Agenda from: 11-13 February 2025
ISS World Middle East and Africa is the world's largest gathering of Regional Law Enforcement, Intelligence and Homeland Security Analysts, Telecoms as well as Financial Crime Investigators responsible for Cyber Crime Investigation, Electronic Surveillance and Intelligence Gathering.
ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety, Government and Private Sector Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's telecommunications network, the Internet and Social Media.
Track 1: Lawful Interception and Criminal Investigation Training
Track 2: LEA, Defense and Intelligence Analyst Product Presentations
Track 3: Social Network Monitoring, Artificial Intelligence and Analytics Product Presentations
Track 4: Threat Intelligence Gathering and Cyber Security Product Presentations
Track 5: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction Presentations
Track 6: Mobile Signal Intercept and Electronic Surveillance Presentations
Track 7: 5G Lawful Intercept, Tracking and Forensics Product Presentations
Plus Special Training Seminars lead by Law Enforcement Officers and Ph.D. Scientists
ISS World MEA 2025 Agenda at a Glance
Training Seminars Led by Law Enforcement Officers and Ph.D., Computer Scientists
20 classroom training hours, presented by Law Enforcement Officers and Ph.D. Scientists
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police
(6 classroom hours)Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police
(7 classroom hours)Jerry Lucas (Ph.D., Physics), President, TeleStrategies
(2 classroom hours)Matthew Lucas (Ph.D., Computer Science), VP, TeleStrategies
(3 classroom hours)
Tuesday, 11 February 2025
Seminar #1
08:30-15:00Online Social Media and Internet Investigations
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police08:30-09:15
Proxies and VPNs: Identity Concealment and Location Obfuscation
09:30-10:15
Tor, onion routers, Deepnet, and Darknet: An Investigator's Perspective
10:30-11:15
Tor, onion routers, Deepnet, and Darknet: A Deep Dive for Criminal Investigators
11:30-12:15
Cellular Handset Geolocation: Investigative Opportunities and Personal Security Risks
13:15-14:00
Ultra-Wideband Geolocation and Cyber OSINT
14:15-15:00
Collecting Evidence from Online Social Media: Building a Cyber-OSINT ToolboxSeminar #2
08:30-15:00The cyber investigators essential toolbox - Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceThe aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet, how to covertly discover live and deleted data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox. Having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement military and government only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar. Free tools in every session. This seminar is not structural or theoretical practices and awareness. Its hands-on practical techniques.08:30-09:15
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators09:30-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows
10:30-11:15
WIFI, geolocation, and Mobile Data traces and tracking11:30-12:15
Exploiting and circumnavigating Masking Tech,( encro’s, VPN’s, TOR and proxies)13:15-14:00
Advanced Techniques in Tracing Suspects, and lateral problem solving.14:15-15:00
Open-Source Tools, PART 1. Resources, tradecraft and techniques – Before you use the tools you need to know the tools that enable you to be safe and how to hide……. PART 2 on Thursday.Seminar #3
08:30-09:15Understanding Mobile 2G, 3G, 4G, 5G NSA & LEO Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session addresses the infrastructure evolution of 2G to 3G to 4G to 5G NSA and the impact on lawful interception.
Seminar #4
09:30-10:15Transitioning Lawful Interception Network Core Features from 4G to 5G SA: What’s it Looking Like and Challenges Ahead
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesCellular market analysts collectively have identified 5G services deployed in over 400 cities spread over 30 or so countries. The one common feature of all these operations is that they are providing 5G services with a 4G/5G hybrid network infrastructures or so called non-Stand Alone (NSA) architecture. This session addresses the transition to 5G stand alone. (Full description below Track 9)
Seminar #5
10:30-11:15Understanding How AI Empowers ISS Products, LEAs and Intelligence Agencies
Matthew Lucas (Ph.D., Computer Science, VP, TeleStrategiesSeminar #6
11:30-12:15Generative AI (e.g., ChatGPT): How LEAs and Intelligence Agencies Can Leverage the Technology, and Criminal Use Examples
Matthew Lucas (Ph.D., Computer Science, VP, TeleStrategiesThursday, 13 February 2025
Seminar #7
12:30-13:30Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PolicePre-Conference Sessions Description At The End of Agenda PostinG
ISS World MEA Exhibits Schedule:
Wednesday, 12 February 2025
10:00-18:00
Thursday, 13 February 2025
9:15-12:30
Welcoming Remarks and Top Ten Challenges
Wednesday, 12 February 2025
Welcoming Remarks
8:15-8:30 Tatiana Lucas, ISS World Program Director, TeleStrategies Keynote
8:30-9:00 Top Ten Internet Challenges Facing Law Enforcement and the Intelligence Community and Who at ISS World Middle East and Africa has Solutions
Dr. Jerry Lucas, President, TeleStrategies
ISS World MEA Exhibits Schedule:
Wednesday, 12 February 2025
10:00-18:00
Thursday, 13 February 2025
9:15-12:30
Track 1: Lawful Interception and Criminal Investigation Training
This track is for Telecom Operators and Law Enforcement/Intelligence/Defense Analysts who are responsible for specifying or developing lawful intercept network infrastructure.
Tuesday, 11 February 2025
13:15-14:00
Effortlessly Detecting Persons and Topics of Interest in Audio
In this session, you will discover the latest capabilities of voice biometrics and speech recognition. Phonexia will present how its innovative technologies can help Security and Defence organizations respond rapidly to a wide range of threats.
Jan Pavlík, Phonexia14:15-15:00
Simplifying lawful requests: how CSPs can automate, secure and speed their responses to criminal investigations
Presented by Subtonomy & Telia Norway15:15-16:00 Session A
Discover how to accelerate your public safety or enterprise’s digital forensics investigations with Magnet AXIOM
Jarina Cotten, Solutions Consultant, Magnet Forensics16:15-17:00 Session A
The Future of Digital Forensics with FTK
Garreth Scott, Global Leader - Public Sector Digital Forensics, Exterro16:15-17:00 Session B
Remove unwanted data (e.g. video, encrypted traffic, etc.) at n x 100 Gbps using an ultra-compact server
Presented by NapatechWednesday, 12 February 2025
09:10-10:00
How to Detect Fake News
This talk will delve into the challenges posed by digital manipulation techniques. This informative session highlights crucial detection methods needed to identify and mitigate the impact of bots, fake news, and deep fakes in shaping public perception. Gain insight into the detailed overview of the evolving landscape of digital deception, emphasizing its implications on the integrity of information in today's interconnected world.
Presented by Cyabra14:00-14:45
Accelerate Forensic Voice Analysis with Advanced Speaker Recognition Solution
Join us to explore our advanced voice analysis solution for forensic experts and investigators. Discover its rapid, precise capabilities enabled by deep neural networks, which will enhance your forensic analysis.
Pavel Wilhelm, PhonexiaThursday, 13 February 2025
10:15-11:00 Session B
Using OSINT in offensive operations’
Sylvain HAJRI, Epieos11:30-12:15 Session A
Understanding the Implications of Online Social Media for OSINT During Critical Incidents
Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police12:30-13:30
Elevate your Investigations with Modern DFIR products
Haitham Khatib, Technical Sales Engineer – MEAI, Oxygen Forensics
Track 2: LEA, Defense and Intelligence Analyst Product Presentations
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.
Tuesday, 11 February 2025
8:30-9:15 Session B
Technological Advancements in Mass Interception: Unraveling the Future of Surveillance
Gurjot Sandhu, Pertsol9:30-10:15 Session A
Trovicor’s Latest interception Innovations – Speech Analysis, Encrypted IP applications and hyper efficient Big Data Analytics
Presented by Datafusion Systems
9:30-10:15 Session B
Enhanced LEA Analytical Capability Equipped with Customizable Intelligence Models Incubator - Supporting Incubation of 100+ Intelligence Models Freely.
Presented by Sinovatio
10:30-11:15
Next Generation Data Diode for Lawful Interception and Applications with Low Latency and High Throughput
Presented by GSN11:30-12:15
From Electronic Surveillance to Social Media Investigations challenges, solved with integrated Cyber Intelligence solutions.A structured case-study
Presented by AREA13:15-14:00 Session A
Deep Network Visibility at International Scale Via Enriched Traffic Metadata: IPFIX for OTU4, STM64 and 100GbE Networks
National defense missions require deep signals intelligence from OTN, SDH and Ethernet networks. Learn how unsampled flow-based metadata and IPFIX can provide 100% visibility into telecommunication cables including IP addresses, layer 7 application classification and protocol-specific data from TLS, QUIC, DNS, HTTP, SIP and other traffic types.
Presented by NetQuest14:15-15:00
Dynamic Network Intelligence - Supercharged IPDR extraction and analysis - Encrypted IP Applications and Advanced Internet Activity Analytics
Presented by Datafusion Systems15:15-16:00 Session B
AI Counter-Terrorism Platform for Effective Law Enforcement
Presented by Vehere16:15-17:00 Session A
Is this photo lying to me? Amped Authenticate: Forensic Photo and Video Integrity and Authenticity verification.
This session will showcase how Amped Authenticate can help investigators determine whether the footage they're dealing with is original and authentic.
By analyzing the processing history, identifying manipulation and forgeries, and detecting deepfakes, you can ensure that photo and video evidence can be trusted in legal proceedings.
Join us to discover how Amped Authenticate provides powerful tools for forensic experts to detect tampering, verify integrity, and assess the authenticity of visual media.
Presented by Amped Software
16:15-17:00 Session B
Next Generation Lawful Intelligence – enhanced geolocation analysis
The ability to query the location of a target in real time (synchronously) has clear advantages and can be instrumental in analyzing a target’s movements to assess evolving threats, as well as in the pursuit and apprehension of suspects. In this session, SS8 will discuss network-based positioning methods that improve law enforcement agencies' ability to find persons of interest leveraging real-time and historic location data.
Presented by SS8Wednesday, 12 February 2025
09:10-10:00 Session A
The other half of the story
Presented by Q Cyber13:00-13:45
Forensic content derived metadata with powerful Data Fusion and Analysis unleashes the intelligence hidden in the encrypted communications.
Use cases and demonstration.
Presented by AREA14:00-14:45 Session B
Cost Effective Network Monitoring Systems
Mike Bitting (VP A&D Sales-Polatis Worldwide), Huber+Suhner14:00-14:45 Session C
Enhancing Situational Awareness in Control Rooms
A deep dive into advanced tools for managing crowds, analyzing density, and exploring zones to handle demonstrations proactively and effectively.
Presented by Intersec
15:15-16:00 Session A
The cutting-edge Android and iOS spyware, along with advanced analytical tools, seamlessly converge within the "Spyder Space" domain
Presented by Movia15:15-16:00 Session C
Keysight data broker for lawful Intercept needs
Luc Erol Alptuna, Strategic Alliance Director EMEA / APAC, Keysight/IXIA16:15-17:00 Session C
Streamlining Investigation: Our experience in Call Data Records Analysis for Location Tracking and Behavior Pattern Recognition.
Presented by CogniwareThursday, 13 February 2025
08:30-09:15 Session A
Unravelling JA3 and JA4+: Global Botnet Detection via Encrypted Traffic Fingerprinting
Network security teams and government defense agencies are leveraging encrypted traffic fingerprinting techniques such as JA3/JA3S to detect C2 servers and global botnet campaigns. Learn what a JA3 fingerprint is and how it is evolving to stay ahead of threat actors. Beyond TLS, what are teams doing to fingerprint traffic encrypted via SSH and QUIC?
Presented by NetQuest08:30-09:15 Session B
Prison Crime Investigation: Real-world Insights from Implementing an AI-Powered Analytical System in a European Correctional Facility.
Presented by Cogniware10:15-11:00 Session A
Decrypting Messengers: Spotlighting Chat Administrators and Forecasting Crowd Dynamics
Join us in deciphering the enigma of messaging apps, where administrators and opinion leaders wield immense influence. Delve into our method of unveiling these key players within group chats and learn why early detection is paramount in gauging a crowd's potential for protest. Explore the power of messengers as a window into digital societies and their evolving dynamics.
Sultan Sailaubekuly, Product Manager, AiMap10:15-11:00 Session B
Using IP analytics in the service of Cryptocurrency investigations
Presented by Cognyte10:15-11:00 Session C
Harnessing the potential of AI & Machine Learning in Location Intelligence
Shubham Srivastava, Pertsol10:15-11:00 Session D
Unveiling the Future: Machine Learning in next-gen Deep Packet Inspection (DPI) with real cases
Crypto deanonymization, User Activities detection in any web service and app. Case studies on mass deanonymization in the crypto industry (wallet holders, miners, transactions, exchanges), messengers (calls, group members, chat relating). A Capability to work with VPN, obfuscation, frequent updates.
Artem Rychko, Head of Data Science, 7Generation
11:30-12:15 Session B
Deriving Insights Through OTT-Encrypted Traffic
While encrypted OTT calls present a challenge to conventional surveillance, they hold high potential for homeland security investigations.
Presented by Intersec12:30-13:30 Session A
Work smarter, not harder: Optimize your forensic systems for faster processing
Presented by OpenText12:30-13:30 Session B
CDRs, IPDRs, Lawful Interception, Advanced Metadata, Location, Forensic Investigations and more in the Forensic Data Fusion and Analysis platform.
Use cases and demonstration.
Presented by AREA
Track 3: Social Network Monitoring, Artificial Intelligence and Analytics Product Presentations
Sessions in this track are only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees, unless marked otherwise.
Tuesday, 11 February 2025
08:30-09:15 Session A
Automatic Exploitation of Social Network, Deep and Dark Web to complement traditional Lawful Interception Infrastructure for Target Profiling
Presented by IPS09:30-10:15 Session A
WhatsApp, Telegram, Facebook...how IPS helps you to locate most wanted targets with LI
Presented by IPS09:30-10:15 Session B
Accelerating Cybercrime Investigations with GROUP-IB Graph
Anna Yurtaeva, Senior Cyber Investigation Specialist, Group-IB
Daria Shcherbatyuk, Cybercrime Investigator, Group-IB10:30-11:15 Session A
Visualized 3D Target Locating Strengthened By New Generation Wireless Solution(DEMO).
Presented by Sinovatio10:30-11:15 Session B
Gaining knowledge from mass data
The power of cumulative information for actionable intelligence
Anders Riskaer, Innosystec10:30-11:15 Session C
Big Data Fusion Driving Seamless Digital Operations Transformation
Explore how Big Data Fusion revolutionizes operational efficiency by seamlessly integrating diverse data sources to generate precise insights, breaking down silos, and enhances decision-making. Discover firsthand how to use big data fusion to address data validation challenges, extracting valuable insights from open and hidden sources and creating seamless operations that elevate mission critical performance.
Presented by RAKIA Group11:30-12:15
An introduction to a European leading vendor in the ever-evolving cyber intelligence landscape.
Delve into the transformative power of our Multi-Domain Integrated Approach, seamlessly merging telecommunications, cyber, forensics and diverse domains. Discover how this innovative solution enhances operational efficiency, compliance and intelligence gathering capabilities for our institutional customers
Presented by RCS.S.p.A.13:15-14:00
Gaining Knowledge from Mass Data for Actionable Intelligence
Presented by Innosystec15:15-16:00
Maritime Threats Prediction, Detection and Monitoring with Revolutionary Fusion Intelligence Platform. A real use-case in the Red Sea
Presented by IPS
Wednesday, 12 February 2025
09:10-10:00 Session A
Unlocking the Present: Digital Data's New Era
Discover how the evolving landscape of digital data is reshaping industries today. This presentation explores the tools, strategies, and insights needed to harness the power of data in the modern era and stay ahead in a rapidly changing digital world
Presented by Penlink09:10-10:00 Session B
Is AI delivering in real investigations? A critical look at its adoption and how to make it work
Presented by SIO13:00-13:45 Session A
One Trusted Solution: CoAnalyst’s Unified Ecosystem – Real Life Case Studies
Explore how CoAnalyst’s integrated data ecosystem provides a trusted solution for complex investigations. This presentation features real-life case studies demonstrating the power of multi-layered data integration to deliver actionable insights with confidence.
Presented by Penlink13:00-13:45 Session B
Unveiling terror funding in the Hawala system with Decision Intelligence
Presented by Cognyte13:00-13:45 Session C
Using OSINT with visual link analysis to enhance your investigations
Presented by Maltego
14:00-14:45 Session A
Transforming Intelligence Organizations with the World’s First LLM Specifically Developed for Law Enforcement.
Presented by Innefu14:00-14:45 Session B
Evolving OSINT: Challenges and Opportunities
Presented by SOS15:15-16:00 Session A
Octostar: introducing the modern, APP-based Operating System for all-int, all-data Investigations
Presented by Datafusion Systems15:15-16:00 Session C
Beyond the Surface: CYBERMEDIA for Cyberspace monitoring, engagement & investigations covering Social Media, Web, Deep Web, Dark web and social Networks groups
Presented by Euler Data Solutions16:15-17:00 Session C
Solve Social Media and Darknet Investigation challenges with a forensic cyber intelligence platform that goes beyond OSINT.
Use cases and demonstration.
Presented by AREA
Thursday, 13 February 2025
08:30-09:15
Is AI delivering in real investigations? A critical look at its adoption and how to make it work
Presented by SIO11:30-12:15 Session A
Lights, Camera, Analytics: A Deep Dive into Video Trends on Social Platforms
Presented by Cognyte11:30-12:15 Session B
Beyond Borders: Mastering Passenger Screening with Big Data Fusion
A practical and comprehensive guide on how to make passenger screening easier, faster, and safer with the optimal use of resources. Using real-world cases, participants will be taken through the passenger journey and discover how they can use big data fusion technology to adress common challenges such as: human mistakes, disinformation, misinformation, time spent on verbal and technological treatment, silo effect between local security and international security, fake passport detection, prioritization, and old technologies.
Presented by RAKIA Group12:30-13:30 Session A
Open Source Tools, PART 2. Top 20 FREE Open Source Tools (OSINT) Used in Cybercrime Investigations
(THIS SEMINAR IS RESTRICTED TO LEA, MILITARY, AND GOVERNMENT ATTENDEES. PHOTOS AND VIDEO RECORDING ARE PROHIBITED).
Now I’ve shown you how to hide, let us go and start covertly searching and gathering online intelligence with the best tools available.
Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police12:30-13:30 Session B
Massive Social Media data collection and analysis for Counter-Terrorism Intelligence Activities
Presented by IPS
Track 4: Threat Intelligence Gathering and Cyber Security Product Presentations
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees
Tuesday, 11 February 2025
14:15-15:00
Unveil your network security weaknesses before cybercriminals do
Daniel Munteanu, Senior Technical Product Manager | CISSP, Keysight/IXIA15:15-16:00
From Data to Decisions: Leveraging AI for Real-Time Cyber Intelligence in National Security
Presented by SIO16:15-17:00
Keep your Information Safe! New Trends and Developments in Information Protection
Presented by EO SECURITY s.r.o.Wednesday, 12 February 2025
9:10-10:00
Mastering the Digital Landscape: A Deep Dive into OSINT and Fusion Technology
Within the context of this presentation the RAKIA team provide a step-by-step guide to harnessing OSINT and fusion technology to effectively build a multifaceted comprehensive investigation through a single interface. The use case used will harness the full spectrum of OSINT capabilities including target profiling, mass collection, darknet, avatar design and management, fake accounts identification and mitigation and no code crawlers, link analysis between targets and much more.
Presented by RAKIA Group13:00-13:40
Assessing Threats: Intelligence in Pre-War and Active Conflict Zones
Presented by Rayzone16:15-17:00
Raise SOC Performance! Discover Next Gen Cyber Sensors that Deliver Full Traffic Visibility & Extract Meaningful Metadata while Providing State-of-the-Art Threat Detection Capabilities
Discover a new generation of DPI-based cyber sensors that leverage years of experience in cyber defense environments to raise the performance of government-run Security Operations Centers (SOCs). Find out how advanced DPI-based traffic visibility combines traffic identification with machine learning and threat detection capabilities to provide superior network protection, even when traffic is encrypted.
Jean-Baptiste Duvauchelle, Sr Technical Account Manager and Solution Architect, Embedded Security, Enea
Track 5: Investigating DarkWeb, Bitcoin, Altcoin and Blockchain Transaction Presentations
This track is for law enforcement and private enterprise investigators who have to monitor and investigate the DarkNet along with Bitcoin transactions associated with criminal activities
Sessions only open to LEA and Government.
Tuesday, 11 February 2025
13:15-14:00
Live Demonstration of DarkOwl Vision: Darknet Intelligence Discovery and Collection
David Alley, CEO, DarkOWL FZE
Track 6: Mobile Signal Intercept and Electronic Surveillance Presentations
This track is for Law Enforcement, Interior Security and the Government Intelligence Community who must work with cellular and mobile satellite operators regarding mobile location, electronic surveillance and RF intercept.
This track is only open to Law Enforcement, Public Safety and Government Intelligence Community Attendees.Tuesday, 11 February 2025
08:30-09:15
Understanding Mobile 2G, 3G, 4G, 5G NSA & LEO Infrastructure, Intercept and Cryptography
Dr. Jerry Lucas, President, TeleStrategies11:30-12:15 Session A
Similar Trajectories & Hidden Connections Through Telecom Metadata
A demonstration showcasing how telecom metadata, combined with advanced AI algorithms, reveals patterns of life, enhances tracking and minimizes opportunities for criminal escape.
Presented by Intersec11:30-12:15 Session B
Securing Your Mobile World from Surveillance Threats. A deep dive into unmasking and countering IMSI Catchers with Cutting-Edge solutions
Presented by NeoSoft13:15-13:40 Session A
(Very) Connected Cars: How Identity Collection From Vehicles Can Help Fight Crime
Presented by Cognyte
13:15-14:00 Session B
Lawful Interception of IMS/VoLTE Roaming (S8HR)
Presented by Utimaco
13:40-14:00 Session A
It's Compact...It's Covert...It's a Micro-tactical Suite – Operating Everyday Field Missions in Versatile Environments
Presented by Cognyte
Wednesday, 12 February 2025
13:00-13:45
Ghost in the shell: Cutting edge offensive cyber capabilities for the mobile world
Presented by Memento Labs14:00-14:45
2/3/4/5G Airborne Full Passive Direction Finder solution, no IMSI encrypt issues, no difficulties searching&securing.
Presented by REACH15:15-16:00
Breaking Barriers: How SATCOM Intelligence Can Fill Communication Gaps in Law Enforcement Investigations
Presented by Cognyte16:15-17:00
The challenges of remote surveillance over insecure networks, and how to solve them
When doing remote audio/video surveillance, it is often handy to transport the data through the internet and on private networks. These networks should be considered insecure, and you also do not want their owners to know what you are transporting. In this session we will discuss how these issues can be handled using Covidence equipment.
Presented by CovidenceThursday, 13 February 2025
08:30-09:15 Session B
Electronic Surveillance solutions to investigate in the field and operate form a unified, AI enabled, centralized Cyber Intelligence platform.
Use cases and demonstration.
Presented by AREA
Track 7: 5G Lawful Interception Product Presentations
This track is open to all conference attendees unless marked otherwise.
Note: Some sessions are only open to LEA and Government. These sessions are marked accordingly.
Tuesday, 11 February 2025
08:30-09:15
Understanding Mobile 2G, 3G, 4G, 5G NSA & LEO Infrastructure, Intercept and Cryptography
TeleStrategies
Dr. Jerry Lucas, President, TeleStrategies09:30-10:15
Transitioning Lawful interception Network Core Features from 4G to 5G SA: What’s it Looking Like and Challenges Ahead
Dr. Matthew Lucas, VP, TeleStrategies
Wednesday, 12 February 2025
(THIS SESSION IS FOR LEA AND GOVERNMENT ATTENDEES ONLY)
09:00-10:00
A revolutionary AI Based network independent 5G cellular locator
Presented by Septier(THIS SESSION IS FOR LEA AND GOVERNMENT ATTENDEES ONLY)
14:00-14:45
Survival of IMSI-catchers in 5G Networks
Presented by Utimaco(THIS SESSION IS FOR LEA AND GOVERNMENT ATTENDEES ONLY)
16:15-17:00
Impact of 5G on locating targets and subscriber identification with Cell Site Simulators
Whether used for finding missing persons, locating fugitives, or investigating serious crimes, locating a device within the network and cell site simulators (CSS) are a core tools used, legally, every day, by law enforcement investigators around the world. When 5G is fully deployed, the privacy and security enhancements will negatively impact the CSS mission. In this session, SS8 will review the 5G privacy and security enhancements, describe different ways to location a mobile device using the 5G network, in addition to the impacts on the CSS mission and the options available to law enforcement agencies to operate their CSSs unobstructed.
Presented by SS8Thursday, 13 February 2025
10:15-11:00
5G Security Encrypted Phone, no information leaking any more
Presented by REACH
Training Seminars Led by Law Enforcment Officers and Ph.D Computer Scientists
Tuesday, 11 February 2025
Seminar #1
08:30-15:00Online Social Media and Internet Investigations
Presented by:Charles Cohen, Vice President at NW3C, the National White Collar Crime Center, Professor in Practice Criminal Justice, Indiana University and Retired Captain, Indiana State Police08:30-09:15
Proxies and VPNs: Identity Concealment and Location Obfuscation
09:30-10:15
Tor, onion routers, Deepnet, and Darknet: An Investigator's Perspective
10:30-11:15
Tor, onion routers, Deepnet, and Darknet: A Deep Dive for Criminal Investigators
11:30-12:15
Cellular Handset Geolocation: Investigative Opportunities and Personal Security Risks
13:15-14:00
Ultra-Wideband Geolocation and Cyber OSINT
14:15-15:00
Collecting Evidence from Online Social Media: Building a Cyber-OSINT ToolboxSeminar #2
08:30-16:00The cyber investigators essential toolbox - Practitioners Guide to Internet Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK PoliceThe aim of this 1-day seminar is to take the attendees from the basics of understanding the Internet, how to covertly discover live and deleted data, through to a full understanding of best practice of an Internet investigator, building their OSINT toolbox. Having awareness and knowledge of all the tools available to achieve this. It is aimed primarily at the investigator, delivered from the perspective of detective, to empower them to have the best methodology and tradecraft to profile and catch suspects.
This is exclusively Law Enforcement military and government only, as Practical examples, covert and investigative methodology and tradecraft will be given throughout the seminar. Free tools in every session. This seminar is not structural or theoretical practices and awareness. Its hands-on practical techniques.08:30-09:15
The Internet, and how suspects leave a Digital Footprint. How the system works for us, as investigators
How it works, for us. Why it works, for us. How data traffic leaves a permanent trace. How and why everything that was on the internet, is still there. Identifying the structural data and exploits, that will take you to your suspect. Tracking and evaluating data. MAC tracking. If you’ve ever said “it’s been deleted” or “its no longer there”, this seminar is for you. Let me prove you wrong.
09:30-10:15
Recognizing Traffic Data and digital profiling via social networks and devices - digital shadows
What data is available. How to harvest and analyse it. Best practice to identify suspects and build profiles. Good practice, virtual data 'housekeeping' and tradecraft. Data collection and interrogation, significance, and value. IP usage, exploitation and dynamics; IP plotting and analysis how to look for suspect mistakes and exploit them (where they show their id). Dynamic approaches to identifying suspects through internet profiles. What investigators get from tech and service providers, and how to analyse it. Investigator capabilities and opportunities. TCP/IP and header value and analysis
10:30-11:15
WIFI, geolocation, and Mobile Data traces and tracking
A detectives look at Wi-Fi, attribution, cell site data, GPRS location services and technology. How an investigator can track devices, attribute suspects locations, devices and movement. Unique communication identifiers. Dynamic live time tracing. Geo location services and uses. Online Surveillance and tracking movement and speed. You and your target are being tracked by multi organisations that you done even know exist. Lets identify them and interrogate their data bases.
11:30-12:15
Exploiting and circumnavigating Masking Tech,( encro’s, VPN’s, TOR and proxies)
How suspects are using emerging and new technologies.
An introduction to where technology is going, and how Law enforcement can use this to our advantages. dynamic and pro-active problem solving. Darknet, (Deep web), TOR and IRC use. VOIP, Skype and FaceTime exploits. Advanced data sniffing and profile building. TOR systems, applications, and ways to coax offenders out of the system.
13:15-14:00
Advanced Techniques in Tracing Suspects, and lateral problem solving.
Using innovative and dynamic methods to trace offenders. Tricks used by suspects and how to combat them- Play them at their own game? Covert internet investigations. Proxy servers and hiding. Managing collateral intrusion. Reverse and social engineering. Thinking outside the box. Lateral thinking. Possible missed opportunities. Profile building and manhunts through device footprints, speed and movement.
14:15-15:00
Open-Source Tools, PART 1. Resources, tradecraft and techniques – Before you use the tools you need to know the tools that enable you to be safe and how to hide……. PART 2 on Thursday.
"Just google it" is great for tickets, tyres, holidays and opening hours. But as an investigator, we can do better, and safer. Using most main stream search engines and browsers come with certain risks. This session aims to change that. A look at good tradecraft, practice and methodology in profiling, tracking and tracing digital footprints and shadows on the internet, by means of best available tools. Tools that the target can’t see . Do's and do nots. Best tools for best results. When was the last time you 'googled' something in an investigation, and it returned 5 results, all specifically relating to your suspect? This session will teach you how to fast track you to the data you need, and cut away the chaff. PART 2 on the final day with free tools to download and keepSeminar #3
08:30-09:15Understanding Mobile 2G, 3G, 4G, 5G NSA & LEO Infrastructure and Law Intercept for Technical Investigators
Presented by: Dr. Jerry Lucas, President, TeleStrategiesThis session addresses the infrastructure evolution of 2G to 3G to 4G to 5G NSA and the impact on lawful interception. Specifically;
Network Architecture Evolution from 2G to 3G, 3G to 4G, 4G to 5G regarding radio technology (TDMA, CDMA, OFDM and MIMO), network core from CSFB to VoLTE and SS7 to Diameter.
Encryption, Target Identification and Location: SIM and eSIM cards, IMSI and Target ID, encryption algorithms (A3, A5, A8 and Ki) and basically how user authentication and traffic encryption is accomplished.
Target Location Tracking with CDR analysis, MAC address farming, MITM attacks, SS7 access, IMSI catchers and IT intrusion.
4G to 5G Transition Specifics Understanding 5G Non Stand Alone (NSA) vs. SA 5G, the IMSI catcher issue (myth vs. realities), 5G Cryptography (ECC, SUPI, SUCI), 5G target location enhancement and LTE/NR Internetworking and Co-existance.
5G Spectrum What can 5G deliver with mid vs. high frequency spectrum and what new spectrum bands are soon to be auctioned off
SA 5G Infrastructure Features: NFV, SDN, Edge/Cloud Computing and Network Slicing
Seminar #4
09:30-10:15Transitioning Lawful Interception Network Core Features from 4G to 5G SA: What's it Looking Like and Challenges Ahead
Presented by: Matthew Lucas (Ph.D, Computer Science), VP, TeleStrategiesCellular market analysts collectively have identified 5G services deployed in over 400 cities spread over 30 or so countries. The one common feature of all these operations is that they are providing 5G services with a 4G/5G hybrid network infrastructures or so called non-Stand Alone (NSA) architecture. This session addresses the trasition to 5G standalone.
In reality lawful interception of non-standalone is not any different from 4G interception regarding new LI feature additions. The next LI challenge will be for 5G SA. This webinar addresses the technical challenges facing law enforcement, 5G operators and ISS vendors. Specifically the four transitions are:
- 5G Network Challenges Identifiers: How are law enforcement going to grab 1gbps traffic streams; backhaul to monitoring centers and filter non-important traffic of interest.
- 5G Edge Cloud Computing: How do you intercept on a 5G operators IT systems, deal with proprietary system protocols, e2e encryption and localized content
- 5G Virtual Network Core: How complicated will this be regarding LI, VoIP on virtual devices and what LI barriers has the IETF created
- 5G Network Slicing: Is this 5G feature restricted to private enterprises or will 5G MVNO’s provide public mobile wireless services, How will law enforcement interconnect with 5G OSS provisioning systems and what is the LI point of interconnection?
Seminar #5
10:30-11:15Understanding How AI Empowers ISS Products, LEAs and Intelligence Agencies
Matthew Lucas (Ph.D., Computer Science, VP, TeleStrategiesLaw enforcement and intelligence agencies have massive data sets to pile through in order to find the evidence and information they need for their investigations. This seminar will address how AI is helping. The presentation will first provide a background/primer in at AI technologies - what are the specific types of AI systems; how are they used in industry today; and what are the strengths and weaknesses of AI. The second half will focus on how ISS vendors are leveraging AI to increase agent efficiency and results in network data, OSINT, application profiling, location and image/language processing. Specific topics include:
- Overview of AI, machine learning (ML) and deep learning (DL) systems technology.
- What AI capabilities are helping law enforcement and national security agencies (e.g., image / natural language processing, unstructured data analytics, predictive analytics).
- How AI is powering OSINT analytics, mobile signal intercept, location, signaling intelligence, audio-visual forensics, encryption and surveillance products.
- Negative impacts of AI, such as clutter, fake news.
- Future directions: generative AI, ChatGPT.
Seminar #6
11:30-12:15Generative AI (e.g., ChatGPT): How LEAs and Intelligence Agencies Can Leverage the Technology, and Criminal Use Examples
Matthew Lucas (Ph.D., Computer Science, VP, TeleStrategiesGenerative AI (GAI) is a bit over a year old, yet the technology has made profound impact across the tech industry. This session will look at the key functional elements that make GAI disruptive; what it means for LEAs and intel agencies; and emerging GenAI capabilities to watch for in 2024. Focus areas include:
- How can LEAs/IAs leverage GenAI to improve their capabilities?
- What does each model specialize in? What differentiates them - training data, use cases, integration points?
- Beyond language, what’s next? Multi-modal model advancements – images, video, audio processing and generation
- Devices / integrations to watch - “glasses”, handsets, robotics, augmented reality systems, cars, weaponized systems (e.g., drones, AVs)
- How might criminals leverage? cyber, fake news/deepfakes, autonomous systems/robotics, communications applications, command and control, chatbots, and more.
Thursday, 13 February 2025
Seminar #7
12:30-13:30Top 20 Open Source Tools (OSINT) Used in Cybercrime Investigations
Presented by: Mark Bentley, Communications Data Expert, National Cyber Crime Law Enforcement, UK Police