Presentation is loading. Please wait.

Presentation is loading. Please wait.

DECISION Group Inc.. Decision Group www.edecision4u.com Monitoring Center Solution on Internet Access for LEA or Intelligence.

Published byCatherine Hawkins Modified over 9 years ago

Similar presentations

Presentation on theme: "DECISION Group Inc.. Decision Group www.edecision4u.com Monitoring Center Solution on Internet Access for LEA or Intelligence."— Presentation transcript:

1 DECISION Group Inc.

2 Decision Group www.edecision4u.com Monitoring Center Solution on Internet Access for LEA or Intelligence

3 A legally sanctioned official access to private communications of specific targets through – telephone calls – e-mail messages – … A security process: through which a communication service provider collects and provides law enforcement with intercepted communications of private individuals or organizations. What is Lawful Interception

4 What Challenges to Current LI  Based on old telecom network of voice analog technology without support of new IP technology  All batch job task without quick response to immediate events  LI result report acquired one or two days later because of batch processing tasks  Only on voice and email without on the scope of many other popular online services  Cyber crime rings rely on 60% on voice and email and 40% on other social media, instant message, and interactive tools… Current Out-of-Date LI Technology cannot Mitigate the Risk of Attacks from Crime Rings

5 For both Telecom and Network Environment Compliant with ETSI or CALEA Standards Getting IP packet data stream from Telecom and Internet Service Providers Decoding as many protocols as possible Data retention capability for long term tracking and reporting Easy to deploy and manage with high security control New Criteria for LI

6 Scenario and Actors for LI target Correspondent Handover interface Interception interface Regulators Service Providers Mediation Vendors Collection Vendors Interception Vendors Monitor

7 ETSI Lawful Interception Model LEMF Network Internal Functions Intercept related information (IRI) Content of Communication (CC) Administration function IRI Mediation function Content Mediation function IIF INI HI1 HI2 HI3 IIF: Internal interception Function INI: Internal Network Interface HI1: Administraive Information HI2: Intercept Related Information HI3: Content of Communication NWO/AP/SvP Domain Interception Vendors Mediation Vendors Collection Vendors

8 LI Plane @ LEA LI Plane @ ISP Court Investigator Crime Investigation Cycle with LI Interception & Filtering Delivery Target Provision Warrant Management Decoding & Reconstruction Deep Content Inspection Presentation GSN Core Router BRAS AAA IP Data -Control Plane -User Plane

9 Wired IAS Passive Interception

10 Wired IAS Active Interception

11 Wireless 3G Passive Interception

12 iMonitor (I) Warrant Management - Target type ISP account(RADIUS), CPE MAC address(RADIUS), MSISDN(Phone Number) - Warrant/Target life cycle management Quest for the target context Set start-time and end-time for the warrant /target Suspend receiving data for time-out warrant/target LEMF interface - ETSI TS 102 232-1/2/3 - DG proprietary interface Warrant Managemen t Presentation Decoding & Reconstruction Deep Content Inspection

13 iMonitor (2) Decoding and Reconstruction - Receive data through handover interface - Protocol decoding and reconstruction Instant Message: MSN messenger, Yahoo messenger, Facebook IM… Mail: POP3, SMTP, web mail VoIP: SIP, H.323, RTP, Codec(G.711/G.729) Social Network: Facebook, Plurk, Twitter, Youtube… Other common protocols: HTTP, Telnet, FTP, …. - Protocol decoding and recognition : Skype, What’s app, LINE… Warrant Managemen t Presentation Decoding & Reconstruction Deep Content Inspection

14 iMonitor Sample: IM -Yahoo, MSN, ICQ, IRC, QQ, GTalk etc…

15 Content of Facebook, friend list and attached files iMonitor Sample: Facebook

16 Whois function provides you the actual URL Link IP Address HTTP Web Page content can be reconstructed iMonitor Sample: HTTP (Web Link, Content and Reconstruction)

17 iMonitor Sample: HTTP Upload/Download

18 iMonitor (3) Deep Content Inspection - Advanced and fast keyword search on reconstructed content - Identity link and communication link discovery System Capacity - 400Mbps - Max number of provision targets: 20000 - Max number of inspector: 20 Server Hardware(recommended) - HP DL380 Warrant Managemen t Presentation Decoding & Reconstruction Deep Content Inspection

19 Alert configured from different service categories and different parameters such as key word, account, IP etc. Alert can be sent to Administrator by Email or SMS if SMS Gateway is available. Throughput alert function also available! iMonitor Sample: Alert and Notification – Alert with Content

20 Complete Search – Full Text Search, Conditional Search, Similar Search and Association Search Conditional Search Full Text Search Association / Link Search iMonitor Sample: Search – Full Text, Condition, Association

Download ppt "DECISION Group Inc.. Decision Group www.edecision4u.com Monitoring Center Solution on Internet Access for LEA or Intelligence."

Similar presentations

Decision Group www.edecision4u.com Forensics Investigation Toolkit (FIT) Layer 7 Content Reconstruction Tool.

Decision Group Forensics Investigation Toolkit (FIT) Layer 7 Content Reconstruction Tool.
Microsoft Internet Security and Acceleration (ISA) Server 2004 Technical Overview

Microsoft Internet Security and Acceleration (ISA) Server 2004 Technical Overview
Page 1 / 18 Internet Traffic Monitor IM-1000. Page 2 / 18 Outline Product Overview Product Features Product Application Web UI.

Page 1 / 18 Internet Traffic Monitor IM Page 2 / 18 Outline Product Overview Product Features Product Application Web UI.
1 © 2005 Cisco Systems, Inc. All rights reserved. Craig Mulholland Consulting Engineer February 8, 2006 Cisco Systems Lawful Intercept Capabilities The.

1 © 2005 Cisco Systems, Inc. All rights reserved. Craig Mulholland Consulting Engineer February 8, 2006 Cisco Systems Lawful Intercept Capabilities The.
EduCause LI Overview February 2007

EduCause LI Overview February 2007
Principles of Information Technology

Principles of Information Technology
Lawful Interception & Packet Forensics Analysis System Casper Kan Chang Decision Group June 2010.

Lawful Interception & Packet Forensics Analysis System Casper Kan Chang Decision Group June 2010.
Total LI Compliance using Turn-key Applications and Solutions Rami Mittelman V.P. Product Marketing.

Total LI Compliance using Turn-key Applications and Solutions Rami Mittelman V.P. Product Marketing.
MNO Cloud Use Case 3 Source: Rogers Wireless Contact: Ed O’Leary George Babut 3GPP/SA3-LI#43Tdoc SA3LI11_116.

MNO Cloud Use Case 3 Source: Rogers Wireless Contact: Ed O’Leary George Babut 3GPP/SA3-LI#43Tdoc SA3LI11_116.
Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
Network Forensics and Lawful Interception Total Solutions Provider

Network Forensics and Lawful Interception Total Solutions Provider
DECISION GROUP The Pioneer of IT Forensics Taipei, Germany, Hong Kong, Singapore.

DECISION GROUP The Pioneer of IT Forensics Taipei, Germany, Hong Kong, Singapore.
Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Application Layer – Lecture.

Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Application Layer – Lecture.
Internet…issues Managing the Internet

Internet…issues Managing the Internet
CHAPTER THE INTERNET, THE WEB, AND ELECTRONIC COMMERCE 22.

CHAPTER THE INTERNET, THE WEB, AND ELECTRONIC COMMERCE 22.
IMonitor Software About IMonitorSoft Since the year of 2002, coming with EAM Security Series born, IMonitor Security Company stepped into the field of.

IMonitor Software About IMonitorSoft Since the year of 2002, coming with EAM Security Series born, IMonitor Security Company stepped into the field of.
DECISION Group Inc.. Decision Group www.edecision4u.com Mediation Device for Internet Access Provider.

DECISION Group Inc.. Decision Group Mediation Device for Internet Access Provider.
Forensic and Investigative Accounting

Forensic and Investigative Accounting
Principles of Information Systems, Sixth Edition The Internet, Intranets, and Extranets Chapter 7.

Principles of Information Systems, Sixth Edition The Internet, Intranets, and Extranets Chapter 7.
Market Analysis Decision Group.

Market Analysis Decision Group.

Similar presentations

Ads by Google