---

ISS World MEA Exhibits Schedule:

Wednesday, 14 February 2024
10:00-18:00 
Thursday, 15 February 2024
9:15-12:30

---

Training Seminars Led by Law Enforcement Officers and Ph.D., Computer Scientists

20 classroom training hours, presented by Law Enforcement Officers and Ph.D. Scientists

Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police
(6 classroom hours)

Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
(7 classroom hours)

Jerry Lucas (Ph.D., Physics), President, TeleStrategies

(2 classroom hours)

Matthew Lucas (Ph.D., Computer Science), VP, TeleStrategies
(3 classroom hours)

Tuesday, 13 February 2024

Seminar #1
08:30-15:00

Online Social Media and Internet Investigations　
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police

08:30-09:15
Proxies and VPNs: Identity Concealment and Location Obfuscation

09:30-10:15
Tor, onion routers, Deepnet, and Darknet: An Investigator's Perspective

10:30-11:15
Tor, onion routers, Deepnet, and Darknet: A Deep Dive for Criminal Investigators

11:30-12:15
Cellular Handset Geolocation: Investigative Opportunities and Personal Security Risks

13:15-14:00
Ultra-Wideband Geolocation and Cyber OSINT

14:15-15:00
Collecting Evidence from Online Social Media: Building a Cyber-OSINT Toolbox


Seminar #2
08:30-15:00

Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police

The aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet,
how to find data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox, and having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.

08:30-09:15
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators

09:30-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows

10:30-11:15
WIFI, geolocation, and Mobile Data traces and tracking

11:30-12:15
Advanced Techniques in Tracing Suspects, and lateral problem solving

13:15-14:00
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxies

14:15-15:00
Open Source Tools, resources and techniques - A walk through my free law enforcement open source tools site

Seminar #3
08:30-09:15

Understanding Mobile 2G, 3G, 4G, 5G NSA & LEO Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategies

This session addresses the infrastructure evolution of 2G to 3G to 4G to 5G NSA and the impact on lawful interception. 

Seminar #4
09:30-10:15

Transitioning Lawful Interception Network Core Features from 4G to 5G SA: What’s it Looking Like and Challenges Ahead
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies

Cellular market analysts collectively have identified 5G services deployed in over 400 cities spread over 30 or so countries. The one common feature of all these operations is that they are providing 5G services with a 4G/5G hybrid network infrastructures or so called non-Stand Alone (NSA) architecture. This session addresses the transition to 5G stand alone. (Full description below Track 9)

Seminar #5
10:30-11:15

Understanding Advanced Techniques to Defeat (or Work Around) Encrypted Third Party Services, Bitcoin Anonymity, TOR/HS and iPhone Encryption
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies

You can’t defeat today’s encryption (at least not that we know of) but law enforcement and the government intelligence community can “Work around encryption” for a price. Once you identify a target using commercially available encryption products or services (and with enough resources or money) government can defeat the target near 100% of the time.

Seminar #6
11:30-12:15

Understanding How AI Empowers ISS Products, LEAs and Intelligence Agencies
Matthew Lucas (Ph.D., Computer Science, VP, TeleStrategies

Seminar #7
13:15-14:00

Generative AI (e.g., ChatGPT): Hype vs. Reality and Law Enforcement Friend or Foe
Matthew Lucas (Ph.D., Computer Science, VP, TeleStrategies

Thursday, 15 February 2024

Seminar #8
12:30-13:30

Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police

Pre-Conference Sessions Description At The End of Agenda PostinG

---

ISS World MEA Exhibits Schedule:

Wednesday, 14 February 2024
10:00-18:00 

Thursday, 15 February 2024
9:15-12:30

---

Wednesday, 14 February 2024

Welcoming Remarks

8:15-8:30

Tatiana Lucas, ISS World Program Director, TeleStrategies

Keynote

8:30-9:00

Top Ten Internet Challenges Facing Law Enforcement and the Intelligence Community and Who at ISS World Middle East and Africa has Solutions Dr. Jerry Lucas, President, TeleStrategies

---

Track 1: Lawful Interception and Criminal Investigation Training

This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.

Tuesday, 13 February 2024

14:15-15:00
Simplifying lawful requests: how CSPs can automate, secure and speed their responses to criminal investigations
Presented by Subtonomy & Telia Norway

15:15-16:00
Oxygen Forensic® Detective - all-in-one forensic software platform for data extraction and analysis. Product Overview
Paul Down, Director of Sales EMEA, Haitham Khatib, Sales Engineer, MEAI, Oxygen Forensics

16:15-17:00
Finish Investigations Faster, with Magnet Automate
Presented by mh Service GmbH

Wednesay, 1 March 2023

14:00-14:45
Countering Illegal Trade on Darknet Marketplaces
Veronica Wildenberg, New Sales Manager, Social Links
Scott Wilcox, Founder, Sicuro Group LLC.

15:15-16:00
Location investigations: beyond compliance using mass location techniques
Presented by Intersec

Thursday, 15 February 2024

08:30-09:15
Rapid Digital Forensics Triage - Finding Evidence in Seconds
At Cyacomb Forensics we have developed a set of tools designed to clearer identify those devices containing relevant files and this process takes seconds rather than hours.

Our patented block level hashing technology is combined with state of the art searching capability to ensure that devices are scanned rapidly and thoroughly.

During this session you will become familiar with the entire Cyacomb suite of tools, Cyacomb Examiner, Cyacomb Offender Manager and Cyacomb Mobile Triage.

Ashley Page, Director, Cyacomb Ltd

10:15-11:15
Dealing with Real Life Use Cases of Cryptography
Presented by InterProbe

---

Track 2: LEA, Defense and Intelligence Analyst Product Demonstrations

This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.

Tuesday, 13 February 2024

9:30-10:15 Session B
How to enhance the LEA analysis capbiltiy with Generative AI?
Presented by Sinovatio

10:30-11:15 Session A
ADINT Revealed
Learn how to harness the power of Advertisement Intelligence for forensic and predictive investigations
Presented by Rayzone Group

11:30-12:15
Complex investigation Use Cases. 
Multiple Cyber Intelligence tools coordinated to achieve significative results.
Presented by AREA

13:15-14:00
Exploiting Latest Generation Devices
Presented by RCS.S.p.A.

15:15-16:00 Session A
Lawful Interception of High Bandwidth Networks: Challenges and Solutions
Learn how to use traffic filtering and other solutions to effectively manage the increased throughput of high bandwidth networks.Presented by Group 2000

15:15 to 16:00 Session B
Online investigations of Arabic Content for Non-Arabic Speaking Investigators
The amount of content being uploaded in languages using an Arabic alphabet keeps growing at a very fast pace. Being able to tackle online content using this alphabet is essential for any  organization’s decision-making process. This introduction will show some of the techniques that will help you find the content that you're looking for using an Arabic alphabet without prior knowledge of this language.
Skip Schiphorst, Online Rearch in Foreign Languages Instructor, i-intelligence GmbH

16:15-17:00 Session A
CDRs of WhatsApp, Signal, Telegram, and other encrypted VoIP messaging applications
Presented by ClearTrail

16:15-17:00 Session C
Next Generation Lawful Intelligence – enhanced geolocation analysis
The ability to query the location of a target in real time (synchronously) has clear advantages and can be instrumental in analyzing a target’s movements to assess evolving threats, as well as in the pursuit and apprehension of suspects. In this session, SS8 will discuss network-based positioning methods that improve law enforcement agencies' ability to find persons of interest leveraging real-time and historic location data.
Presented by SS8 

Wednesday, 14 February 2024

09:10-10:00 Session A
NSO: The unencrypted story
Presented by NSO

09:10-10:00 Session B
ADINT Revealed
Learn how to harness the power of Advertisement Intelligence for forensic and predictive investigations
Presented by Rayzone Group

13:00-13:45 Session B
Accelerate Multi-source Investigations with Modern AI Capabilities
In an era characterized by a deluge of data, efficient and accurate investigations require harnessing the potential of data from diverse sources. Whether it's for cybersecurity, fraud detection, market research or law enforcement, data fusion and web intelligence (WEBINT) have become cornerstones of comprehensive, multi-dimensional analysis. We explore the current state of AI-enhanced multi-source investigations, their practical implications, and a glimpse into their promising future.
Presented by S2T Unlocking Cyberspace

13:00-13:45 Session C
Using Intelligence techniques and OSINT solutions in asset recovery and in-depth due diligence cases
Veronica Wildenberg, New Sales Manager, Social Links and Scott Wilcox, Founder, Sicuro Group LLC.

14:00 to 14:45
Online investigations of Chinese Content for Non-Speaking Chinese Investigators
Online research using Chinese is typically outsourced to Chinese-speakers within a team. This introduction will demonstrate that research in this language can be performed by researchers who don't speak this language since it's one of the simplest languages to use online. This introduction will present what these research simplicities are and what the solutions can be to strengthen your team's information position w.r.t. Chinese online content.
Skip Schiphorst, Online Rearch in Foreign Languages Instructor, i-intelligence GmbH

15:15-16:00
The cutting-edge Android and iOS spyware, along with advanced analytical tools, seamlessly converge within the "Spyder Space" domain
Presented by Movia

16:15-17:00 Session A
Encryption Vs You: Identify potential suspects through mass IP metadata analysis at a countrywide scale
Presented by ClearTrail

16:15-17:00 Session B
Follow your suspect down the Rabbit Hole. 
Cyber Intelligence platform to go beyond OSINT and collect evidence form online social communities, even in Dark Web. Use cases and demonstration.
Presented by AREA

Thursday, 15 February 2024

08:30-09:15 Session A
From Terabit per second network to intelligence: achieve full communication awareness unleashing the power of advanced metadata with dedicated Cyber intelligence solution. 
Use cases and demonstration.
Presented by AREA

11:30-12:15 Session A
Supercharged IPDR extraction and analysis - Encrypted IP Applications and Advanced Internet Activity Analytics
Presented by Trovicor

11:30-12:15 Session C
Next generation IP analytics - how conflicts, fake SN media, IOT and crypto are changing the intelligence challenges
Presented by Cognyte

---

Track 3: Social Network Monitoring, Artificial Intelligence and Analytics Product Training

Sessions in this track are only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees, unless marked otherwise.

Tuesday, 13 February 2024

08:30-09:15 Session A
Massive Social Media data collection and analysis for Counter-Terrorism Intelligence Activities
Presented by IPS

08:30-09:15 Session B
Using OSINT with visual link analysis to enhance your investigations
Presented by Maltego

09:30-10:15
WhatsApp, Telegram, Facebook...how IPS helps you to locate most wanted targets with LI
Presented by IPS 

10:30-11:15
3D Target Visualized Locating Enhanced By New Generation Wireless Solution.
Presented by Sinovatio

11:30-12:15
The Evolution of Mass Media for Data Fusion: Will AI wield the controls for OSINT data curation
The session delves into the fascinating topic of the evolution of mass media for data fusion. It presents an in-depth analysis of how mass media has transformed over the years, and its positive and negative effects on societies, raising awareness about the importance of the role of AI technology in data curation for open-source intelligence (OSINT).
Stavros Vologiannidis, Founder, Business Development, DataScouting
Rami El Sabeh, OSINT Consultant, DataScouting

14:15-15:00
Revolutionize OSINT with ChatGPT and LLMs: a Practical Guide
This presentation explores the transformative power of ChatGPT and other large language models (LLMs) in revolutionizing open-source intelligence (OSINT) collection and analysis. We will discuss practical applications of these advanced AI technologies in streamlining OSINT processes. Attendees will learn how to effectively harness the power of ChatGPT and LLMs to enhance their OSINT operations and discover best practices for implementing these cutting-edge tools in real-world scenarios.
Presented by S2T Unlocking Cyberspace

15:15-15:35 Session A
Automatic Exploitation of Social Network, Deep and Dark Web to complement traditional Lawful Interception Infrastructure for Target Profiling. 
Presented by IPS

15:15-16:00 Session B
Online investigations using Chinese
Online research using Chinese is typically outsourced to Chinese-speakers within a team. This introduction will demonstrate that research in this language can be performed by researchers who don't speak this language since it's one of the simplest languages to use online. This introduction will present what these research simplicities are and what the solutions can be to strengthen your team's information position w.r.t. Chinese online content.
Skip Schiphorst, Online Research in Foreign Languages Instructor, i-intelligence GmbH

15:35-16:00 Session A
Cyber Threat Intelligence to accelerate online investigations
Presented by IPS

Wednesday, 14 February 2024

09:10-10:00 Session A
From IOC to threat actors hunting 
Presented by Cobwebs Technologies

09:10-10:00 Session B
Using AI and Data Fusion to improve decision making for border control
Presented by Cognyte

09:10-10:00 Session C
AI² - the future of investigation and intelligence world
Presented by Elbit Systems

13:00-13:45
Location & Open Source Intelligence: Real Life Case Studies & Live Demonstration
As Intelligence Agencies demand for advanced actionable intelligence increases, a combined end-to-end modular OSINT approach is critical to ensure timely operational results. In this session we will discuss the current state of Web Intelligence and Location Intelligence and see how it can be combined by Cobwebs’ groundbreaking joint WEBINT + Location Intelligence platform. This session will include live product demonstration.
Presented by Cobwebs Technologies

14:00-14:45 Session A
Anonymity Vs You: Accelerated WEBINT insights to identify virality, influencers and unmask suspects across social networks. 
Presented by ClearTrail, co-hosted by Mark Bentley, Communications Data Expert, UK Police

14:00-14:45 Session B
Online investigations using Arabic
The amount of content being uploaded in languages using an Arabic alphabet keeps growing at a very fast pace. Being able to tackle online content using this alphabet is essential for any  organisation's decision-making process. This introduction will show some of the techniques that will help you find the content that you're looking for using an Arabic alphabet without prior knowledge of this language".
Skip Schiphorst, Online Research in Foreign Languages Instructor, i-intelligence GmbH

15:15-16:00 Session A
trovicor’s Latest interception Innovations – Speech Analysis, Encrypted IP applications and hyper efficient Big Data Analytics
Presented by Trovicor

15:15-16:00 Session B
Evolving OSINT: Challenges and Opportunities
Presented by SOS

16:15-17:00
AI-powered Language Technology Solutions to handle Multi-language OSINT & COMINT
Emmanuel Tonnelier, Director, Defence and Intelligence Solutions, SYSTRAN

Thursday, 15 February 2024

08:30-9:15 Session B
AI & geolocation for homeland security
Presented by Intersec

12:30-13:30 Session A
Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police

---

Track 4: Threat Intelligence Gathering and Cyber Security Product Training

This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees

Tuesday, 13 February 2024

14:15-15:00
When Spyware Turns Phones Into Weapons: Addressing Mobile Devices Software and Hardware Vulnerabilities to Save Your Organization
Presented by Feedback Italia

Wednesday, 14 February 2024

15:00-15:45
Cybersecurity Reinvented: Navigating the Landscape of Secure Communication in the Age of Threats, Hardware Vulnerabilities, and Post-Quantum Computing
Presented by Feedback Italia

16:15-17:00
Combine DPI-based Traffic Visibility with Threat Detection Capabilities to Raise the Performance of Government Security Operations
Discover a new generation of DPI-based cyber sensors that leverage years of experience in cyber defense environments to raise the performance of government-run Security Operations Centers (SOCs). Find out how this DPI-based traffic visibility can combine with SDK-based threat detection capabilities to provide superior network protection, even when traffic is encrypted.
Nicolas Duteil, Senior Technical Account Manager, DPI & Traffic Intelligence, Enea

---

Track 5: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction

This track is for law enforcement and private enterprise investigators who have to monitor and investigate the DarkNet along with Bitcoin transactions associated with criminal activities

Sessions only open to LEA and Government.

Tuesday, 13 February 2024

13:15-14:00
Live Demonstration of DarkOwl Vision: Darknet Intelligence Discovery and Collection
David Alley, CEO, DarkOWL FZE

---

Track 6: Mobile Signal Intercept and Electronic Surveillance Product Training and Demonstrations

This track is for Law Enforcement, Interior Security and the Government Intelligence Community who must work with cellular and mobile satellite operators regarding mobile location, electronic surveillance and RF intercept.

This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.

Tuesday, 13 February 2024

08:30-09:15
Understanding Mobile 2G, 3G, 4G, 5G NSA & LEO Infrastructure, Intercept and Cryptography 
Dr. Jerry Lucas, President, TeleStrategies

11:30-12:15
Product demo: Mobile tracking with a narcotic investigation
Presented by Intersec

13:15-14:00
From air, land and sea - Operating in agile environments with tactical sensors
Presented by Cognyte

Wednesday, 14 February 2024

14:00-14:45
Strategic Satellite Monitoring
Presented by Secure Information Management GmbH

16:15-17:00
Satellite traffic: cutting through the noise to find Actionable Insights
Presented by Cognyte

Thursday, 15 February 2024

10:15-11:00
Laser Innovations
Presented by Secure Information Management GmbH

11:30-12:15
Electronic Surveillance solutions family.
Covertly investigate on suspects in the field and operate form a unified, AI enabled, centralized Cyber Intelligence platform. Use cases and demonstration.
Presented by AREA

---

Track 7: 5G Lawful Interception Product Training

This track is open to all conference attendees unless marked otherwise.

Note: Some sessions are only open to LEA and Government. These sessions are marked accordingly.

Tuesday, 13 February 2024

08:30-09:15
Understanding Mobile 2G, 3G, 4G, 5G NSA & LEO Infrastructure, Intercept and Cryptography
TeleStrategies
Dr. Jerry Lucas, President, TeleStrategies

09:30-10:15
Transitioning Lawful interception Network Core Features from 4G to 5G SA: What’s it Looking Like and Challenges Ahead
Dr. Matthew Lucas, VP, TeleStrategies

Wednesday, 14 February 2024

(THIS SESSION IS FOR LEA AND GOVERNMENT ATTENDEES ONLY)
13:00-13:45 Session A
5G passive and active hybrid direction finder, no IMSI encrypt issues any more
Presented by REACH

(THIS SESSION IS FOR LEA AND GOVERNMENT ATTENDEES ONLY)
13:00-13:45 Session B
Geo-time link analysis, merging historical Communication Data, (CDR/DR/CD), live lawful interception data (IRI/CDR), Social media communication and computer and mobile forensics extraction. 
Use cases and demonstration.
Presented by AREA

14:00-14:45
Tactical 5G ID resolution
Presented by EXFO

15:15-16:00
Interception challenges on VoLTE network for LEA's
Presented by InterProbe

16:15-17:00
Impact of 5GC on Subscriber Identification with Cell Site Simulators
Whether used for finding missing persons, locating fugitives, or investigating serious crimes, cell site simulators (CSS) are a core tool used, legally, every day, by law enforcement investigators around the world. When 5G is fully deployed, the privacy and security enhancements will negatively impact the CSS mission. In this session, SS8 will review the 5G privacy and security enhancements, the impacts they will have on the CSS mission and the options available to law enforcement agencies to operate their CSSes unobstructed. 
Presented by SS8 

Thursday, 15 February 2024

(THIS SESSION IS FOR LEA AND GOVERNMENT ATTENDEES ONLY)
10:15-11:00
Addressing the Infrastructure Challenges of 5G Identity Association
5G Identity Association is the standardised solution to enable IMSI Catchers in a 5GSA core. This session focusses on Identity Association, alternative approaches, and infrastructure challenges concerning the routing of identity requests in case of multiple CSPs or multiple Identity Catchers.
Presented by Group 2000

(THIS SESSION IS FOR LEA AND GOVERNMENT ATTENDEES ONLY)
11:30-12:15
5G Security Encrypted Phone, no information leaking any more
Presented by REACH

---

Training Seminars Led by Law Enforcment Officers and Ph.D Computer Scientists

Tuesday, 13 February 2024

Seminar #1
08:30-15:00

Online Social Media and Internet Investigations　
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police

08:30-09:15
Proxies and VPNs: Identity Concealment and Location Obfuscation

09:30-10:15
Tor, onion routers, Deepnet, and Darknet: An Investigator's Perspective

10:30-11:15
Tor, onion routers, Deepnet, and Darknet: A Deep Dive for Criminal Investigators

11:30-12:15
Cellular Handset Geolocation: Investigative Opportunities and Personal Security Risks

13:15-14:00
Ultra-Wideband Geolocation and Cyber OSINT

14:15-15:00
Collecting Evidence from Online Social Media: Building a Cyber-OSINT Toolbox

Seminar #2
08:30-16:00

Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police

The aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet,
how to find data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox, and having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.

08:30-09:15
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators

How it works. Why it works. How it works for us .How data traffic leaves a trace ; What the internet is; what is an IP and how is it significant to trace a person. IPv4 and IPv6 – understanding the changes- the benefits and pitfalls for the investigator. The internet has millions of copies of data on it - why, and where can we find this. Tracking and evaluating data. MAC adders tracking.

09:30-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows

What data is available. How to harvest and analyze it. Best practice to identify suspects and build profiles. Good practice, virtual data 'housekeeping' and tradecraft .Data collection and interrogation, significance and value. IP usage, exploitation and dynamics; IP plotting and analysis how to look for suspect mistakes and exploit them ( where they show their id). Dynamic approaches to identifying suspects through internet profiles. What investigators get from tech and service providers, and how to analyze it. Investigator capabilities and opportunities.

10:30-11:15
WIFI, geolocation, and Mobile Data traces and tracking

A detectives look at Wi-Fi, attribution, cell site data, GPRS location services and technology. How an investigator can track devices, attribute suspects locations, devices and movement. Unique communication identifiers. Dynamic live time tracing. Geo location services and uses. Online Surveillance and tracking movement and speed.

11:30-12:15
Advanced Techniques in Tracing Suspects, and lateral problem solving

Using innovative and dynamic methods to trace offenders. Tricks used by suspects and how to combat them- Play them at their own game?. Covert internet investigations. Proxy servers and hiding. Managing collateral intrusion. Reverse and social engineering. Thinking outside the box. Lateral thinking. Possible missed opportunities. Profile building and manhunts through device footprints, speed and movement.

13:15-14:00
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxies

How suspects are using emerging and new technologies.
An introduction to where technology is going, and how Law enforcement can use this to our advantages. dynamic and pro-active problem solving. Darknet, (Deep web) , TOR and IRC use. VOIP, Skype and FaceTime exploits. Advanced data sniffing and profile building. TOR systems, applications and ways to coax offenders out of the system.

14:15-15:00
Open Source Tools, resources and techniques - A walk through my free law enforcement open source tools site

"Just google it" doesn't work anymore. A look at good tradecraft, practice and methodology in profiling, tracking and tracing digital footprints and shadows on the internet, by means of best available tools. A look at a selection of 200+ tools available on Mark's open source law enforcement tools website, that search engines can’t see, with login and password provided during the session. Do's and do nots. Best tools for best results. When was the last time you 'googled' something in an investigation, and it returned 5 results, all specifically relating to your suspect? This session will teach you how.

Seminar #3
08:30-09:15

Understanding Mobile 2G, 3G, 4G, 5G NSA & LEO Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategies

This session addresses the infrastructure evolution of 2G to 3G to 4G to 5G NSA and the impact on lawful interception. Specifically;

Network Architecture Evolution from 2G to 3G, 3G to 4G, 4G to 5G regarding radio technology (TDMA, CDMA, OFDM and MIMO), network core from CSFB to VoLTE and SS7 to Diameter.

Encryption, Target Identification and Location: SIM and eSIM cards, IMSI and Target ID, encryption algorithms (A3, A5, A8 and Ki) and basically how user authentication and traffic encryption is accomplished.

Target Location Tracking with CDR analysis, MAC address farming, MITM attacks, SS7 access, IMSI catchers and IT intrusion.

4G to 5G Transition Specifics Understanding 5G Non Stand Alone (NSA) vs. SA 5G, the IMSI catcher issue (myth vs. realities), 5G Cryptography (ECC, SUPI, SUCI), 5G target location enhancement and LTE/NR Internetworking and Co-existance.

5G Spectrum What can 5G deliver with mid vs. high frequency spectrum and what new spectrum bands are soon to be auctioned off

SA 5G Infrastructure Features: NFV, SDN, Edge/Cloud Computing and Network Slicing

Seminar #4
09:30-10:15

Transitioning Lawful Interception Network Core Features from 4G to 5G SA: What's it Looking Like and Challenges Ahead
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies

Cellular market analysts collectively have identified 5G services deployed in over 400 cities spread over 30 or so countries. The one common feature of all these operations is that they are providing 5G services with a 4G/5G hybrid network infrastructures or so called non-Stand Alone (NSA) architecture. This session addresses the trasition to 5G standalone.

In reality lawful interception of non-standalone is not any different from 4G interception regarding new LI feature additions. The next LI challenge will be for 5G SA. This webinar addresses the technical challenges facing law enforcement, 5G operators and ISS vendors. Specifically the four transitions are:

1. 5G Network Challenges Identifiers: How are law enforcement going to grab 1gbps traffic streams; backhaul to monitoring centers and filter non-important traffic of interest.
   
   
2. 5G Edge Cloud Computing: How do you intercept on a 5G operators IT systems, deal with proprietary system protocols, e2e encryption and localized content
   
   
3. 5G Virtual Network Core: How complicated will this be regarding LI, VoIP on virtual devices and what LI barriers has the IETF created
   
   
4. 5G Network Slicing: Is this 5G feature restricted to private enterprises or will 5G MVNO’s provide public mobile wireless services, How will law enforcement interconnect with 5G OSS provisioning systems and what is the LI point of interconnection?

Seminar #5
10:30-11:15

Understanding Advanced Techniques to Defeat (or Work Around) Encrypted Third Party Services, Bitcoin Anonymity, TOR/HS and iPhone Encryption
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies

You can’t defeat today’s encryption (at least not that we know of) but law enforcement and the government intelligence community can “Work around encryption” for a price. Once you identify a target using commercially available encryption products or services (and with enough resources or money) government can defeat the target near 100% of the time. 

This session:  

1. Analyses the top third party encrypted serves (Telegram, Silent Circle, WhatsApp, Skype, Viber,TOR, TOR/HS); the cryptography deployed; why criminals and terrorists choose one over the other; and related LI challenges.  
   
   
2. Presents the common techniques for defeating the encryption deployed in these services, and their success/weakness, including:
   • Man in the Middle Attacks
   • IT Intrusion (Installing Malware)
   • Exploiting bugs in SSL/TLS
   • Connecting the “metadata” dots between known targets and communication patterns  
     
     
3. Case studies working around third party encryption case studies, e.g. how was it done! 
   • WhatsAPP
   • TOR / DarkNets (TOR/HS)
   • Bitcoin Traceback
   • Mobile phone/encryption cracking 
     
     
4. Future Directions in cryptography presenting new challenges for law enforcement and the government intelligence community.

Seminar #6
11:30-12:15

Understanding How AI Empowers ISS Products, LEAs and Intelligence Agencies
Matthew Lucas (Ph.D., Computer Science, VP, TeleStrategies

Law enforcement and intelligence agencies have massive data sets to pile through in order to find the evidence and information they need for their investigations. This seminar will address how AI is helping. The presentation will first provide a background/primer in at AI technologies -  what are the specific types of AI systems; how are they used in industry today; and what are the strengths and weaknesses of AI. The second half will focus on how ISS vendors are leveraging AI to increase agent efficiency and results in network data, OSINT, application profiling, location and image/language processing. Specific topics include: 

• Overview of AI, machine learning (ML) and deep learning (DL) systems technology.
• What AI capabilities are helping law enforcement and national security agencies (e.g., image / natural language processing, unstructured data analytics, predictive analytics).
• How AI is powering OSINT analytics, mobile signal intercept, location, signaling intelligence, audio-visual forensics, encryption and surveillance products. 
• Negative impacts of AI, such as clutter, fake news.
• Future directions: generative AI, ChatGPT.

Seminar #7
13:15-14:00

Generative AI (e.g., ChatGPT): Hype vs. Reality and Law Enforcement Friend or Foe
Matthew Lucas (Ph.D., Computer Science, VP, TeleStrategies

Generative AI is a completely new technology that is greatly impacting all aspects of society, industry, politics, and culture. This seminar is going to look at generative AI from law enforcement and the intelligence community’s perspective. The first half of the presentation will focus on what the technology is, how it works, the training sets, what is good at, and the pitfalls. The second half will look at how LEAs and intelligence agencies can leverage the technology; how the technology is already making the lives of agents more difficult; and how generative AI might find itself working into LEA/ISS tools. Specific topics include: 

• What are the key difference between traditional AI systems and generative AI platforms?
• What are generative AI systems and large language models? How does the work? What are they good at? What can’t they do?
• What are the key platform providers? Who is behind the technology? Where is it going?
• What are the potential application, upside and downside of generative AI for LEAs and intel agencies?
• How are the platforms evolving? What to expect going forward from a criminal use/misuse perspective (e.g., fake news, deepfakes, clutter generation)? What products and platforms are available to address this?
• What LLMs and generative AI specific models might be developed for LEAs and intelligence agencies?

Thursday, 15 February 2024

Seminar #8
12:30-13:30

Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police