ISS World South Africa is the world's largest gathering of Southern Africa Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech Electronic Investigations and Network Intelligence Gathering.
ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety and Government Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network and the Internet.
Track 1: ISS for Lawful Interception and Criminal Investigations
Track 2: ISS for Investigating Bitcoin Transaction Investigations
Track 3: Mobile and Cloud Computing Forensic Training and Product Demonstrations
Track 4: Encrypted Traffic Monitoring and IT Intrusion Product Training
Track 5: LEA and Intelligence Analyst Training and Product Demonstrations
Track 6: Social Network Monitoring Product Demonstrations
Track 7: Mobile Location, Surveillance and Signal Intercept Product Demonstrations
Pre-Conference Seminars and Tutorials led by Law Enforcement Officers and Ph.D. Computer Scientists
ISS World Agenda From 2016 ISS World Asia Program
ISS World South Africa 2018
Agenda and Registration Link
Available April 2018
Training Seminars led by Law Enforcement Officers and Ph.D. Computer Scientists
Sunday, 10 July 2016
Seminar #1
8:30 -17:00Online Social Media and Internet Investigations
Presented by Charles Cohen, Cohen Training and Consulting, LLC Charles Cohen also holds the position of Commander, Cyber Crimes Investigative Technologies Section, Indiana State Police, USA
This one-day seminar gives attendees an up-to-date understanding of how social networking sites work and how members act and interact. Attendees will learn what information is available on various sites and how to integrate that information into criminal investigations and criminal intelligence analysis.
8:30-9:30
The role of Online Social Media OSINT in Predicting and Interdicting Spree Killings: Case Studies and Analysis
9:45-10:45
OSINT and Criminal Investigations
11:00 -12:00
Metadata Exploitation in Criminal Investigations
13:30-14:30
EXIF Tags and Geolocation of Devices for Investigations and Operational Security
14:45-15:45
Case Studies in Metadata Vulnerability Exploitation and Facial Recognition
16:00-17:00
What Investigators Need to Know about Emerging Technologies Used to Hide on the InternetSeminar #2
8:30-17:00Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
The aim of this one-day seminar is to take the attendees from the basics of understanding the Internet, how to find data, through to a full understanding of best practice of an Internet investigator, having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.
8:30-9:30
The Internet, and how suspects leave a digital footprint
9:45 -10:45
Recognizing Traffic Data and digital profiling
11:00 -12:00
WIFI, geolocation, and Mobile Data traces
13:30 -14:30
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxies
14:45 -15:45
Advanced Techniques in Tracing Suspects, and lateral problem solving
16:00 - 17:00
Open Source Tools, resources and techniquesSeminar #3
8:30-12:00Understanding ISS Technologies and Products Deployed in Telecommunications Networks for Lawful Interception and Mass Surveillance
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This half-day seminar covers how criminals and terrorists communicate over today's public telecommunications wireline and wireless networks, over the top Internet services and social networks. This seminar is ideal for law enforcement, interior security, public safety and others who need to understand the ISS technologies and products used to lawfully intercept electronic communications and conduct mass network surveillance as discussed at ISS World Conference sessions and by exhibitors.
8:30-9:30
Introduction to Wireline Infrastructure and Related ISS Products for Lawful Interception and Mass Surveillance
What technical investigators need to understand about wireline network infrastructure:
9:45-10:45
Understanding Mobile Wireless Infrastructure, and Related ISS Products for Lawful Interception and Mass Surveillance
What technical investigators need to understand about mobile network infrastructure11:00-12:00
Understanding the Internet Over-the-Top (OTT) Services and Related ISS Products for Mass Intelligence Gathering and Surveillance
What technical investigators need to know about the Internet and Over the Top (OTT) communications techniques criminals and terrorists use
Seminar #4
13:30-14:30Understanding and Defeating Encryption with Lawful Hacking
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This session covers how TOR is used to hide IP location of senders, HTTP log of files used and encrypt communications, TOR Hidden Services (Dark Web) and how to find Hidden Services and techniques for defeating TOR and encrypted services such as Telegrams as used by criminals and terrorists.
Seminar #5
14:45-15:45Investigation Techniques for Unmasking TOR Hidden Services and Other Dark Web Operations
Presented by:Dr. Jerry Lucas, President, TeleStrategies
TOR networks are notoriously effective at hiding the online identity of criminals, terrorists and others who are up to no good. The other side that receives less attention are TOR hidden services. These are services that leverage TOR's anonymizing capabilties to mask the identity of criminally-hosted online services - forming the basis of just about all illegal gambling sites, drug markets, child exploitation material, firearm sales, terrorism propaganda, and more.
Tuesday, 12 July, 2016
Seminar #6
8:30-9:30Bitcoin 101: Introduction to What Technical Investigators Need to Know about Bitcoin Transactions and Dark Web Commerce
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This 101 training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and money laundering and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically, this introduction to Bitcoin for technical investigators addresses
(Full Pre-Conference Seminar Agenda Appears After Track 7)
Monday, 11 July 2016
Welcoming Remarks
8:15-8:30 Tatiana Lucas, ISS World Program Director, TeleStrategies ISS World Keynote Addresses
8:30-9:00 Top Ten Internet Challenges Facing Law Enforcement and the Intelligence Community and Who at ISS World South Africa has Solutions
Dr. Jerry Lucas, President, TeleStrategiesISS World South Africa Exhibits
11 July 2016, 10:00 a.m. - 17:00 p.m.
12 July 2016, 9:30 a.m. - 12:30 p.m.
Track 1: ISS for Lawful Interception
This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.
Sunday, 10 July 2016
9:00-17:00 Session A Online Social Media and Internet Investigations
Presented by Charles Cohen, Cohen Training and Consulting, LLC
Charles Cohen also holds the position of Commander, Cyber Crimes Investigative Technologies Section, Indiana State Police, USA8:30-12:00 Session B Understanding ISS Technologies and Products Deployed in Telecommunications Networks and Monitoring Centers for Law Enforcement and Intelligence Analysts
Dr. Jerry Lucas, President, TeleStrategiesMonday, 11 July 2016
9:00-9:30 Data Retention for NAT (Network Address Translation): Why NAT – logging of records is required for LEA investigations
Rudolf Winschuh, Utimaco LIMS14:00-14:30 Lawful Intercept and Investigatory Insights from the Internet of Things (IoT)
Presented by Yaana Technologies15:30-16:00 Understanding how Millennials (Gen Y) Communicate and the Impact these Communication Techniques Have on Exploiting Communications
Patrick C. Runyan, Business Development Manager – Global Solutions Group, PenLink
Track 2: ISS for Investigating Bitcoin Transaction Investigations
This session is for law enforcement and private enterprise financial analysts: Additional money laundering investigation sessions to be announced
Tuesday, 12 July 2016
8:30-9:30 Bitcoin 101: Introduction to What Technical Investigators Need to Know about Bitcoin Transactions and Dark Web Commerce
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis 101 training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and money laundering and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically, this introduction to Bitcoin for technical investigators addresses:
- Bitcoin Basics for Technical Investigators
- Understanding Bitcoin Infrastructure, Blockchain and Bitcoin Mining
- How Criminals and Terrorists Use TOR and Dark Web
- Bitcoin Cryptography Demystified (For Non-Math Majors)
- How criminals and terrorists use bitcoin in money laundering operations
- Bitcoin 2.0 and the New Challenges Facing Law Enforcement
10:30-11:30 Bringing Transparency to Bitcoin transactions
This presentation will outline the cutting edge analysis techniques that Chainalysis employs to cluster Bitcoin addresses together and the different attribution strategies employed. Finally, using an example we will walk through a typical path an investigation may follow to get to a real world person.
Jonathan Levin, Co-Founder, Chainalysis12:00-13:00 Case Studies: Blockchain analysis in action
A case study focused presentation outlining the major threat actors and the anonymization techniques employed. Will step through some investigations outlining how to get leads in cases or look for corroborative evidence. Finally, will step through some best practice when searching for Blockchain evidence, minimising the time wasted during an investigation.
Jonathan Levin, Co-Founder, Chainalysis
Track 3: Mobile and Cloud Computing Forensic Training and Product Demonstrations
This track is for law enforcement and private enterprise investigators
Sunday, 10 July 2016
14:45-15:45 Advanced analytics in mobile forensics - Empowering a collaborative investigation environment with end-to-end forensic
Roy Shamir, CellebriteMonday, 11 July 2016
11:30-12:30 Session A Smart analyses tools for mobile forensics
Presented by MSAB15:30-16:00 Cloud Forensics - Enriching today’s investigation with evidence from cloud based services
Tom Blumenthal, Cellebrite
ATTENTION: To Attend the LEA/DHS/IC/DoD Training Tracks 4, 5, 6 and 7 you must be a sworn law enforcement officer or military/intelligence/government employee. Also you must register by 3 July 2016 in order to verify eligibility. Government employee photo ID required for Tracks 4, 5, 6 and 7 classroom access.
Track 4: Encrypted Traffic Monitoring and IT Intrusion Product Training
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees
Sunday, 10 July 2016
11:00-12:00 FinFisher™:End to End approach to IT Investigation
Presented by FinFisherMonday, 11 July 2016
9:00-9:30 Encrypted Communications: Gaining Intelligence Value in Spite of Growing Challenges
Presented by Verint
Track 5: LEA and Intelligence Analyst Training and Product Demonstration Track
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Monday, 11 July 2016
11:30-12:00 Session A Generating new Intelligence from call data records
Presented by trovicor11:30-12:00 Session B IP Address Resolution - Breaking the Anonymity of Network Address Translation
Presented by Yaana Technologies12:00-12:30 Session A Identifying suspects through Text Analysis - An introduction to mass email Monitoring
Presented by trovicorTuesday, 12 July 2016
8:30-9:30 Session A Forensic Data Fusion Centre: IPDR, CDR, Nat-Pat disambiguation and every external source in a single frame
Emanuele Marcozzi, Presales Engineer, AREA8:30-9:00 Session B Anti-Poaching: Advanced Intelligence Solutions for Protecting Wildlife in Africa
Presented by Verint9:00-9:30 Session B Engagement of Communication Service Providers for Effective Countrywide Intelligence: The "Revenue Assurance" Use Case
Presented by Verint10:30-11:00 Real-time target location tracking - How to generate alerts of suspicious movements
Presented by trovicor
Track 6: Social Network Monitoring and Big Data Analytics Product Demonstration
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Sunday, 10 July 2016
8:30-17:00 Session A Practitioners Guide to Internet Investigations
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police9:45-10:15 OSINT LABS from an empty building to a cornerstone of any intelligence organization
Presented by Gamma GroupMonday, 11 July 2016
9:30-10:00 Session A Mass Interception in the Digital Era: Revealing the Meaning Behind the Communications
Presented by Verint9:00-10:00 Session B "We analyzed the internet, now what?" Using the HIWIRE System to transform passive analytics into a full-blown WEBINT mission
Presented by WIP11:30-12:30 Session A The New Forensic Investigator Toolbox: from Tactical to Open Source Investigations
Emanuele Marcozzi, Presales Engineer, AREA11:30-12:00 Session B Multimedia/lingual OSINT exploitation" to combat global terrorism
Presented by Gamma Group14:00-15:00 Session A Getting social media data using MSABs Cloud forensics
Presented by MSAB14:00-15:00 Session B Handling Multi-language OSINT & COMINT with Secure Automated Translation
Emmanuel Tonnelier, Intelligence Solution Director, SYSTRAN15:30-16:00 Session A Web Intelligence Against Global Terrorism
Presented by Verint16:00-16:30 Session A Fusion Intelligence Center for Boosting Your Investigation
Presented by Verint15:30-16:30 Session B Post Trojan Infiltration: The new Digital Undercover Agent
Emanuele Marcozzi, Presales Engineer, AREATuesday, 12 July 2016
8:30-9:30 The powerful effect of using HIWIRE to engage the internet less like a data source and more like a virtal neighborhood
Presented by WIP10:30-11:30 OSINT and Beyond: From Online Surveillance of Targets to Direct Surveillance
Presented by S2T12:00-13:00 Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Mark Bentely, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
Track 7: Mobile Location, Surveillance and Signal Intercept Product Training
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Sunday, 10 July 2016
10:15-10:45 Covert Surveillance - from the simple to the sophisticated
Presented by Gamma GroupMonday, 11 July 2016
9:00-10:00 Satellite monitoring explained, including solving the problem of VSAT interception and CiC
Presented by VASTech11:30-12:30 Session A Carrier in Carrier (Double Talk ®) Satellite Interception
Presented by Advanced Systems12:00-12:30 Session B Target Tracking and Surveillance with Gamma Eye
Presented by Gamma Group14:00-15:00 Session A Advanced analytics to uncover targets and patterns based on mass data from mobile communications capture system
Presented by VASTech14:00-15:00 Session B Satellite Interception
Presented by StratignTuesday, 12 July 2016
8:30-9:30 GSM Tactical Interception System for 3G and 4G
Presented by Advanced Systems10:30-11:30 'Future Proofing Tactical COMINT'
Presented by EXFO Homeland Security
Pre-Conference Training Seminars
Training Seminars led by Law Enforcement Officers and Ph.D. Computer Scientists
Sunday, 10 July 2016
Seminar #1
8:30 -17:00Online Social Media and Internet Investigations
Presented by Charles Cohen, Cohen Training and Consulting, LLC Charles Cohen also holds the position of Commander, Cyber Crimes Investigative Technologies Section, Indiana State Police, USA
This one-day seminar gives attendees an up-to-date understanding of how social networking sites work and how members act and interact. Attendees will learn what information is available on various sites and how to integrate that information into criminal investigations and criminal intelligence analysis.
8:30-9:30
The role of Online Social Media OSINT in Predicting and Interdicting Spree Killings: Case Studies and Analysis
9:45-10:45
OSINT and Criminal Investigations
11:00 -12:00
Metadata Exploitation in Criminal Investigations
13:30-14:30
EXIF Tags and Geolocation of Devices for Investigations and Operational Security
14:45-15:45
Case Studies in Metadata Vulnerability Exploitation and Facial Recognition
16:00-17:00
What Investigators Need to Know about Emerging Technologies Used to Hide on the InternetSeminar #2
8:30-17:00Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
The aim of this one-day seminar is to take the attendees from the basics of understanding the Internet, how to find data, through to a full understanding of best practice of an Internet investigator, having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar.
8:30-9:30
The Internet, and how suspects leave a digital footprint
9:45 -10:45
Recognizing Traffic Data and digital profiling
11:00 -12:00
WIFI, geolocation, and Mobile Data traces
13:30 -14:30
Awareness of Emerging Technologies, Masking Tech and Tools, TOR and proxies
14:45 -15:45
Advanced Techniques in Tracing Suspects, and lateral problem solving
16:00 - 17:00
Open Source Tools, resources and techniquesSeminar #3
8:30-12:00Understanding ISS Technologies and Products Deployed in Telecommunications Networks for Lawful Interception and Mass Surveillance
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This half-day seminar covers how criminals and terrorists communicate over today's public telecommunications wireline and wireless networks, over the top Internet services and social networks. This seminar is ideal for law enforcement, interior security, public safety and others who need to understand the ISS technologies and products used to lawfully intercept electronic communications and conduct mass network surveillance as discussed at ISS World Conference sessions and by exhibitors.
8:30-9:30
Introduction to Wireline Infrastructure and Related ISS Products for Lawful Interception and Mass Surveillance
What technical investigators need to understand about wireline network infrastructure:
- Voice service intercept types (PSTN, VoIP and P2P)
- Internet access intercept points
- Mediation device collection, data retention and CDR transfer to monitoring centers
- SS7 and mass metadata surveillance
- DPI and Optical Probe functions and placement
- ISS products found in wireline networks
9:45-10:45
Understanding Mobile Wireless Infrastructure, and Related ISS Products for Lawful Interception and Mass Surveillance
What technical investigators need to understand about mobile network infrastructure
- What's different about 2G, 3G, 4G and 4.5G from an investigators perspective
- Relevance of SIM card stored data, IMSI, IMEI and other identifying information
- CDR's and suspect tracking, geolocation and data mining
- RF signal tracking, IMSI catchers and international tracking via SS7
- Wi-Fi intercept, MAC address harvesting and Man in the Middle (MITM) hotspot intercept
- ISS products located in wireless networks
11:00-12:00
Understanding the Internet Over-the-Top (OTT) Services and Related ISS Products for Mass Intelligence Gathering and Surveillance
What technical investigators need to know about the Internet and Over the Top (OTT) communications techniques criminals and terrorists use:
- What's OTT and why the telecoms are no help in an investigation
- IP layering architecture and where intercept points are positioned
- ISP infrastructure and where they can be of assistance using temporal analysis to defeat anonymous services
- VOIP OTT service (P2P, Skype & VIBER) investigations
- Social Network and Dark Web monitoring tools
- ISS products available for OTT investigations
Seminar #4
13:30-14:30Understanding and Defeating Encryption, TOR and Dark Web Commerce
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This session covers how TOR is used to hide IP location of senders, HTTP log of files used and encrypt communications, TOR Hidden Services (Dark Web) and how to find Hidden Services and techniques for defeating TOR and encrypted services such as Telegrams as used by criminals and terrorists.
- What's encryption, Where in the IP layer stack (2, 3, 4 and Applications) do you find encryption. Anonymity Services: Proxy Servers, VPNs and TOR
- How TOR hides IP addresses/identity/location
- TOR hosting, What is .ONION and content analysis
- "De-anonymizing" TOR: Investigation approaches, limitations and case studies
- Defeating Encryption Options: Brute force key cracking (?), force weak encryption, Man in the Middle (MITM) attacks and of course IT Intrusion Systems
- Defeating Apple iphone encryption and Telegram encrypted services
Seminar #5
14:45-15:45Investigation Techniques for Unmasking TOR Hidden Services and Other Dark Web Operations
Presented by: Dr. Jerry Lucas, President, TeleStrategies
TOR networks are notoriously effective at hiding the online identity of criminals, terrorists and others who are up to no good. The other side that receives less attention are TOR hidden services. These are services that leverage TOR's anonymizing capabilties to mask the identity of criminally-hosted online services - forming the basis of just about all illegal gambling sites, drug markets, child exploitation material, firearm sales, terrorism propaganda, and more.
This webinar will present exactly:
• How TOR Hidden Services Work
• The Scale/Scope of TOR-Based Online Markets
• How are TOR Hidden Services Set-up and Searched
• How to Identify TOR Hidden Service Traffic
• How Bitcoin is used in Dark Web Transactions
• Basics of Bitcoin Clustering Analysis
• Other Dark Web Operations Outside of TOR Hidden Service
• And MoreTuesday, 12 July, 2016
Seminar #6
8:30-9:30Bitcoin 101: Introduction to What Technical Investigators Need to Know about Bitcoin Transactions and Dark Web Commerce
Presented by: Dr. Jerry Lucas, President, TeleStrategies
This 101 training seminar is an introduction to Bitcoin, how the system is used to support criminal activities (e.g. Dark Web) and money laundering and why technical investigators need to understand the basic Bitcoin transaction mechanism (Blockchain) to successfully defeat 21st century criminals and terrorist actions. Specifically, this introduction to Bitcoin for technical investigators addresses:
- Bitcoin Basics for Technical Investigators
- Understanding Bitcoin Infrastructure, Blockchain and Bitcoin Mining
- How Criminals and Terrorists Use TOR and Dark Web
- Bitcoin Cryptography Demystified (For Non-Math Majors)
- How criminals and terrorists use bitcoin in money laundering operations
- Bitcoin 2.0 and the New Challenges Facing Law Enforcement