The Intelligence Support Systems
for Lawful Interception, Cybercrime Investigations and
Intelligence Gathering Conference and Expo is the world’s
largest gathering of telecommunications service providers,
government intercept policy makers, law enforcement agents,
investigative analysts, prosecutors and vendors addressing
lawful interception issues and solutions. Now that most nations
of the world require lawful interception support of VoIP and
other IP-based services, ISS World Spring 2007 is a must attend
event.
|
|
Five ISS World
Tracks: |
|
Conference Track 1
ISS for Lawful Interception
Conference Track 2
ISS for Cybercrime Investigation and Intelligence Gathering
Conference Track 3
ISS for CALEA, EU ETSI and Data Retention Compliance
Conference Track 4
ISS for Content and P2P Monitoring and Filtering
Conference Track 5
Law Enforcement and Intelligence Agent Training
|
|
Keynote Sessions |
|
Wednesday, May 30,
2007 |
8:30-8:45 a.m.
Welcoming Remarks
Tatiana Lucas, ISS World Program Director
8:45-10:15 a.m.
Keynote Addresses:
Bruce Landis, Deputy Assistant Secretary for Cyber Security and
Telecommunications, Department of Homeland Security
Tony Rutkowski, VP Regulatory, VeriSign and President
Global LI
Industry Forum
|
|
Track 1: ISS for Lawful Interception |
|
Wednesday, May 30, 2007 |
10:45-11:45 a.m.
Cisco will present an update of lawful intercept standards, and
an overview of service provider implementations to comply with
the LI standards. The application of Cisco's Service
Independent Intercept (SII) architecture within the service
provider implementation will explained in detail.
Craig Mulholland, Corporate Development, Cisco
1:00-1:30 p.m.
VoIP lawful intercept: Comparing technical alternatives
What is the most effective technical solution for supporting
lawful intercepts? This session will compare softswitch, router, media gateway, media server and
border controller.
The comparison will address many different requirements
including: |
- What solutions are appropriate for ITSP vs. facilties-based
providers?
- What solution is most transparent to target suspects?
- What is best solution for conference calls?
- How can RFC2833 DTMF digits be extracted for media flows?
- What solution is most secure including protection from DoD/DDoS
attacks?
|
|
Seamus Hourihan, VP, Acme Packet |
1:30-2:00 p.m.
Solutions Enabling Next Generation LI
Creating win-win by intelligent and early data reduction
David Cooke, Director, ETI Connect
|
2:30-3:00 p.m.
Lawful Intercept in the New Age of
Broadband and Advanced Services
This session will provide a situation analysis and detail how
providers can implement Lawful Intercept solutions that
encompass advanced IP-based services.
Dr. Cemal Dikmen, VP and General Manager LI, SS8 Networks
3:00-3:30 p.m..
Implementing CALEA for IMS over
Converged Cable & Wireless Networks
This presentation describes a CALEA compliant solution based on
PacketCable 2.0 SIP-based IMS architecture, providing coverage
for Converged Cable & Wireless networks.
Itzik Vager, VP Product Management, Verint Systems
4:00-4:30 p.m.
Session A
Creating a Wider and Coherent
Intelligence Perspective using Unified Lawful Interception
Join this session to see how a unified approach to lawful
interception, can bridge interception gaps to create a wider,
more coherent intelligence perspective.
Yossi Ofek, President, Intelligence Solutions Division,
NICE Systems
4:00-4:30 p.m.
Session B
CALEA solutions that offer complete compliance with a return on the investment
Most solutions offer service providers technology that can be deployed in their networks to ensure compliance to the FCC CALEA regulations. But in these cases the cost of deployment is a sunk cost that has a single function – provide LEA with Lawfully Authorized Electronic Surveillance (LAES) capability. In this session, a solution that delivers the LAES capability plus the ability to offer enhanced services that can generate increased revenue will be shared.
Sunil Dhar, Director of Product Management,
Procera Networks
4:30- 5:00 p.m.
Session A
Emerging Network Access Lawful
Interception Solutions
This session will discuss the emerging use of network access
solutions to: integrate LI devices, optimize monitoring and
access to these sensitive network tools, and ensure fail-safe
protection of critical network segments.
Alastair Hartrup, CEO, Network Critical
4:30- 5:00 p.m.
Session B
The Value of Real Time Correlation for New Services for Lawful
Intercept
New Services often don’t have the Lawful Intercept in place. Using real–time correlation systems, provisioned trace subjects can have the audit feeds from these new services intercepted and cross correlated against other network information to provide a picture of which subscriber is using which service – and communicating with whom. In the absence of full packet intercept for new service, real-time audit correlation can provide timely notification of new service usage by subscribers and their circle of communication
.
Marc Price, Senior Telecoms Strategist, CTO Office,
Openet
8:30-9:00 a.m.
A Cost-Effective Broadband d CALEA Solution for Small ISPs
As smaller ISPs scramble to become compliant with the new
regulations, they are faced with several choices – developing an
in-house solution, entering into a service agreement with
Trusted Third Parties, or purchasing a solution from qualified
vendors. This presentation will introduce a new offering to
meet the requirements of small ISPs.
Glen Myers, CEO, IP Fabrics
9:00-9:30 a.m.
Build powerful and flexible LI solutions using open-source
toolkits and affordable hardware acceleration
Three converging technology trends now enable the rapid
deployment of powerful LI solutions that previously required
expensive proprietary products and long development cycles.Case
studies will show the unprecedented acquisition and search
performance now achievable.
Randy Caldejon, CEO & CTO, nPulse Network Systems
10:30-11:30 a.m.
Lawful Interception Guru Panel
Dr. Jerry Lucas, President, TeleStrategies (Moderator)
Tony Rutkowski, VP Regulatory, VeriSign
Joergen Axland, General Manager for Business Development and
Strategy, Nokia Siemens Networks GmbH & Co. KG, Voice & Data Recording,
Munich
Chris MacFarlane, President, ETI Connect
Todd McDermott, VP, Verint Systems
Yossi Ofek, President, Intelligence Solutions Division, NICE
Systems
Dr. Glen Myers, CEO, IP Fabrics
Seamus Hourihan, VP, Acme Packet
Thomas Hildebrand, Head of Software Development, ATIS- Systems
Dr. Cemal Dikmen, VP and GM LI, SS8 Networks
1:00-1:30 p.m.
Isn’t It About Time For Centralized Lawful Intercept Management?
With the overwhelming adoption of distributed and IP centric
technologies (PTT, wireless voice/ data, WI-FI, satellite, IP
data, VoIP) in the last 10 years, it’s time to take a fresh look
at how today’s products need to help service providers cost
effectively manage their Lawful Intercept activities across all
these nodes from a single platform.
Scott Coleman, Director of Marketing Lawful Intercept, SS8
Networks
1:30-2:00 p.m.
Preparing for Emerging Network Threats and Surveillance
Requirements: A Platform Approach
This presentation will explore the emerging technologies and
network platforms ideal for Federal government agencies and
telecommunications service provider’s network security
application deployments and evolving surveillance requirements.
Elan Amir, President and CEO, Bivio Networks
2:30-3:0 p.m.
Lawful Interception in a Packet Data World - a Continuing Battle
of Technology, Methodology and Law
Dana Sugarman, Product Manager, Verint Systems
Ronen Nir, VP Product Management, Verint Systems
3:00-3:30 p.m.
Interconnection of Lawful Interception Systems
This presentation outlines the need and challenges for the
interconnection
of LI systems. The talk will introduce the concept of umbrella
systems and
auto provisioning interfaces under consideration of security and
regulatory
aspects.
René Nitzinger, Product Manager, Utimaco Safeware
4:00-4:30 p.m.
Target- and Service-based Interception in an IP Environment
Intercept solutions only provide added value if it enables the
LEA to efficiently and effectively evaluate the content of
intercepted communication.
This presentation will focus on the benefits of taking an
end-to-end approach to the interception/evaluation of IP-based
communication
Thomas Hildebrand, Head of Software Development, ATIS- Systems
4:30-5:00 p.m.
Introduction of Monitoring and Lawful Interception: Political
and
technical challenges, active vs. passive solutions. What to do
now?
Architectures, and solutions for passive and active interception
for
voice and IP, particularly suited for markets who intend to
introduce
Lawful Interception. In addition it points out the technical and
political challenges in combination with the importancy of solid
guidance by the Monitoring Center supplier.
Christoph Schambach, Director Regional Sales,
Nokia Siemens Networks GmbH & Co. KG, Voice & Data Recording
8:30-9:30 a.m.
European Directive on Retained Data and the Update on ETSI/TC LI
Peter Van der Arend, Chairman ETSI LI and Royal KPN Netherlands
10:00-10:30 a.m.m.
CALEA and Cable Broadband Surveillance
Bill Kostka, Principal Architect, CableLabs
10:30- 11:00 a.m.
VoIP Security: Myths and Reality
The openness of the Internet unlocks the doors for criminals and
casual hackers to compromise IP based communications. What
resources are likely targets of DoS/DDoS attacks and how can
these resources be protected? How can the risk be mitigated?
When is encryption of voice signaling and media really reuiqred
and where should it be done?
Seamus Hourihan, VP, Acme Packet
11:30-12:00 a.m.
Who Says an LI Solution For Small Operators and Higher Ed Has To
Cost and Arm and a Leg?
The presentation discusses all of the options currently
available to you, what the core requirements of a LI solution
are, and the process of designing and implementing a solution
that meets your needs without breaking the bank. This
eye-opening session will also educate you on how to spot
overpriced, under-capable solutions.
Stephen Gleave, Vice President Marketing, SS8 Networks
12:00-12:30 p.m.
One Box CALEA Compliant Solution for Small Networks
This presentation will present solutions designed specifically
to help Tier 2/3 operators comply with Lawful Interception
Mandates for broadband and VoIP, utilizing the power of a robust
network solution at a significantly lower cost.
Baruch Pinto,
Product Manager, Verint Systems
|
|
Track 2: ISS for Investigative Analysis and Intelligence
Gathering |
|
Wednesday, May 30, 2007 |
10:45-11:15 a.m.
Satellite Location Capabilities
For law enforcement authorities as well as spectrum monitoring authorities and some satellite operators the precise location of the earth stations and VSAT transmitting over satellite is a challenge. This session will explain how new techniques provide an enhanced precision.
Jean-Philippe Lelièvre, Manager, Government Intelligence, C2ISR Unit, Thales Group
11:15-11:45 a.m.
Forensic Pitfalls for the Digital World
We live in a society that rises and falls based on digital data and devices everyday. Being prepared for falls can be difficult and time consuming for any organization. Learn how to evaluate the best methods for forensic preservation and collection. Evaluate the forensic impacts of not being prepared for the new digital degrees of data.
Amber Schroader, CEO, Paraben Corporation
1:00-2:00 p.m.
Challenges for Future Intelligence Analytics
Different trends are challenging intelligence analysts in the
future:
Faster understanding of relations and behavior of globalized
terrorism
and organized crime; The exploding amount of data that needs to
be
analyzed; Distributed information and quality issues of the
sources;
Legal limitations lead to large information lacks. Identifying
the
appropriate way to face this situation is the real challenge.
This
presentation draws a picture of the future and shows approaches
for
analytical means.
Joergen Axland, General Manager for Business Development and
Strategy, Nokia Siemens Networks GmbH & Co. KG, Voice & Data Recording,
Munich
2:30-3:00 p.m.
Secure Distributed Access to Law Enforcement Applications: a
Real Leap in Reach, Value and Efficiency
Instead of populating the nation with stand-alone Law
Enforcement Monitoring Systems, LEA can get a lot of value by
providing secure remote access to a few, centralized
installations.
This view opens several opportunities at a time, allowing far
better usage of any kind of resources (both human and physical).
At the same time the significance and the usefulness of the
underneath database is severely enhanced, boosting in turn the
ISS applications effectiveness
Carlo Rogialli, CTO, RCS
3:00-3:30 p.m.
The Pros and Cons of Content Analytics
This session is a must for LEA and Intelligence professionals
dealing with the integration of content analysis techniques into
the Monitoring Center environment. This session compares all of
the major analytic tools, from text search to sophisticated
speaker recognition.
Daniel Adler, Sales Engineering Team Manager, Intelligence Solutions Divisions, NICE Systems
4:00-4:30 p.m.
Intelligent Data Search and Analysis Tools
Monitoring Centre application provides simple and intuitive
tools for the purpose of analyzing (condensing) large amounts of
data . This session will focus on and demonstrate a new approach
to simple interactive querying and data presentation
Alexander Hoessrich, Managing Director, ATIS-Systems
4:30-5:00 p.m.
Monitoring Centers and Beyond - Advances in Technology and
Methodology
Avner Turniansky, Product Manager, Verint Systems
8:30-9:00 a.m.
The Implementation of Active and Passive Interception Methods
Telcos and Intelligence organizations are using either probe
based or network based schemes. This session will present
combinations of these techniques, discuss their pros and cons,
demonstrate real-life situations and the efficient
implementation which should be selected
Dror Oren, Product Manager, Intelligence Solutions Division,
NICE Systems
9:00-9:30 a.m.
Accelerating the Evidence Capture and Analysis Process
This session will demonstrate that many organizations today
possess within their current infrastructure the basic tools
needed to conduct data capture. The session will describe an
architecture of potential proprietary and open source components
that can be remotely configured by forensics analysts and local
systems administrators prior to law enforcement and investigator
arrival on the site; the contents of a fly-away tool kit that
will interface with these components to perform network
forensics analysis, and the specific benefits derived from this
approach.
Tim Belcher, CTO, NetWitness
10:30-11:00 a.m.
Public and Private Collaboration for Improved National Cyber
Security
As part of a concerted effort to secure the nation’s IT
infrastructure, the Federal government is working to create a
comprehensive, central repository of raw security data that can
be shared by the private and public sectors. Pete Allor,
director of security intelligence for IBM Internet Security
Systems will outline a plan towards creating mutually beneficial
“data centers of excellence” that employ best practices in cyber
security and information assurance, enabling the public and
private sectors to share raw security data without the political
and technical hurdles of ownership.
Peter G. Allor, Director of Intelligence and Special Assistant
to the GM, IBM Internet Security Systems
1:00-2:00 p.m.
Investigative Analysis and Intelligence Gathering Guru Panel
Dr. Jerry Lucas, President, TeleStrategies (Moderator)
Joergen Axland, General Manager for Business Development and
Strategy, Nokia Siemens Networks GmbH & Co. KG, Voice & Data Recording,
Munich
Chris MacFarlane, President, ETI Connect
Carlo Rogialli, CTO, RCS
Avner Turniansky, Product Manager, Verint Systems
Daniel Adler, Sales Engineering Team Manager, Intelligence Solutions Divisions, NICE Systems
Tim Belcher, CTO, NetWitness
Alexander Hoessrich, Managing Director, ATIS-Systems
Les Szwajkowski, Sr. Program Manager, Raytheon
2:30-3:00 p.m.
Data Centric Versus Target Based Interception
Signals Intelligence (SIGINT) organizations operate in a chaotic
environment, in which they have to deal with huge volumes of
intercepted interactions from various sources. These
organizations, operating in data centric methods, differ from
LEAs working in a structured, well-regulated and strictly target
based environment. Join this session to explore these
differences and asses how LEA intelligence production can be
enhanced by careful adoption of SIGINT oriented operation
methods
Daniel Adler, Sales Engineering Team Manager, Intelligence
Solutions Division, NICE Systems
3:00-3:30 p.m.
Optimizing Analysis Through Integrated Systems
How do LEA's most effectively apply limited human analysis
capabilities with some of the automated analysis tools such as
speech to text, speaker ID and key word spotting? This paper
discusses the importance of optimized recording with workflow
management solutions to maximize the capability of automated
analysis solutions and manual human expertise.
Chris Brill,
Director, AudioSoft
4:00-4:30 p.m.
Best Practices for Successful Deployments of Word Spotting
Technology
The session will present some of the “know-how” around
optimizing the performance of word spotting technology in
operational environment, and will show some examples of tuning
word spotting technology over actual audio files.
Guy Alon, Marketing Director, Natural Speech Communication
4:30-5:00 p.m.
Guaranteed Target Interception in Satellite Packet Data
Monitoring Systems
This presentation considers baseline principles for monitoring
satellite communication networks and exploiting the technical
restrictions at various stages of the design. On the basis of a
probabilistic approach, the possibilities of interception for
specified targets have been analyzed by taking into account
priory information (knowledge bases) and usage of intellectual
processing for network events.
Dr. Alexander Kovtonyuk, CEO, Delta SPE (Ukraine)
8:30-9:00 a.m.
Unified Location Platform for Law Enforcement
Determining in real-time the location information of an end user
device, in particular an IP device, is an issue that has gained
much attention in the past years as users become more mobile in
nature and more affordable portable/mobile devices with
voice/data capabilities come to market. The requirement for
location information involves issues spanning: IP Interception,
Data Retention, Identity Management, Handover Interfaces,
Compliance and Regulation
Uri Savoray, Vice President of Product Management, Septier Communication
9:00-9:30 a.m.
How to build a Secure and Effective IT infrastructure of a large Monitoring Center
Large LI Monitoring Centers are complex infrastructures made of various HW and SW components to be integrated. Data retention, IP monitoring and other additional services are increasingly demanding IT resources. This session will show how to deliver a very large MC keeping low TCO and provide high throughput.
Paolo Mandelli, Sales International Manager, AREA Italy
10:00-10:30 a.m.
Networking Intelligence
In today’s increasingly complex communications environments, it is imperative for cooperating investigative units to be able to disseminate meaningful surveillance intelligence quickly and easily. This session will explain how cost-effective methodologies allow law enforcement and intelligence agencies to leverage existing electronic surveillance resources, to promote efficient sharing of intelligence, both within and between agencies. We will show how it is possible, even where few resources exist, to collect call data and content, and immediately distribute it to any site; locally, nationally, or globally.
Derek Teten, Pen-Link
10:30-11:00 a.m.
Clean Bandwidth for Network/Service - Provider and State of the Art Interception Solutions for Interception Tasks
Getting Clean Bandwidth by using modern Tools and Methods is the new challenge for Network and Service Providers. Also Law Enforcement Task requires new IP – based Tools and Methods to fight efficiently against Crime and Terrorism. Many current concepts are based on old technologies and standards like CALEA, SORM, ETSI often made for previous telephone systems and/or may not be relevant in other countries but create technical “brakes” and limits.
Session will show and explain the benefit of using new “non legacy approaches" for IP converged Networks. This allows on the Carrier/ISP Side integration of several features like Transport Control, Content Analysis and IT – Security for Network Improvement Purpose and it enables Law Enforcement to use intelligent solution capable of providing real-time network monitoring with an in deep inspection of each transmitted packet followed by professional Reconstruction.
Paul Hoffmann, CEO, GTEN
|
|
Track 3: ISS for CALEA, EU ETSI and Data Retention Compliance |
|
Wednesday, May 30, 2007 |
10:45-11:45 a.m.
FCC, FBI and DEA Panel Discussion
The panel will give their perspective on CALEA compliance for
facilities-based broadband Internet access providers and
providers of interconnected Voice over Internet Protocol (VoIP),
including what’s been accomplished, milestones, timetables and
what’s left to be done after the May 14, 2007 FCC deadline for
VoIP Service Provider compliance. Invited Panelists include:
Thomas J. Beers, Deputy Chief, Policy Division, Public Safety & Homeland Security Division, FCC
Joel M. Margolis, Assistant Chief Counsel, DEA
Maura Quinn, Unit Chief, CALEA Implementation Unit, FBI
1:00-1:30 p.m.
CDR Data Retention - 100 Billion Record Case Study
New data retention directives require innovative new solutions.
SenSage presents a case study for a cost-effective approach to storing and
querying 100 billion records.
Dan Barahona, Vice President, Emerging Markets, Sensage
1:30-2:00 p.m.
Best Practices of Utilizing Data Retention for Creating
Intelligence
Current concerns relating to data retention focus on how to deal
with large quantities of unrelated items of data and how to
identify and extract qualitative intelligence driven
information. Join this session to see how innovative search,
query and analysis tools can be utilized to create an efficient
data retrieval process, to create new leads and overcome
investigative deadlocks.
Dror Oren, Product Manager, NICE Systems
2:30-3:00 p.m.
Ericsson Automatic Data Retention Solution (ADRS) - Securing
Information in a Changeable Environment
Kjell Yving, Senior Sales Manager, Data Retention, Ericsson
3:00-3:30 p.m.
Lowering the Cost of CALEA Implementation
Most ISPs and newly emerging VOIP providers in the US have
waited until the "last minute" to comply with the May 2007
Broadband Access CALEA order. Yet costs can remain onerous,
especially for smaller operators. This presentation addresses
methods of reducing the cost of CALEA implementation to address
especially the smaller operators.
Benjamin Epstein, PhD Chief Strategy Officer, Aqsacom
4:00-5:00 p.m.
Telecom Service Provider/LEA Roundtable
The LI interface between telecommunications service providers
and law enforcement agencies is crucial. This focus of this
roundtable is a discussion of how interfacing can be made more
efficient and productive.
Moderator: Dr. Jerry Lucas, President, TeleStrategies
Robert Lottero, President, NTI Law Enforcement Services
Michael McAdoo, Director, Law Enforcement Relations Group,
T-Mobile USA
Jeanne Mulcahy, Manager/National Compliance Center, Cingular
Paul W. Taylor, Manager, Electronic Surveillance, Sprint
Nextel Corporate Security
Joel M. Margolis, Assistant Chief Counsel, DEA
Paul Potter , Detective, San Bernadino County Sheriffs
Department
Logan Bowers, Maryland State Police
Gregory P. Schaffer, Chief Security Officer , Alltel
Communications
Julie Patterson, VP & Chief Counsel, Telephony, Time Warner
Cable
Chris Bader, Corporate Security Internet Legal Compliance Manager,
BellSouth Telecommunications
Daniel M. Walker, Manager - Law Enforcement Resource Team
Verizon Wireless
8:30-9:30 a.m.
Data Retention Guru Panel
Tony Rutkowski, VP Regulatory, VeriSign( Moderator)
Dennis Larting, Director, ETI Connect
Rudolf Winschuh, Business Development Manager, Utimaco Safeware
Dana Sugarman, Product Manager, Verint Systems
Yossi Ofek, President, Intelligence Solutions Division,
NICE Systems
Bert Hubert, CTO, Fox-IT
10:30-11:00 a.m.
Trends in Global and European Interception
This presentation gives inside into the European Interception
Perspective, current and future trends.
Bert Hubert, CTO, Fox-IT
11:00-11:30 a.m.
Data Retention and LEA Handover Solutions
Issues of Retained Data Handover Interfaces and their Solutions
Handover Interfaces for Data Retention have to be designed
according a
complex set of requirements. These requirements include
authorization,
confidentiality, reaction and delivery speed as well as logging
and cost.
This presentations will list the requirements and detail
appropriate
solutions.
Rudolf Winschuh, Business Development Manager, Utimaco Safeware
2:30-3:00 p.m.
Data Retention and Retrieval Breakthrough
CopperEye offers the ability to implement within a few weeks, a data retention and retrieval system which can locate within seconds, specific records from within billions of transactions representing months or years of stored history. Whether for lawful interception, intelligence gathering or cyber investigations, there is no other product on the market which offers the power and performance of CopperEye, coupled with a total cost of ownership which is typically 80% less than a relational database approach. Customer successes will be highlighted during the session.
Kate Mitchell, Chief Executive Officer, CopperEye
8:30-9:30 a.m.
Legal Limits for Telecom and Cable Operators in Support of LI
Mandates
This session presents a service providers perspective on CALEA
and provides some basic guidance for facilities based and
information service providers on the legal limits in lawful
interception support.
Simon Krauss, Deputy General Counsel, Cable Television
Laboratories
Julie Patterson, VP and Chief Counsel, Telephony, Time Warner
Cable
Randy Cadenhead, Privacy Counsel, Cox Communications
Other panelists to be announced
10:00-10:30 a.m.
How to be Compliant with the European Data Retention Directive: An Italian Example
How to handle this huge amount of retention data, million, billions of records per day talking about voice traffic and even huger amount for IP access? And how to be compliant with the EU strict policies in terms of privacy, access and query response time? Retentia is reporting its own experience, directly from Italy, where data retention law entered in force several years before.
Alessandra De Carlo, Chief Customer Delivery & Support, Retentia
10:30-11:00 a.m.
Lawful Interception Compliance in Canada
Discuss the new provisions of the Criminal Code regarding LI
Normand Wong, Counsel, Criminal Law Policy Section, Department
of Justice Canada
Jay Thomson, Assistant VP Broadband Policy, TELUS
11:30-12:00 a.m.
Implementing a Data Retention Solution to Meet New Regulations
With new data retention regulations are being enacted across the
world, service providers are needing to implement solutions fast
and cost effectively. This presentation examines the huge
technical challenges posed by the need to meet these new legal
requirements, including the accurate collection of records from
multiple sources, and the efficient storage and retrieval of the
huge volume of data involved.
Simo Salmensuu, Solution Manager, Comptel
Stephen Terry, Solution Development Manager, Sun Microsystems
12:00-12:30 p.m.
The Outlook on Congressional Legislation that may impact Lawful
Interception Mandates
The U.S. Congress may enact legislation to support the FCC Order
addressing VoIP and CALEA or re-write the entire Communications
Act to address new services such as VoIP. This session examines
the types of legislation we can expect in 2007 and addresses the
potential consequences for telecoms.
Moderator: Tony Rutkowski, VP Regulatory, VeriSign
Congressional Staff panelists to be announced
|
|
Track 4: ISS for Content and P2P Monitoring and Filtering |
|
Thursday, May 31, 2007 |
1:00-1:30 p.m.
Broadband Content Monitoring and Filtering Using Deep Packet
Inspection
IP content monitoring and filtering is the basis of several
different applications, ranging from intrusion detection,
insider thread mitigation, lawful interception of broadband data
and services, fighting cyber crime, and national security. This
presentation will explore the role of deep packet inspection
(DPI) and some of the challenges in using DPI in these
applications.
Kevin Graves, CTO, IP Fabrics
1:30-2:00 p.m.
Intelligent Data Search and Analysis
How to find answers when you don't know what you are looking for
in a complex communication environment.
Thomas Hildebrand, Head of Software Development, ATIS- Systems
2:30-3:00 p.m.
Combining IP Monitoring, Filtering and Interception: the Thread
to a Better ROI for Operators and Agencies
Versatile IP probing is the driveshaft for several different
value-added applications, both in the NWO and LEA domains. VoIP
detection, VoIP interception, intelligent flow-based filtering,
quality monitoring are only some of the myriad of imaginable
applications.
A flexible overall solution can deliver better results at lower
costs to both the worlds.
Carlo Rogialli, CTO, RCS
3:00-3:30 p.m.
The Virtue of Automated Layer 2 Packet Capture and Stream-to-Disk for Enhanced Network Forensics Capability
This presentation will describe and demonstrate finding the proverbial "needle in a haystack" and cover several applications for lawful intercept, network security, and network management
Bryan Sparks, Chairman & CTO, Solera Networks
4:00-5:00 p.m.
Content and P2P Monitoring and Filtering Guru Panel
Dr. Jerry Lucas, President, TeleStrategies ( Moderaor)
Joergen Axland, General Manager for Business Development and
Strategy, Siemens Networks Voice & Data Recording
Klaus Mochalski, CEO, Ipoque
Carlo, Rogialli, CTO, RCS
Yuval Altman, Product Manager, Verint Systems
Kevin Graves, CTO, IP Fabrics
Thomas Hildebrand, Head of Software Development, ATIS- Systems
Bryan Sparks, Chairman & CTO, Solera Networks
Alastair Hartrup, CEO, Network Critical
8:30-9:00 a.m.
IP Interception in an Application Centric World - how to Solve
the Real
Problems
In a world of anonymous log-on through internet cafes, prepaid
cell-phones and WLAN hotspots, application based targeting is
the only
truly reliable method for LEAs to intercept user data. When new
applications bypass the IETF - such as Skype - LEAs must
increasingly
rise to the challenge of intercepting as yet undefined
application
formats. This presentation reviews the scope and techniques
available
for application based targeting ranging from simple email, Web
mail, Chat, and P2P to future applications
Thomas Hamel, Nokia Siemens Networks GmbH & Co. KG, Voice & Data Recording
9:00-9:30 a.m.
Challenges in Accessing Next Generation Broadband and VoIP
Networks
Yuval Altman, Product Manager, Verint Systems
10:00-10:30 a.m.
P2P Detection, Accounting and Management
Reliable detection of P2P network traffic is a continuing
challenge given the ever evolving protocols with their
obfuscation and encryption techniques. This talk will provide
technical background and present solutions for detection,
filtering and blocking of the most popular P2P networks
including BitTorrent, eDonkey and Skype. Real-world statistics
on the most popular P2P networks and the exchanged content will
be presented.
Klaus Mochalski, CEO, ipoque GmbH
10:30-11:00 a.m.
Digital Evidence in P2P Networks
Much of the popularity of P2P file sharing networks can be explained
by the attractive content being offered: movies, music, application
software, computer games, e-books, etc. The well-known downside of
file sharing is the prevalent violation of copyrights. The talk
outlines the specific challenges of monitoring P2P networks for
copyright infringements and collect digital evidence data that will
hold in front of a court.
Hendrik Schulze, ipoque GmbH
11:30-12:00 p.m.
How to Minimize Risks Associated with Unauthorized Skype use in
the Enterprise
30% of Skype’s 113 million registered customers are using the
product as a business communications tool. In addition,
according to a recent Akonix survey, nearly 43% of respondents
claimed that Skype is allowed on their corporate networks, and
only 27% said their organizations blocks the use of Skype. This
session will cover how IT managers can regain control of their
networks and minimize the risk and liability that Skype
introduces into the workplace.
Don Montgomery, VP of sales & marketing, Akonix
12:00-12:30 p.m.
Integrated Solutions for Broadband and VoIP Monitoring
Kim Larsen, ETI Connect
|
|
Track 5 A:
Lawful Interception and Cybersecurity Training |
|
Track 5A is open to all conference attendees |
|
Tuesday, May 29, 2007 |
9:00-5:00 p.m.
Understanding Telecommunications Technologies for Law
Enforcement Agents, Intelligence Analysts and Non-Telecom
Engineers
Presented by:
Dr. Jerry Lucas, President, TeleStrategies (PhD, Physics)
Dr. Matthew Lucas, VP, TeleStrategies (PhD, Computer Science)
This one day, pre-conference training seminar provides a
technology primer for Law Enforcement Agents, Intelligence
Analysts, Vendors and Non-engineers, who need to understand the
basics of today’s telecommunications networks and services
provided in order to support lawful interception and
counterterrorism programs.
Telecom Infrastructure and Lawful Interception
* PSTN Basics: What’s do LEAs need to know about the public
switched telecommunications network, circuit switching, digital
transmission, fiber transport , access ( analog, E-1, DSL, etc),
signaling ( DTMF, ISDN, SS7, ect), billing systems and call
detail records.
* Intercept LI Architectures: ETSI standards overview for lawful
intercept, basic LI elements (access, delivery and collection
function), call information and call content data collection,
SS7 probes and relevant telecom network elements.
VoIP Infrastructure and Lawful Interception
* VoIP Basics: Circuit switching versus VoIP, softswitches,
gateways, VoIP over broadband and interconnection with the PSTN.
* VoIP Intercept: Options for intercept: routers, session
borders controllers, layer 2 intercept, intelligent probes, LEA
to telecom operator provisioning, mediation setup/teardown,
signaling and IP content collection.
P2P Infrastructure and Lawful Interception/Blocking
* P2P Basics: what’s peer to peer( P2P) networking, hybrid P2P (
e.g. Napster) vs. true P2P ( e.g. Gnutella and BiTorrent),
legitimate P2P networks, what’s Skype, how it works and how to
block it.
* Deep Packet Inspection: what is it and why is it needed, how
does real time surveillance work, isolating traffic streams
points of DPI deployment and more.
Mobile Wireless Infrastructure and Interception
* Overview: Infrastructure basics (GSM, GPRS, EDGE, UMTS, HSPDA
and CDMA), smart terminals, HLR, VLR and IMS.
* Wireless Intercept : intercept at the switch, cell site or
tactical monitoring, location based technologies to track
targets, what call usage data is available, call detail records,
SIM vs. phone memory, cell site analysis to established targets
travel path and more.
Understanding Cybersecurity for LEAs, Telecom Operators and ISPs
This 1 Day training seminar is for law enforcement agents,
service providers and enterprise security managers who have to
understand the Internet and Cybersecurity.
Presented by:
Detective Sergeant Andrew W. Donofrio and Invited Faculty
Bergen County Prosecutors Office, New Jersey Criminal
Investigation Division- Computer Crimes Unit
10:30am – 12:00pm
Introduction Botnets
Botnet is a term to refer to a collection of software robots, or
bots, which run autonomously. Botnets are typically used for
nefarious purposes and threaten an Internet Service Provider’s
customer base and the Internet Community as a whole. This
session will examine the technology behind botnets, the criminal
usage, and methods of deployment
1:00pm – 2:00pm
Detecting Botnets and DDoS Attacks and
Responding
This session will examine botnet behavior and discuss ways to
identify botnets. Other Denial of Service Attacks will also be
discussed. Responding to the threat of botnets and denial of
service attacks will be examined
2:30pm - 3:30pm
Introduction to Malware and Analysis
The problems examined in Sessions one and two are often
predicated on a proliferation of malicious software (maleware)
such as viruses, Trojans, spyware, etc. This session will
provided an overview of maleware characteristics and methods for
reverse engineering it.
|
|
Track 5 B:
LEA and Intelligence Analysts Training |
|
To attend LEA Training Track 5B, you must be a sworn US or International Law Enforcement Officer, Intelligence Analyst, Homeland Security, Justice, Interior or other Government Employee with counterterrorism or criminal investigation responsibilities.
Government Picture ID required for entry to Track 5B Training Classrooms
Certificates of training completion will be available upon request.
|
Understanding Internet Intercept
Tuesday, May 29, 2007
9:00-5:00 p.m.
Presented by
Detective Sergeant Andrew W. Donofrio and Invited Faculty
Bergen County Prosecutors Office, New Jersey
Criminal Investigation Division- Computer Crimes Unit
This one day training seminar is for law enforcement agents who have to
understand the Internet, how to lawfully collect and analyze data and
how to interface with Internet Service Providers (ISP) of the target.
Introduction to Computer Forensic and the Forensic Modality
This session will outline the ways in which computer data is arranged on
storage media such as a hard drive, and the evidence that may exist
within the data. It will cover the methods for preserving and acquiring
data as well as a broad overview of forensic analysis of computer
storage devices and other electronic media.
File System Analysis Concepts – Data Remnants and Recovery
This session will delve into the areas of the storage media that contain
evidentiary data. It will explain deleted data, slack space data, and
unallocated space. A brief overview of Operating System evidence, such
as the windows registry, will also be covered.
Live Computer Incident Response: Collecting Live Evidence
In today’s computer world, investigators are continually faced with
responding to and dealing with running (live) computer evidence. While
sessions one and two deal with the forensic analysis of storage media,
this session deals with live computer evidence; evidence that exists in
RAM and other places which will be lost upon the discontinuation of
power The actions that are taken during this initial response can either
preserve or eradicate data. This session will outline the proper steps
for responding to the live computer incident and for preserving volatile
data. Real world tools will be demonstrated. This is particularly
important in the Windows Vista world and where other Encryption
algorithms may be used.
Data Taps – Technology Overview for Tapping Data Connections
The ability to intercept and monitor communications has spilled almost
entirely into the world of data. This session will focus on those
situations where monitoring computer network traffic is applicable.
Additionally, it will discuss methods and technologies for monitoring.
Tuesday and Wednesday, May 29-May 30, 2007
Enhancing Investigations with Telephonic Information
9:00-5:00 p.m.
Presented by Robert Lottero, President, NTI Law Enforcement Services
This two day training seminar is for Law Enforcement Agents and
Intelligence Analysts
Day 1, Tuesday, May 29, 2007
9:00-5:00 p.m.
Understanding Telco Infrastructure
How Telephone Information can Enhance your Investigation
Telco Infrastructure: How Telephone Systems work… Landline, Cell, VoIP,
PBX,
CENTREX, Tolll-Free, 900, Satellite, ect
Tracing Threat, Harassment, 911, etc. calls
Little know Technologies to ID Callers
Exploiting Prepaid Telephone Calling Cards
Using these strategies, you'll never lose a call
Exploitation of Throw-away Cell Phones
ID Subscribers, get the CDRs, Monitor Audio
Day 2, Wednesday, May 30, 2007
10:30-3:30 p.m.
Enhancing Investigations with Telephonic Information (continued)
Sting & Special Operations
Setting up "hello" phones & toll-free numbers to support your case,
conning the bad guys with a answering machine, putting prepaid cards &
cell answering machine, putting prepaid cards & cell
phones in the bad guys' hands all set to monitor
Subpoenas & Subpoena management and how to exploit subscriber and CDR
info to support your investigations
Subscriber subpoena verbiage, investigative use of subscriber records.
CDR subpoena verbiage, managing subpoenas, special subpoenas
Court Orders
Using subpoena subscriber & Toll Analysis to establish PC for a Court
Order and writing the demand part of a court order
Countering Criminal Tricks to hide Calls
Dial 0, Info connect, ppd cards & phones, collect, voice dial,
pass-through, SIM swap, & more
Case Studies
How would you approach the telephonic aspect of these cases? An in-depth
application of the concepts covered in the past two days.
4:00-5:00 p.m.
Intelligence
Modules & Behavior Profiling
Nokia Siemens Networks will provide an overview of their
sophisticated Intelligence Modules with emphasis on Speaker
Recognition for voice recordings and Topic Spotting for
emails and other text files. In addition, an investigation
tool for Behavior Analysis to be used by the intelligence
analyst will be presented.
Mr. Manfred Bendisch, Nokia
Siemens Networks
LEA Training Track 5B ( Continued)
Thursday, May 31, 2007
8:30-9:00 a.m.
Real-Time Steganography Detection
James E. Wingate, Vice President ,Director Steganography, Backbone
Security
9:00-9:30 a.m.
Cyber Fraud New Tactics
Richard Howard, Director, iDefense Security Intelligence, VeriSign
Ralph Thomas, Manager, Security Intelligence Malcode Operations, iDefense Research,VeriSign
10:30-11:30 p.m.
Using Cell Site Data as evidence or Intelligence in Major Crime
Investigation
This presentation will provide three case examples including London
Terrorism Offences, Murder Investigation and Domestic Extremism Groups.
Shaun Hipgrave, Director, Forensic Telecommunication Services
1:00-2:00 p.m.
Open Source Network Forensics
Many law enforcement agencies, particularly at the state and
local level, do not have the budget to purchase expensive network
forensics suites from large vendors. For these groups, open source
solutions offer a powerful and free means to collect and analyze the
same
sorts of network traffic available to commercial products. In this
presentation, consultant, author, and trainer Richard Bejtlich of
TaoSecurity describes how his favorite open source network forensic
tools
and techniques can successfully detect and investigate unauthorized
activity.
Richard Bejtlich, TaoSecurity
4:00-5:00 p.m.
Location Based Services for Public Safety, National Security &
Commercial Location Based Services
This presentation will address a state-of-the-art mobile location
solution that can provide optimum support for all location-enhanced
applications. Each location-sensitive service or application presents
its own challenges in terms of required location accuracy, latency,
reliability, cost tolerance, and other parameters.
Malik Ishak, Director, Business Development, Middle East & Africa, Andrew Network Solutions
Stuart Katz, Director of Product Line Management for U-TDOA, Andrew Network Solutions
Friday, June 1, 2007
8:30-9:30 a.m.
Pine Digital Security
In this interactive workshop Pine Digital Security will introduce the
audience in the mindset of a hacker, targeting the telco's lawful
interception system.
Mark Lastdrager, CEO, Pine Security
10:00-11:00 a.m.
Basic Tools used by Forensic Investigators
This presentation will run through a list of forensic tools as well as
tools that while not forensic by design can be very helpful to the
forensic examiner.
Greg Kelley, Vestige Digital Investigations
11:30-12:30 a.m.
Introduction to Key Cyber-Terrorism Concepts-items LEA Staff Should
Always Keep in Mind
It is useful to reassess LEAs understanding of basic concepts relating
to the fight against such threats: what constitutes Cyber-terrorism, how
do attacks take place, against whom. What are governments doing at local
and international levels to protect Critical Infrastructure for its
citizens?
Mathieu Gorge, Managing Director, VigiTrust |
|
