs). Find out how this DPI-based traffic visibility can combine with SDK-based threat detection capabilities to provide superior network protection, even when traffic is encrypted.
Nicolas Duteil, Senior Technical Account Manager, DPI & Traffic Intelligence, Enea

Thursday, 6 June 2024

11:00-11:40 Session A
Cyber Resilience System for DoS
How to reduce the vulnerability and neutralize threats for public and critical infrastructures
Presented by MOLLITIAM CYBERINTELLIGENCE

11:00-11:40 Session B
Identify New Threats With Next-Generation DPI-Based Cyber Sensors 
In this live demonstration, discover a new generation of DPI-based cyber sensors that leverage years of experience in cyber defense environments to extend the cyber threat detection capabilities, and raise the performance of government-run Security Operations Centers (SOCs). 
Nicolas Duteil, Senior Technical Account Manager, DPI & Traffic Intelligence, Enea

---

Track 5: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction

This track is for law enforcement and private enterprise investigators who have to monitor and investigate the DarkNet along with Bitcoin transactions associated with criminal activities

This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.

Tuesday, 4 June 2024

8:30-9:20
Shedding light on the Info-stealer Eco System
In this session, we describe the eco-system of the info-stealer. Numerous IABs (Initial Access Brokers) and marketplaces are active on Darkweb and Deepweb. Recently, criminals have been continuously moving to other platforms such as Telegram and Discord. We will elucidate how they are selling and buying the leaked data. Furthermore, we show how adversaries can breach this data by analyzing malware and their TTPs (Tactics, Techniques, and Procedures).
In addition, we examine cryptocurrency flow to track criminals’ cash to launder its origin.
Presented by S2W

13:20-14:10
Live Demonstration of DarkOwl Vision: Darknet Intelligence Discovery and Collection
David Alley, CEO, DarkOWL FZE

Wednesday, 5 June 2024

13:45-14:30
Revealing the invisible: Real Stories of Cryptocurrency Deanonymization
Presented by Cognyte

16:30-17:15
Dark what?! Telegram is now the hub for hackers, fraudsters and other criminals
Presented by S2T Unlocking Cyberspace

---

Track 6: Mobile Signal Intercept Product Training and Presentations

This track is for Law Enforcement, Interior Security and the Government Intelligence Community who must work with cellular and mobile satellite operators regarding mobile location, electronic surveillance and RF intercept.

This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.

Tuesday, 4 June 2024 

8:30-9:20 Session B
Understanding Mobile 2G, 3G, 4G and 5G NSA Infrastructure, Intercept and Cryptography 
Dr. Jerry Lucas, President, TeleStrategies

10:35-11:25
Satellite Networks: Detecting, Locating and Intercepting transmitters
Presented by Kratos

11:30-12:20
Advanced SatCom Monitoring in tactical and strategic scenarios
Presented by Rohde Schwarz

13:20-14:10 Session A
Streaming Visual Intelligence from IoT 
NightHawk, a cyber intelligence platform delivering E2E intelligence gathering and covert operations unique capabilities. The NightHawk can be operated remotely or by proximity to the targeted device. The session will enable law enforcement and intelligence agencies a glimpse into how to gather unique intelligence, analyze, track targets and events worldwide in the NightHawk platform.
Presented by Interionet

14:15-15:05 Session A
A Revolutionary AI Based network independent  5G SA cellular locator
Presented by Septier

14:15-15:05 Session B
Why mobile phone location accuracy matters for successful missions
Chris Fritz, Polaris Wireless

15:25-16:05 Session A
Secure the smartphone data at rest and in transit - Bittium secure communication solutions
The modern smartphone environment offers users various options for storing and moving sensitive organizational data. Therefore, it is crucial for organizations to have a communication solution which makes sure the data is secure when it is stored into device, but especially when the data is in transit. In this session, Bittium Security Specialist Mr. Niko Keskitalo will present the ways how to secure your organization’s sensitive data with Bittium security solutions.
Presented by Bittium

15:25-16:05 Session B
Unleashing the Power of Location Data: Examining how law enforcement and security agencies can leverage MNO
Presented by Xolaris

16:10-17:00
Mobile tracking with a narcotic investigation
Presented by Intersec

Wednesday, 5 June 2024 

9:10-9:30
(Very) Connected Cars: How Identity Collection From Vehicles Can Help Fight Crime
Presented by Cognyte

9:30-10:00
It's Compact...It's Covert...It's a Micro-tactical Suite – Operating Everyday Field Missions in Versatile Environments
Presented by Cognyte

13:00-13:40
Strategic Satellite Monitoring
Presented by Secure Information Management GmbH

13:45-14:30
ArrowCell - Securing your Cellular Environment, Anywhere, Anytime
Presented by Rayzone Group

15:45-16:25
A Revolutionary AI Based network independent  5G SA cellular locator
Presented by Septier

---

Track 7: Electronic Surveillance Training and Product Presentations

This track is for law enforcement investigators and the government intelligence community who are responsible for deploying video, audio and GPS surveillance products and only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.

Wednesday, 5 June 2024 

13:45-14:30 Session A
Liberating Experts in Tracking and Video Surveillance
Presented by ProximaIT

13:45-14:30 Session B
New Microphone Arrays from Squarehead
Vibeke Jahr, COO and Founder, Squarehead Technology

15:45-16:25 Session A
QuipoEVO: new features and new use case for Cy4Gate Decision Intelligence Platform
Introducing QuipoEVO, the latest innovation from Cy4Gate, designed specifically for Law Enforcement Agencies (LEAs) to enhance decision intelligence capabilities. In the fast-paced world of law enforcement, staying ahead of criminals and ensuring public safety requires advanced tools and technologies. QuipoEVO combines cutting-edge artificial intelligence and machine learning to provide LEAs with a comprehensive Decision Intelligence Platform tailored to their unique needs.
QuipoEVO offers a range of powerful new features that revolutionize data analysis and decision-making in the LEA domain. Real-time data integration and analysis capabilities enable LEAs to gather and process vast amounts of data from multiple sources, including structured and unstructured data. By leveraging advanced analytics and algorithms, QuipoEVO provides actionable insights and helps LEAs identify patterns, detect trends, and make informed decisions to combat crime effectively.
Presented by CY4GATE S.p.A.

15:45-16:25 Session B
Tracers: walk in the shoes of your target.
Electronic Surveillance solutions to covertly investigate on suspects in the field and operate from an all-in-one, AI enabled, centralized cyber intelligence platform. Use cases and demonstration.
Presented by AREA

16:30-17:15 Session A
Border Security and Force Protection Analytics using Passive RF - Update
Presented by Packet Forensics

---

Track 8: 5G Lawful Interception Product Training

This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.

Tuesday, 4 June 2024

9:25-10:15
Understanding 5G Stand Alone NFV, Edge Computing and Network Slicing
Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies

14:15-15:05
Transforming security intelligence with high accuracy 5G location
Accurate location intelligence is key to law enforcement and intelligence agencies. However, they are usually only provided with mobile phone records with the cell tower location that gives a rough area covered by that mobile cell. This can equate to a location range of 300 to 500 meters even in dense urban areas, meaning several blocks from the suspect. In rural areas, the location range can be tens of kilometres wide. In this presentation, SS8 will review the impact of 5G on location accuracy and lawful intercept
Presented by SS8

15:25-16:05
Keep using your IMSI Catchers and Direction Finders in the 5G SA Era
With the introduction of 5G SA, the 3GPP decided to improve subscribers’ privacy by designing an encrypted protocol architecture that protects against the use of IMSI catchers. These design choices resulted in the need for a “future proof” and solid solution in order for law enforcement to correlate temporary identifiers collected over the air interface and match them to permanent identifiers and to track suspects using their direction-finding tools and capabilities.
Presented by Group 2000

16:10-17:00
Update on 5G NR Mobile Radio Analysis – Network Survey and SUPI Catchers
Presented by Rohde Schwarz

Wednesday, 5 June 2024

16:30-17:15
5G ID Resolution
Presented by EXFO

---

Training Seminars Led by Law Enforcment Officers and Ph.D Computer Scientists

Tuesday, 4 June 2024

Seminar #1
08:30-15:05

Online Social Media and Internet Investigations　
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police

08:30-09:15
Proxies and VPNs: Identity Concealment and Location Obfuscation

09:30-10:15
Tor, onion routers, Deepnet, and Darknet: An Investigator's Perspective

10:30-11:15
Tor, onion routers, Deepnet, and Darknet: A Deep Dive for Criminal Investigators

11:30-12:15
Cellular Handset Geolocation: Investigative Opportunities and Personal Security Risks

13:15-14:00
Ultra-Wideband Geolocation and Cyber OSINT

14:15-15:00
Collecting Evidence from Online Social Media: Building a Cyber-OSINT Toolbox

Seminar #2
08:30-15:05

(THIS SEMINAR IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)

The cyber investigators essential toolbox - Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UKPolice

The aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet, how to covertly discover live and deleted data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox. Having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement military and government only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar. Free tools in every session. This seminar is not structural or theoretical practices and awareness. Its hands-on practical techniques.

08:30-09:15
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators
How it works, for us. Why it works, for us.  How data traffic leaves a permanent trace. How and why everything that was on the internet, is still there. Identifying the structural data and exploits, that will take you to your suspect. Tracking and evaluating data. MAC tracking. If you’ve ever said “it’s been deleted” or “its no longer there”, this seminar is for you. Let me prove you wrong.

09:30-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows
What data is available. How to harvest and analyse it. Best practice to identify suspects and build profiles. Good practice, virtual data 'housekeeping' and tradecraft. Data collection and interrogation, significance, and value. IP usage, exploitation and dynamics; IP plotting and analysis how to look for suspect mistakes and exploit them (where they show their id). Dynamic approaches to identifying suspects through internet profiles. What investigators get from tech and service providers, and how to analyse it. Investigator capabilities and opportunities. TCP/IP and header value and analysis

10:30-11:15
WIFI, geolocation, and Mobile Data traces and tracking
A detectives look at Wi-Fi, attribution, cell site data, GPRS location services and technology. How an investigator can track devices, attribute suspects locations, devices and movement. Unique communication identifiers. Dynamic live time tracing. Geo location services and uses. Online Surveillance and tracking movement and speed. You and your target are being tracked by multi organisations that you done even know exist. Lets identify them and interrogate their data bases.

11:30-12:15
Exploiting and circumnavigating Masking Tech,( encro’s, VPN’s, TOR and proxies)
How suspects are using emerging and new technologies.
An introduction to where technology is going, and how Law enforcement can use this to our advantages. dynamic and pro-active problem solving. Darknet, (Deep web), TOR and IRC use. VOIP, Skype and FaceTime exploits. Advanced data sniffing and profile building. TOR systems, applications, and ways to coax offenders out of the system.

13:15-14:00
Advanced Techniques in Tracing Suspects, and lateral problem solving.
Using innovative and dynamic methods to trace offenders. Tricks used by suspects and how to combat them- Play them at their own game? Covert internet investigations. Proxy servers and hiding. Managing collateral intrusion. Reverse and social engineering. Thinking outside the box. Lateral thinking. Possible missed opportunities. Profile building and manhunts through device footprints, speed and movement.

14:15-15:00
Open-Source Tools, PART 1. Resources, tradecraft and techniques – Before you use the tools you need to know the tools that enable you to be safe and how to hide……. PART 2 on Thursday.
"Just google it" is great for tickets, tyres, holidays and opening hours. But as an investigator, we can do better, and safer.  Using most main stream search engines and browsers come with certain risks. This session aims to change that. A look at good tradecraft, practice and methodology in profiling, tracking and tracing digital footprints and shadows on the internet, by means of best available tools. Tools that the target can’t see . Do's and do nots. Best tools for best results. When was the last time you 'googled' something in an investigation, and it returned 5 results, all specifically relating to your suspect? This session will teach you how to fast track you to the data you need, and cut away the chaff.  PART 2 on the final day with free tools to download and keep

Seminar #3
08:30-09:20

Understanding Mobile 2G, 3G, 4G & 5G NSA Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategies

This session addresses the infrastructure evolution of 2G to 3G to 4G to 5G NSA and the impact on lawful interception. Specifically;

Network Architecture Evolution from 2G to 3G, 3G to 4G, 4G to 5G regarding radio technology (TDMA, CDMA, OFDM and MIMO), network core from CSFB to VoLTE and SS7 to Diameter.

Encryption, Target Identification and Location: SIM and eSIM cards, IMSI and Target ID, encryption algorithms (A3, A5, A8 and Ki) and basically how user authentication and traffic encryption is accomplished.

Target Location Tracking with CDR analysis, MAC address farming, MITM attacks, SS7 access, IMSI catchers and IT intrusion.

4G to 5G Transition Specifics Understanding 5G Non Stand Alone (NSA) vs. SA 5G, the IMSI catcher issue (myth vs. realities), 5G Cryptography (ECC, SUPI, SUCI), 5G target location enhancement and LTE/NR Internetworking and Co-existance.

5G Spectrum What can 5G deliver with mid vs. high frequency spectrum and what new spectrum bands are soon to be auctioned off

SA 5G Infrastructure Features: NFV, SDN, Edge/Cloud Computing and Network Slicing

Seminar #4
09:25-10:15

Understanding 5G Stand Alone NFV, Edge Computing and Network Slicing
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies

Cellular market analysts collectively have identified 5G services deployed in over 400 cities spread over 30 or so countries. The one common feature of all these operations is that they are providing 5G services with a 4G/5G hybrid network infrastructures or so called non-Stand Alone (NSA) architecture. This session addresses the trasition to 5G standalone.

In reality lawful interception of non-standalone is not any different from 4G interception regarding new LI feature additions. The next LI challenge will be for 5G SA. This webinar addresses the technical challenges facing law enforcement, 5G operators and ISS vendors. Specifically the four transitions are:

1. 5G Network Challenges Identifiers: How are law enforcement going to grab 1gbps traffic streams; backhaul to monitoring centers and filter non-important traffic of interest.
   
   
2. 5G Edge Cloud Computing: How do you intercept on a 5G operators IT systems, deal with proprietary system protocols, e2e encryption and localized content
   
   
3. 5G Virtual Network Core: How complicated will this be regarding LI, VoIP on virtual devices and what LI barriers has the IETF created
   
   
4. 5G Network Slicing: Is this 5G feature restricted to private enterprises or will 5G MVNO’s provide public mobile wireless services, How will law enforcement interconnect with 5G OSS provisioning systems and what is the LI point of interconnection?

Seminar #5
10:35-11:25

Understanding How AI Empowers ISS Products, LEAs and Intelligence Agencies
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies

Seminar #6
11:30-12:20

Generative AI (e.g., ChatGPT): Hype vs. Reality and Law Enforcement Friend or Foe
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies

Thursday, 6 June 2024

Seminar #7
13:00-14:00

(THIS SESSION IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)

Open Source Tools, Part 2. Top 20 FREE Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police

A must see presentation of the best and most dynamic tools available to the investigator- and they’re all free. A download link will be provided during this session with 100 tools to take away