Training Seminars Led by Law Enforcement Officers and Ph.D.,

Computer Scientists

24 classroom training hours, presented by Law Enforcement Officers and Ph.D. Scientists

(FULL SESSION DESCRIPTION PRESENTED BELOW TRACK 8)

Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police
(7 classroom hours)

Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
(7 classroom hours)

Jerry Lucas (Ph.D., Physics), President, TeleStrategies

(1 classroom hours)

Matthew Lucas (Ph.D., Computer Science), VP, TeleStrategies
(4 classroom hours)

Christopher Parrish, U.S. Secret Service
(2 classroom hours)

Jan Pluskal (Ph.D., Computer Science), Researcher, Brno University of Technology
(1 classroom hour)

Matěj Grégr (Ph.D., Computer Science), Researcher, Brno University of Technology
(1 classroom hour)

Tuesday, 2 September 2025

Seminar #1
08:30-17:00

Online Social Media and Internet Investigations　
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police

08:30-09:15
Proxies and VPNs: Identity Concealment and Location Obfuscation

09:30-10:15
Tor, onion routers, Deepnet, and Darknet: An Investigator's Perspective

10:30-11:15
Tor, onion routers, Deepnet, and Darknet: A Deep Dive for Criminal Investigators

11:30-12:15
Cellular Handset Geolocation: Investigative Opportunities and Personal Security Risks

13:15-14:00
Ultra-Wideband Geolocation and Cyber OSINT

14:15-15:00
Collecting Evidence from Online Social Media: Building a Cyber-OSINT Toolbox

Seminar #2
08:30-17:00

(THIS SEMINAR IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)

The cyber investigators essential toolbox - Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police

The aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet, how to covertly discover live and deleted data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox. Having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement military and government only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar. Free tools in every session. This seminar is not structural or theoretical practices and awareness. Its hands-on practical techniques. 

08:30-09:15
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators

09:30-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows

10:30-11:15
WIFI, geolocation, and Mobile Data traces and tracking

11:30-12:15
Exploiting and circumnavigating Masking Tech,( encro’s, VPN’s, TOR and proxies)

13:15-14:00
Advanced Techniques in Tracing Suspects, and lateral problem solving.

14:15-15:00
Open-Source Tools, PART 1. Resources, tradecraft and techniques – Before you use the tools you need to know the tools that enable you to be safe and how to hide……. PART 2 on Thursday.

Seminar #3
08:30-09:15

Understanding Mobile 2G, 3G, 4G, 5G & 6G NSA Infrastructure and Law Intercept for Technical Investigators
Dr. Jerry Lucas, President, TeleStrategies

This session addresses the infrastructure evolution of 2G to 3G to 4G to 5G NSA and the impact on lawful interception. 

Seminar #4
09:30-10:15

Understanding 5G Stand Alone, NFV, Edge Computing and Network Slicing Interception
Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies

5G services are nearly ubiquitously deployed globally in a 4G/5G hybrid network infrastructures or so-called non-Stand Alone (NSA) architecture, or as a native 5G. This session addresses the challenges facing law enforcement and ISS vendors associated with 5G network services.

Seminar #5
10:30-11:15

Understanding AI and LEA Use Cases
Matthew Lucas (Ph.D., Computer Science, VP, TeleStrategies

The presentation provides a primer on AI technologies - what are the specific types of AI systems; how are they used in industry today; the strengths and weaknesses of AI; and how ISS vendors are leveraging AI to increase agent efficiency and results in network data, OSINT, application profiling, location and image/language processing. 

Seminar #6
11:30-12:15

Generative AI: Use-cases and Implementation Considerations for Law Enforcement and Intelligence Agencies
Matthew Lucas (Ph.D., Computer Science, VP, TeleStrategies

Generative AI (GAI) has potential to completely revolutionize network data and OSINT analytics - potentially allowing investigators to effortlessly engage, analyze, visualize large datasets and “connect the dots” that would traditionally require enormous manual effort from teams of analysts and IT personnel. GAI is also one of those technologies that is particularly difficult to implement because of the inherent nature of machine learning systems and complexity of integrating GAI technology into operational environments. This session will cover the key operational issues related to GAI platforms.

Seminar #7
16:15-17:00

Investigating Targeted Personal Financial Fraud (Pig-butchering), Romance Scams, and Other Financial Scams in Southeast Asia
Christopher Parrish, U.S. Secret Service

Wednesday, 3 September 2025

Seminar #8
16:20-17:00

OSINT Class Product Types Generating Successful Southeastern Asia Investigations
Christopher Parrish, U.S. Secret Service

Thursday, 4 September 2025

Seminar #9
08:30-09:10

Thou shalt wirelessly intercept your neighbor: Leveraging WiFi and Bluetooth in operative
Jan Pluskal (Ph.D., Computer Science), Researcher, Brno University of Technology

Seminar #10
09:15-10:00

Trending Topics in Cryptocurrency Forensics
Matěj Grégr (Ph.D., Computer Science), Researcher, Brno University of Technology

Seminar #11
11:00-11:40

Understanding the Implications of Online Social Media and OSINT During Critical Incidents
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police

Seminar #12
11:45-12:30

Mastering the password cracking
Jan Pluskal, Researchers, Brno University of Technology

Seminar #13
11:45-12:30

(THIS SESSION IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)

Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police

(FULL SESSION DESCRIPTION PRESENTED BELOW TRACK 8)

---

Welcoming Remarks and Top Ten Challenges

Wednesday, 3 September 2025

8:15-8:30
Welcoming Remarks
Tatiana Lucas, ISS World Program Director, TeleStrategies

8:30-9:00
Top Ten Internet Challenges Facing Law Enforcement and the Government Intelligence Community and Who at ISS World Asia has Solutions
Dr. Jerry Lucas, President, TeleStrategies

---

ISS World Asia Exhibit Hall Hours

Wednesday, 3 September 2025
10:00-18:00 

Thursday, 4 September 2025
10:00-13:30

---

ISS World Asia 2025 Agenda Tracks to be updated:

June 2025

---

Track 1: Lawful Interception and Criminal Investigation

Training

This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.

---

Track 2: LEA, Defense and Intelligence Analyst Product

Presentations

This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.

Track 3: Social Network Monitoring, Artificial Intelligence and

Analytics Product Presentations

Sessions in this track are only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees, unless marked otherwise.

Track 4: Threat Intelligence Gathering and Cyber Security

Product Presentations

This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees

Track 5: Investigating DarkWeb, Bitcoin, Altcoin and

Blockchain Transaction Presentations

This track is for law enforcement and private enterprise investigators who have to monitor and investigate the DarkNet along with Bitcoin transactions associated with criminal activities

Note: Some sessions are only open to LEA and Government. These sessions are marked accordingly.

Track 6: Mobile Signal Intercept Product Presentations

This track is for Law Enforcement, Interior Security and the Government Intelligence Community who must work with cellular and mobile satellite operators regarding mobile location, electronic surveillance and RF intercept.

This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.

Track 7: Electronic Surveillance Training and Product

Presentations

This track is for law enforcement investigators and the government intelligence community who are responsible for deploying video, audio and GPS surveillance products and only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.

Track 8: 5G Lawful Interception Product Training

This track is open to all conference attendees unless marked otherwise.
Note: Some sessions are only open to LEA and Government. These sessions are marked accordingly.

---

Advanced HI-Tech Cyber Investigation Training Seminars Led

by Law Enforcement Officers and Ph.D Computer Scientists

Tuesday, 2 September 2025

Seminar #1
08:30-17:00

Online Social Media and Internet Investigations　
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police

08:30-09:15
Proxies and VPNs: Identity Concealment and Location Obfuscation

09:30-10:15
Tor, onion routers, Deepnet, and Darknet: An Investigator's Perspective

10:30-11:15
Tor, onion routers, Deepnet, and Darknet: A Deep Dive for Criminal Investigators

11:30-12:15
Cellular Handset Geolocation: Investigative Opportunities and Personal Security Risks

13:15-14:00
Ultra-Wideband Geolocation and Cyber OSINT

14:15-15:00
Collecting Evidence from Online Social Media: Building a Cyber-OSINT Toolbox

Seminar #2
08:30-17:00

(THIS SEMINAR IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)

The cyber investigators essential toolbox - Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police

The aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet, how to covertly discover live and deleted data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox. Having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement military and government only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar. Free tools in every session. This seminar is not structural or theoretical practices and awareness. Its hands-on practical techniques. 

08:30-09:15
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators
How it works, for us. Why it works, for us.  How data traffic leaves a permanent trace. How and why everything that was on the internet, is still there. Identifying the structural data and exploits, that will take you to your suspect. Tracking and evaluating data. MAC tracking. If you’ve ever said “it’s been deleted” or “its no longer there”, this seminar is for you. Let me prove you wrong.

09:30-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows
What data is available. How to harvest and analyse it. Best practice to identify suspects and build profiles. Good practice, virtual data 'housekeeping' and tradecraft. Data collection and interrogation, significance, and value. IP usage, exploitation and dynamics; IP plotting and analysis how to look for suspect mistakes and exploit them (where they show their id). Dynamic approaches to identifying suspects through internet profiles. What investigators get from tech and service providers, and how to analyse it. Investigator capabilities and opportunities. TCP/IP and header value and analysis

10:30-11:15
WIFI, geolocation, and Mobile Data traces and tracking
A detectives look at Wi-Fi, attribution, cell site data, GPRS location services and technology. How an investigator can track devices, attribute suspects locations, devices and movement. Unique communication identifiers. Dynamic live time tracing. Geo location services and uses. Online Surveillance and tracking movement and speed. You and your target are being tracked by multi organisations that you done even know exist. Lets identify them and interrogate their data bases.

11:30-12:15
Exploiting and circumnavigating Masking Tech,( encro’s, VPN’s, TOR and proxies)
How suspects are using emerging and new technologies.
An introduction to where technology is going, and how Law enforcement can use this to our advantages. dynamic and pro-active problem solving. Darknet, (Deep web), TOR and IRC use. VOIP, Skype and FaceTime exploits. Advanced data sniffing and profile building. TOR systems, applications, and ways to coax offenders out of the system.

13:15-14:00
Advanced Techniques in Tracing Suspects, and lateral problem solving.
Using innovative and dynamic methods to trace offenders. Tricks used by suspects and how to combat them- Play them at their own game? Covert internet investigations. Proxy servers and hiding. Managing collateral intrusion. Reverse and social engineering. Thinking outside the box. Lateral thinking. Possible missed opportunities. Profile building and manhunts through device footprints, speed and movement.

14:15-15:00
Open-Source Tools, PART 1. Resources, tradecraft and techniques – Before you use the tools you need to know the tools that enable you to be safe and how to hide……. PART 2 on Thursday.
"Just google it" is great for tickets, tyres, holidays and opening hours. But as an investigator, we can do better, and safer.  Using most main stream search engines and browsers come with certain risks. This session aims to change that. A look at good tradecraft, practice and methodology in profiling, tracking and tracing digital footprints and shadows on the internet, by means of best available tools. Tools that the target can’t see . Do's and do nots. Best tools for best results. When was the last time you 'googled' something in an investigation, and it returned 5 results, all specifically relating to your suspect? This session will teach you how to fast track you to the data you need, and cut away the chaff.  PART 2 on the final day with free tools to download and keep

Seminar #3
08:30-09:15

Understanding Mobile 2G, 3G, 4G & 5G NSA Infrastructure and Law Intercept for Technical Investigators
Dr. Jerry Lucas, President, TeleStrategies

This session addresses the infrastructure evolution of 2G to 3G to 4G to 5G NSA and the impact on lawful interception. Specifically;

Network Architecture Evolution from 2G to 3G, 3G to 4G, 4G to 5G regarding radio technology (TDMA, CDMA, OFDM and MIMO), network core from CSFB to VoLTE and SS7 to Diameter.

Encryption, Target Identification and Location: SIM and eSIM cards, IMSI and Target ID, encryption algorithms (A3, A5, A8 and Ki) and basically how user authentication and traffic encryption is accomplished.

Target Location Tracking with CDR analysis, MAC address farming, MITM attacks, SS7 access, IMSI catchers and IT intrusion.

4G to 5G Transition Specifics Understanding 5G Non Stand Alone (NSA) vs. SA 5G, the IMSI catcher issue (myth vs. realities), 5G Cryptography (ECC, SUPI, SUCI), 5G target location enhancement and LTE/NR Internetworking and Co-existance.

5G Spectrum What can 5G deliver with mid vs. high frequency spectrum and what new spectrum bands are soon to be auctioned off

SA 5G Infrastructure Features: NFV, SDN, Edge/Cloud Computing and Network Slicing

Seminar #4
09:30-10:15

Understanding 5G Stand Alone, NFV, Edge Computing and Network Slicing Interception
Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategies

5G services are nearly ubiquitously deployed globally in a 4G/5G hybrid network infrastructures or so-called non-Stand Alone (NSA) architecture, or as a native 5G. This session addresses the challenges facing law enforcement and ISS vendors associated with 5G network services. 

1. 5G Speed and Scale: How are law enforcement going to grab 1gbps traffic streams; backhaul to monitoring centers and filter non-important traffic of interest?
2. 5G Edge Cloud Computing: How do you intercept on a 5G cloud platforms, deal with proprietary system protocols, e2e encryption and localized content?
3. 5G Virtual Network Core: How does 5G SA core implementations affect LI, VoIP on virtual devices and what LI barriers has the IETF created?
4. 5G Network Slicing and Private 5G: How will law enforcement interconnect with 5G OSS provisioning systems to capture multiple network interfaces and private network 

Seminar #5
10:30-11:15

Understanding AI and LEA Use Cases
Matthew Lucas (Ph.D., Computer Science, VP, TeleStrategies

The presentation provides a primer on AI technologies - what are the specific types of AI systems; how are they used in industry today; the strengths and weaknesses of AI; and how ISS vendors are leveraging AI to increase agent efficiency and results in network data, OSINT, application profiling, location and image/language processing. Specific topics include: 

• Overview of AI, machine learning (ML) and deep learning (DL) systems technology.
• What AI capabilities are helping law enforcement and national security agencies (e.g., image / natural language processing, unstructured data analytics, predictive analytics).
• How AI is powering OSINT analytics, mobile signal intercept, location, signaling intelligence, audio-visual forensics, encryption and surveillance products. 
• Criminal uses of AI, such as clutter, scams, fake news.
• Future directions: generative AI, chipsets and AI-driven devices.

Seminar #6
11:30-12:15

Generative AI: Use-cases and Implementation Considerations for Law Enforcement and Intelligence Agencies
Matthew Lucas (Ph.D., Computer Science, VP, TeleStrategies

Generative AI (GAI) has potential to completely revolutionize network data and OSINT analytics - potentially allowing investigators to effortlessly engage, analyze, visualize large datasets and “connect the dots” that would traditionally require enormous manual effort from teams of analysts and IT personnel. GAI is also one of those technologies that is particularly difficult to implement because of the inherent nature of machine learning systems and complexity of integrating GAI technology into operational environments. This session will cover the key operational issues related to GAI platforms. 

• Dealing with hallucinations, bias and accuracy
• Securing and protecting sensitive investigation information
• Prompt engineering optimized for evidence and intelligence
• End-user natural language interfaces
• Retrieval augmentation and dataset integration challenges
• Training and tuning models
• Limitations, case studies and examples
• Expected technology advancements

Seminar #7
16:15-17:00

Investigating Targeted Personal Financial Fraud (Pig-butchering), Romance Scams, and Other Financial Scams in Southeast Asia
The fight against targeted personal financial fraud in Southeast Asia requires a multi-pronged approach, combining international cooperation, technological innovation, community empowerment, and individual responsibility. By working together, we can create a future where individuals are safe from exploitation and empowered to pursue their financial goals with confidence.
Christopher Parrish, U.S. Secret Service

Wednesday, 3 September 2025

Seminar #8
16:20-17:00

OSINT Class Product Types Generating Successful Southeastern Asia Investigations
Christopher Parrish, U.S. Secret Service

Thursday, 4 September 2025

Seminar #9
08:30-09:10

Thou shalt wirelessly intercept your neighbor: Leveraging WiFi and Bluetooth in operative
In this talk, we shall discuss various security mechanisms used in WiFi and Bluetooth networks and how to abuse them to obtain mission-critical intel. Apart from explaining all principles, we will demonstrate them (hopefully live) on our tactical device! Starting with an access point and client scans, we will continue with client targetted jamming and total Denial-of-Service of the whole network that may even result in authentication handshake capture. This handshake contains information to recover the WiFi password to access the targeted network. Once inside the network, we will show essential hacking tools to conduct IP-level reconnaissance. But we will not limit ourselves to WiFi and demonstrate how Bluetooth can be leveraged to notify you about a person's presence or exploit various IoT devices.
Jan Pluskal (Ph.D., Computer Science), Researcher, Brno University of Technology

Seminar #10
09:15-10:00

Trending Topics in Cryptocurrency Forensics
Bitcoin, Ethereum and other cryptocurrencies are becoming mainstream for financial interactions and standard tools when conducting cybercrime such as scams, frauds, ransomware, darknet markets, sextortion, etc. LEAs also adapted to a new situation, and many investigators are already familiar with cryptocurrency basics and how to trace transactions on publicly available blockchain explorers. This session aims to extend the knowledge of participants about more advanced topics such as: a) address clustering techniques and their applicability to various cryptocurrencies; b) monitoring of cryptocurrency networks and their peers with the help of network intelligence; c) geolocating cryptocurrency transaction with IP address or originator; d) overcoming obfuscation of transactions entering and leaving mixers; e) correlating activities on darkweb with blockchain events. Each subtopic will be thoroughly explained, including currently existing methods and tools for addressing associated challenges.
Matěj Grégr (Ph.D., Computer Science), Researcher, Brno University of Technology

Seminar #11
11:00-11:40

Understanding the Implications of Online Social Media and OSINT During Critical Incidents
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police

Seminar #12
11:45-12:30

Mastering the password cracking
Users need to provide passwords when they are logging into the computer, starting their smartphone, accessing their favourite web service, opening protected files/disks, connecting to a network or pairing their wearable. Encryption is an inherent trait of digital presence, whether users realize it or not. We will speak about different approaches to password cracking, including dictionary, rule-based, brute-force, hybrid and association attacks. We will show benchmarks of how fast high-end GPU cards can recover passwords for various formats (e.g., Windows credentials, WPA2 handshakes, ZIP and RAR files, LUKS partitions, Android PINs, and iPhone Backups). We will answer what length or complexity of the password is enough to protect your data. Nevertheless, better than guessing the password is knowing the password! We will conclude our talk by demonstrating the applicability of personal information leaks with usernames, emails, phone numbers and passwords!
Jan Pluskal (Ph.D., Computer Science), Researcher, Brno University of Technology

Seminar #13
11:45-12:30

(THIS SESSION IS ONLY OPEN TO LEA AND GOVERNMENT ATTENDEES)

Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police