Terrorism and unlawful activities have prevailed and flourished in the modern information age, with criminal activity rapidly adapting cyberspace as safe haven for illicit activity. Historically, national intelligence agencies have relied on the monitoring of public telephone networks, by establishing and performing ‘legal eavesdropping’ on physical telecommunications and telegraph (PTT) ‘copper lines’.
These human- and hardware-intensive operations rapidly absorbed new technologies relying on land lines, such as fax, but were slow to encompass wireless communications and the internet, leaving these areas vulnerably uncovered.
Following huge investments in infrastructure, as part of the global war on terror and, with the related fight against money laundering and financial support of terrorist activities, these gaps became quite effectively bridged. Presently, most modern countries are well equipped to effectively monitor the all types of communication in their territory.
But this effort is never ending. Rapid advances in telecommunication and Internet Protocol (IP) technologies constantly challenge law enforcement and intelligence agencies around the world in a relentless race. Wireless telephony, broadband multimedia communications and entertainment services, are rapidly expanding to reach the majority of individuals in the developed and developing countries. Engaging customers through a multitude of interactions, such services are exploited by strategic and tactical monitoring systems, developing unprecedented knowledge of individual behavior and group activity, which can be assessed in real-time or by analyzing historical data, to seek meaningful trends and behavior patterns indicating suspicious activity. Added with DNA profiling and other biometric identification and financial transactions, tracked through credit-card companies and facial recognition of customers at points of sale, are all adding, up to a whole new world, where no one can hide and everyone could become a potential suspect.
‘Target interception’ refers to the interception of a known target and is typically performed in real-time, according to criteria such as email address, or phone number. However, in many intelligence scenarios, targets remain unidentified. Using ‘Mass Interception’, intelligence agents identify unknown suspects, spot new activities, completing the intelligence picture. Mass interception refers to the potential, tracing of all network communications, enabling intelligence agents to extract clues from the retroactive analysis of large volumes of past communications. Mass interception systems can access such networks by monitoring the trunks at the operator’s facility, or via microwave and satellite surveillance.
In the past, authorities required legal warrants to access and tap the physical communications lines. Today, exploiting wireless connections, through microwave links, wireless local area networks, cellular broadband and the upcoming WiMAX wireless broadband mobile links, authorities are able to tap into the new media ‘of the air’ with relative ease, monitoring GSM, CDMA, Satellite Communication and Computers Communication. Such activities can be done without the subscribers’ awareness or knowledge. Furthermore, physical networks sofar considered relatively safe to unauthorized eavesdropping, can now be monitored by stealthy ‘probes’ – using bugging devices, capable of seeping the entire traffic over broadband channels, analyzing the traffic in search of suspicious traces of data – such as words, phrases and names. Other methods utilizing stealthy ‘Trojan horses’ empower cell-phones, personal digital assistants (PDA) and PCs, without their owner’s knowledge, turning these personal communicators into active eavesdropping devices.
Military grade COMINT solutions were traditionally employed by national security agencies, in counter-espionage operations, to ‘fish’ spies. Currently, security agencies, law enforcement and government agencies require such services for daily operations, monitoring, locating and tracking wireless systems, from licensed trunk radios to wireless, cordless phones, intercepting, tracking and localizing electronic signals that could trigger explosive devices, or tracking phones involved in criminal activities. Modern COMINT systems comprise the receivers, mapping, decoding, and decompressing subsystems, handling the intercepted transmissions and analysis tools, to interpret signals and content in real time. Services are enhanced with link, location, and other analytics that link the COMINT interception with information gathered from other sources.
Israeli companies are prominent worldwide for their unique and powerful communications monitoring equipment. Such systems have been deployed with many government agencies worldwide, as national security assets, as well as for the use by law enforcement agencies. More recently, the technology was ‘scaled down’ to meet the requirements of emergency call- centers, such as the 911 in the U.S., for which powerful systems were developed, to improve public service, by developing better situational understanding and location tracking, while providing better analytic tool in support of law enforcement investigations.
Electro-optical (EO) systems are providing essential capabilities for improving security, counter terror and combating crime. Advancement in this field include smarter video surveillance systems, empowered by automated ‘video analytic’ systems managing massive flows of multiple sensors into a clear situational picture. Thermal imaging is also improved with lightweight, compact and cost effective uncooled sensors (bolometer type), used in surveillance equipment, weapons sights, night observation devices, payloads for unmanned systems etc.
On other fields, powerful image processing is harnessed for biometric identification, analyzing facial details in real-time to assist, and in certain conditions, replace human gatekeepers and attendants.
At Milipol 2009 OPGAL is introducing the ‘Compact-Eye’ (seen in the photo above), an ultra-compact thermal imaging engine designed for low-power applications. It is based on a state-of-the-art 384 x 288, uncooled 8-14μ microbolometer detector, with a 25 micron pitch. The miniature features make it suitable for portable IR applications and for thermal camera integrators seeking reduced space, weight and power requirements.
Typical uses are in surveillance systems and border security. The engine comes with an effective anti-blooming mechanism, integral x2 and x4 digital zoom and employs proprietary algorithms proven effective under poor visibility conditions. The system also employs high-resolution graphics software and flexible signal processing capabilities.
Another innovative electro-optical system is the ‘virtual wall’ from Magna BiScopic Protection (BSP). The company has developed a range of security applications based on the BSP patented principle, performing perimeter protection, surveillance and patrol as well as for use for airport safety and security. To facilitate high probability of detection at very low false alarm rate, Magna employs a combination of different methods of operation, among them the company’s patented Three Dimension Motion Detection (TDMD) and BiScopic Protection. The company is offering these systems under several product lines including theHawk and Optical Watch Line (OWL) family, creating a ‘virtual wall’ generating an invisible trip line around the protected area, while the EAGLE family offers scanning biscopic protection for the defense of fenced-in areas and entrances. (read more…)
Security personnel are faced with an overwhelming volume of video and data, making it difficult to pinpoint events of genuine importance. Automated video analytical systems can help organize the information flow, to prioritize such vast amounts of video and data, for effective decision-making and faster and timely reaction. They enable security officers to focus on deterring and managing threats, rather than scanning banks of video monitors in trying to detect these. (read more…)
Face recognition ID (FRID) is already endorsed by major industry and government agencies as the leading biometric ID technology. When providing a high level of positive ID, Facial recognition is more user-friendly and less intrusive than other biometric identification systems such as iris or fingerprint authentication. Deployed at a point-of-service to facilitate identification of customer’s identity, such systems are offering significant advantages for security and law enforcement. A typical system offered by C-True is combining image capture and display and processing with face recognition technology. Initiating a dialog with a new customer, the system performs a quick 3D scan of the subject’s face, employing an algorithm that analyzes facial features and assigns the persons a unique ID. (read more…)
Better Vision for the Snipers
A newcomer to Milipol, the Israeli company ‘Pulse Inteco’ is introducing its compact, lightweight fire-control system, designed for sniper rifles, grenade and rocket launchers. The system incorporates a single-pulse laser rangefinder operating in an eye-safe spectral range (invisible to night vision devices) integrated with a sniper’s telescope and fire control computer. The laser accurately measures distance to the target. The ballistic computer calculates the elevation angle, moving the scope’s displayed reticule to compensate for the ballistic trajectory. At night, the system matches with a night vision viewing device for enhanced operation.
At Milipol 2009 Meprolight is announcing the NOA (picture above), the latest weapon sight added to the company’s night sights portfolio. NOA is an uncooled thermal weapon sight, incorporating a mission computer turning the sight into a powerful surveillance and intelligence collection tool. The sight supports X4/X7 magnification with image clarity and precision enabling a sniper to detect a human target at 1500 meters. Static targets can even be detected behind camouflage, battlefield obscurants, in adverse weather and total darkness.
Methodological recording of emergency-call services provide a wealth of information that can help improve public safety, highlight evolving trends in public safety and security and support crime investigations. Historically, reviewing enough calls to identify performance trends and challenges has been a manual task that many centers didn’t have the resources to fulfill. Likewise, public safety operations lack formalized quality and analysis processes – such as those available through integrated voice/screen recording – leaving them with only a limited view of what is really happening across their operations.
The photo below shows a geographical information system (GIS) processing of 911 call records shows the areas most prone to criminal activity. Photo: ESRI
911 emergency call center in New York City. Photo: NY City
The availability of patented speech analytics solutions developed by Verint for the intelligence community enabled the recent introduction of recording and analytic services to assist public safety agencies, performing trend spotting to help reduce crime and improve quality of life for citizens, by leveraging 9-1-1 interactions. The service utilizes Verint Impact 360 Speech Analytics system, to enable law enforcement agencies to obtain call records and events gathered by Public Safety Centers such as 911, and mine recorded emergency calls to uncover key facts for incident investigations.
The new system provides automatically transcribed emergency contact audio, into data that can be mined for intelligence. This new capability enable emergency centers to identify opportunities that can make their work more efficient and effective, while proactive trend spotting tools can uncover issues before they become widespread problems. The software empowers users to uncover insights within all related recorded calls through guided, visual search tools. This will not only support public safety agencies by helping investigators uncover facts during emergency situations, but also identify staff training and process improvement opportunities.
NICE Systems is offering the ‘Nice Inform’ suite of data mining applications to provide central incident information management solution by processing communications monitoring information related to specific incidents, including the acquisition, location, association and reconstruction of conversations that took place over the radio or telephone. consolidation of voice calls, (telephony, radio, VoIP), video, and tracking information, all displayed over a digital map, relative to the crime scene, with relevant photos and video clips, incident reports, mug-shots, emails, and more. Such tools provide for faster scenario reconstruction, accident investigation and post-incident analysis offering greater insight, and improved response. The system extracts a complete, unified, chronological, multimedia-rich history of incidents used for debriefing, and event analysis by homeland security and first responders.
Security personnel are faced with an overwhelming volume of video and data, making it difficult to pinpoint events of genuine importance. Automated video analytical systems can help organize the information flow, to prioritize such vast amounts of video and data, for effective decision-making and faster and timely reaction. They enable security officers to focus on deterring and managing threats, rather than scanning banks of video monitors in trying to detect these.
Nextiva video analytic surveillance system from Verint employs video analytics to display the images most likely to be of interest and value, based on the situation and incident being followed. Photo: Verint
Procedures rendered and rapidly disseminated through a video surveillance network, can trigger alerts more rapidly and intelligently, thus responding to evolving conditions and dynamic situations, while simultaneously displaying relevant video streams to respective authorities.
The proliferation of video surveillance systems scanning city centers, along roads and railways, outdoors and in large, commercial open spaces, opens more data sources, improving security, detering criminal activity and vandalism, while assisting criminal investigation in solving crime, terror events or heightened security alerts. Video analysis addresses the potential to extract valuable insight from historical visual information, as well as real-time video streams. A search into historical records can verify or deny suspects’ alibi, pointing to a potential direction for further investigation. Yet, the laborious search, required by manual analysis of days and weeks of video records, renders such manual process inefficient.
Utilizing automated Video Analytics (VA) has proven essential for large scale monitoring and control centers at airports, public transport hubs and government facilities. Video analytics applications, utilizing transport security systems reach far beyond security, resulting in improved passenger safety and quality of service. It also provides powerful investigative tools for intelligence and law-enforcement agents, investigating crimes and terror incidents.
Image processing performed on the video stream can determine the size, direction of movement, speed and distance between vehicles, and lane deviation, this information can be processed, analyzed and used for situational awareness or law enforcement. Once a stationary vehicle is detected here, an alarm will be triggered, alerting on a potential traffic hazard.
An example of such VA application is theNextiva system, developed by Verint. The system comprises analytics-embedded encoders, wireless transmitters and analytic-enables IP cameras, enabling video to be analyzed at the point of capture, thus reducing overhead and communications bandwidth consumption, particularly in large scale networks.
The congested, busiest urban centers become a unique challenge to municipal, transportation and law-enforcement officials. Video monitoring is often used on a wide scale, sending live views from the street, enabling the situation-room to address any evolving emergency. With cameras distributed in city centers and along transportation routes, video monitoring systems provide efficient means for assessing a developing situational event. Here, video analytics services become essential in verifying multiple incoming alerts, using real-time video feeds.
In this example, a person climbing on the fense will be spotted since the fense is defined as an excluded area, triggering immediate alert. Photo: Verint
Based on better situational awareness, officers can allocate the optimal resources , to timely deal with the most critical situation sector. For example, analytic processing can automatically report double-parked vehicles or identify vehicles blocking traffic lanes or access routes, alert on crowd gathering near sensitive locations, detect intrusions into restricted, or dangerous areas, assessing traffic congestion before they develop into dangerous choke-points, blocking major transportation routes. Similarly, airport security centers can benefit from VA, to identify breaches in gate security, trigger alerts for people moving in the wrong direction in security-critical sectors, detect potential threats inside terminals and parking areas, monitor the airport perimeter and overview critical areas and sterile zones.
With the exponential growth in the volume and data complexity, agencies operating telecom interceptions need to handle growing numbers of information sources and the data overflow which accompany them, outsmarting sophisticated evasive techniques that exploit the relative anonymity offered by modern internet-based services. By automatically analyzing large volumes of data, analysts can deal with the information-flow streaming from mass communications, by monitoring systems in a timely manner. This enables investigators and analysts to exploit actionable information in addressing the short life-span of potential targets.
Automatic, intelligent analysis of content is therefore imperative, transforming large volumes of unstructured data to a structured and meaningful information process.
While communications interception has always been maintained as a strategic asset, providing efficient analytic tools operated by investigators, as part of criminal investigations, these huge volumes of data can turn into valuable insights and leads. Both Verint and Nice Systems are introducing powerful analytic data processing systems that have recently evolved from the shadows of top secret intelligence services, into the commercial, emergency and law-enforcement domain.
Video below: NICE Systems demonstrates speach analytic analysis for service centers, live on CNBC’s “Squawk Box”
Verint is offering a powerful a data fusion and analytic system called X-TRACT, to assist crime investigations. Similar systems are used by counter-intelligence and counter terror agents in to reveal and hunt hostile and criminal networks. The system implements analytic methodology, utilizing inference solution suites, linked to various data sources, mapping dynamic links between disparate objects, indicating potential associations between different entities. Results are displayed in an intuitive environment, designed for the use by analysts and investigators. This end-to-end data investigation solution includes powerful data access, smart scoring, alert management, visual desk investigation and reporting capabilities. Verint’s patent-protected speech analytics solution is capable of indexing every word and phrase identified for context and meaning. Conversations containing specific words or phrases can be isolated for further investigation, and with trend analysis, reveal activity around these terms. Similar services are built into the powerful NiceTrack communications monitoring and analysis suite, incorporating a range of analytical and operational tools, improving the extraction of intelligence products from communications monitoring. Typically, analytic systems provide voice analysis – applying voice recognition, speaker-verification and identification, and ‘voice content structuring’ speech processing technology, trained to spot specific spoken words, phrases and even detect excitement in speech.
speech analytic voice recognition technology employed by Nice Sysrems is used at call centers, to track unsatissfied customers by identifying words such as ‘cancel my subscription’, ‘not satisfied’ or ‘disconnect’, automatically elevating the issue tomore experienced support agents. The same technology is used by intelligence agencies to track terrorists!
Nice Track converts raw voice records through ‘Speech to Text’ process, enabling automatically annotating of data with identifying tags and textual categories to describe the data, uncovering hidden relationships and events ‘buried’ within mass volumes of textual information. The process begins with the spoken words turned into text, by voice and speech recognition processing. Once converted, call records are processed through data mining techniques, to seek meaning and insight into voice, text, email and other data formats. Processing includes language identification, translation, word spotting and more accurate phrase spotting. Analysts can also rely on content analysis for the understanding of the textual content and structure. Target profiling can be obtained, utilizing target location tracking in real time as well as offline tracking of the target’s movement over time. Based on such automatic processing of context analysis, automatic alerts can be issues on the interception of important evidence or in response to short life spanned information.
Data analysis has also been widely implemented in the financial, business and commerce sectors, tracking fraudulent activity, money laundering and mitigating business risks. One of the leading companies in this field is Fortnet, recently acquired by Actimize, a subsidiary of Israeli based Nice Systems, which was also dominant in this field. With this acquisition, the majority of the world’s largest banks and all top-ten global banks will be using Actimize, for compliance and financial crime prevention. Such systems are used for Anti-Money Laundering, real-time cross-channel fraud prevention; brokerage compliance and enterprise case and investigation management. Since its foundation in 1993 Fortent provided analytics based Anti-Money Laundering (AML) and financial crime prevention system solutions for the financial services industry, servicing top-tier clients such as Barclays, JPMorgan Chase, Mizuho, Royal Bank of Scotland and Scotiabank.
Beside monitoring content and call activity, cellular networks provide powerful location tracking of active subscribers, enabling intelligence and law enforcement agencies to track the locations of tens of thousands of subscribers per second. These capabilities are being implemented by the network providers, with authorities having mandated such capability. Tracking technologies have been developed by companies specializing in cellular services, based on protocols implemented by the companies developing the network services (Nokia, Erricson, Motorolla, etc).
Basic location monitoring and tracking services were originally developed as commercial services, deployed by service- providers, as part of added-value service. When endorsed by intelligence and law enforcement, these services require higher location and tracking accuracy, enabled by the fusion of several location techniques. As location tracking became mandatory by homeland security authorities, relevant tracking technology providers became strategically important for communications monitoring providers such as Verint and Nice Systems; both companies have recently acquired small enterprises specialized in this field.
Septier Communications provides location tracking services that enable law enforcement agencies track suspects more accurately using only cellular information. Location tracking solutions can trigger real-time alerts when a subscriber is entering or leaving a specified zone or when two suspects are in close proximity (indicating that a meeting may take place). These solutions can also help law enforcement agencies creating a geographical profile and can also aid in alibi confirmation.
Nice Systems also acquired an Israeli cellular location tracking technology provider, called Hexagon System Engineering. Hexagon provides location of cellular devices at a high level off accuracy. Law enforcement, intelligence agencies and internal security organizations already rely on NiceTrack solutions will be able to use Hexagon services to track the location of their targets, while intercepting the communications emitted by the radio or phone.
As billions of mobile phones have been used as electronic companions and personal communications, by countless subscribers worldwide, these highly sophisticated electronic devices can be mined for information, as tracks of phonebooks, text messages or call history can be traced on the device even after they are deleted from memory or SIM cards. When a mobile phone finally falls into the hands of the law, valuable data can be extracted, correlated and used as evidence providing clear indication of whereabouts, intentions and activities of the suspect.
However, until recently, such mining required expert processing and analysis that took days and weeks.
A small hand-held device has changed all that, empowering field teams and investigators with the capability to interrogate a suspect’s mobile phone, as if it was their own device. Launched in Israel in 2008 by Cellbrite, Universal Forensic Extraction Device (UFED) has already been fielded with many law enforcement agencies and police departments, empowering the investigating of field detectives and assisting in forensic evidence collection. The hand-held device is designed to extract data from over 2,000 types of handsets, smartphone and PDAs. In 2008 Cellbrite has launched a range of portable interrogation devices that can transfer, backup, and management the information stored on the phone’s memory devices. Data can be extracted even when the original SIM is not available or is locked with the user’s secret PIN.
An example of excellent detective work employing data mining of suspect’s mobile phone was the case of a murder case recently solved by DC Steve Miller from Leeds, U.K. The mass of information he obtained from a suspect’s phone was unprecedented in the details and quality. The phone recovered by the investigation had been passed around many criminals and used with a number of different SIM cards. By retrieving historical data remaining on the device, Detective Miller was able to prove that one of those cards was used by the suspect. He was able to recover a deleted text message, in which the suspect arranged to meet the murdered woman, shortly before he killed her. The defendant was convicted and sent to life imprisonment.
Communications interception systems are designed to comply with Lawful Interception (LI) delivery standards. These include norms set by the European Telecommunications Standards Institute (ETSI) as well as the American Telecommunications Industry Association (TIA). However, some agencies are operating ‘above the law’ and are exempt of LI restrictions. Organizations such as the Intelligence and National Security agencies, rely on powerful non-intrusive stealth ‘wire tapping’ known as probes,passively intercepting and monitoring telephony and internet network links, using front-end devices, independently of network operators. These probes can be deployed anywhere, on the trunk links connecting service providers’ networks to each other or within the networks themselves.
Septier, an Israeli communications interception expert is specializing in the development and deployment of such probes. The company developed passive interception devices that can be used covertly, thus not affecting the service to the subscriber, or create any indication to the subscriber, or the network that interception is actually taking place. Given the immense potential of such capability, Sepiter provides their passive interception capability with maximum level of security, to safeguard from unsecured or unauthorized access to the system, from external or internal sources. These are including an extensive permissions mechanism, detailed internal logging as well as different encryption options. The system complies with ETSI and CALEA lawful interception standards, as well as with other regional regulations. Sepiter can intercept, process and decode internet traffic at rates up to 25 Gigabit/second.
These systems are built to collect massive amounts of raw data and information. The data is stored in dedicated fast-performing storage devices, utilizing hundreds of terabytes per system. By utilizing data-mining and pre-programmed reports and analytical tools, users can extract nontrivial insights from stored information, highlighting implicit, previously unknown, and potentially useful information from the collected data.
Today’s communications are not limited to voice or cellular. Even the old copper lines connecting our homes to the land network, have transformed to offer immense broadband communications, enhanced with Asymmetric digital subscriber line (ADSL) and more recently, Very high bit-rate Digital Line Subscriber (VDSL) modems, dramatically increasing data transfer capacity and offering massive multimedia streaming and data transfer, for business and personal use.
Providing law enforcement agencies an insight into potentially illicit use of these new communications technologies, TraceSpan Communications has developed the Phantom family of probes, enabling broadband analysis and monitoring of ADSL and VDSL lines. Earlier this year the company released the latest member of its family, VDSL ‘Phantom 3838′, passive Lawful Interception (LI) monitoring solution for VDSL2 lines. The Phantom provides passive tapping devices that record and store broadband digital information. The probes can monitor both upstream and downstream data simultaneously at high bit rate. Such probes can be installed at virtually any location – at the central office, or in the field, while data is monitored remotely.
To display and analyze the data being intercepted, TraceSpan developed the ‘Phantom Viewer’ monitoring application displaying the network traffic, including internet browsing, Email services, FTP, instant messaging and voice calls in real-time and playback mode. Utilizing this application, the agent monitoring a suspect is able to see all the suspect’s network activity, including web pages visited, identified with properties of the destination pages (target IP); monitoring agents can also retrieve hidden attributes of the information, such as passwords, or hidden email addresses, they can read instant messages and tap IP voice telephony in real time, or play-back on demand.