SlideShare a Scribd company logo

Lawful Interception Case Studies for ISS Solutions

GIST (Gwangju Institute of Science and Technology)
GIST (Gwangju Institute of Science and Technology)
1 of 42
Download to read offline
Special Topic of Telecommunication Network Chapter 7 Case Studies for ISS Solutions Aris Cahyadi Risdianto 23210016
Case Study 1: Wireline Voice Intercept and Surveillance Solutions from Lucent Technologies
Case Study 1: Wireline Voice Intercept and Surveillance Solutions from Lucent Technologies CALEA function provide by TSP •Access: network entity intercepts and reports call data and/content to LEA •Delivery: network platform provide interface to LEAs for delivery of call content/data •Administration: capability that establishes and maintains surveillance with TSP Level of Surveillance •Level I — call related information: Only call-identifying information (CII) is reported, and it is intended to satisfy pen register and trap and trace court orders. •Level II — call and content related information: The intent is to satisfy a Title-III court order.
Case Study 1: Wireline Voice Intercept and Surveillance Solutions from Lucent Technologies CALEA Interfaces (SAS, CDC, and CCC)  Surveillance administration system (SAS) for provisioning using existing 5ESS TTY ports  CDC for reporting CII (CDC messages) from the switch to the LEA  CCC for delivering call content from the switch to the LEA Conclusions  J-STD-025 compliance : allowing TSPs to meet their obligations under CALEA  Flexibility: Different LEAs in different locations may require different CALEA interfaces  Cost: Integrated delivery function and dial-out capability significantly reduced the costs  Evolution: Current 5ESS CALEA solution can be adapted to future technologies without any effect
Case Study 2: Lawful Interception in CDMA Wireless IP Networks from SS8 Networks
Case Study 2: Lawful Interception in CDMA Wireless IP Networks from SS8 Networks
Case Study 2: Lawful Interception in CDMA Wireless IP Networks from SS8 Networks Reference Function  AF through IAP responsible for providing access to an intercept subject’s communications and CII.  DF is responsible for delivering intercepted communications and CII to collection functions.  CF is responsible for collecting lawfully authorized intercepted communications and CII for an LEA. CF handle by the LEA IAP on the CDMA 2000 Packet Data Network  AAA (IAP for CII)  PDSN (call-content IAP for simple IP)  HA (call-content IAP for mobile IP)
Case Study 2: Lawful Interception in CDMA Wireless IP Networks from SS8 Networks Typical call flow scenarios are addressed  Scenario 1: Intercept Provisioning, Target Not Involved in Data Session  Scenario 2: Intercept Provisioning, Target Involved in Data Session  Scenario 3: Data Session Termination  Scenario 4: Intercept Expiration, Target Inactive  Scenario 5: Intercept Expiration, Target Active
Case Study 3: LIs for 3G Networks Using ALIS Uses of 3G Technology and Implications for Lawful Interception  Voice, increasing proportion of LI requests from LEAs because increasing amount of voice traffic as users migrate from wireline to wireless services.  SMS, LI will have to address growing use of the service among interception targets.  General Internet connectivity, added complication of the mobility of the target, the proportion of Internet communications over mobile networks will grow because more "safer" for crimininals and variety of devices with which to communicate (modem, PDA, etc)  High-speed photo and video clip upload and download, LI need to be prepared to intercept video and still imagery in against abusers.  Multimedia games, LI tracking users and sources of games involving illicit thematic material (child pornography, gambling, and hate targeting).  VoIP, VoIP traffic raises a number of technical and legal issues that cannot be ignored.
Case Study 3: LIs for 3G Networks Using ALIS Lawful Interception in 3G Networks  Figure 7.16 and Figure 7.17, give visualization of where to capture call data (IRI) and call content and also where LI management functions flow.  Figure 7.18, provide a closer view of interception topology in 3G networks (sufficiently general to include cdma2000) for circuit- switched network operations.  LI management commands are conveyed between the administrative function (ADMF) and other network elements via the X1 interface.  Intercepted call data (IRI) are conveyed via the X2 interface.  Intercepted call content is gathered via the X3 interface, and relayed to LEA using HI3.
Case Study 3: LIs for 3G Networks Using ALIS
Case Study 3: LIs for 3G Networks Using ALIS
Case Study 3: LIs for 3G Networks Using ALIS
Case Study 3: LIs for 3G Networks Using ALIS
Case Study 3: LIs for 3G Networks Using ALIS ALIS in 3G Networks  Implementation of ALIS as a mediation platform in a UMTS and cdma2000 network shown in Figure 7.20 and Figure 7.21  Important are the call data, call content, and LI management paths leading from ALIS-D and ALIS-M to the appropriate network elements and functions. Conclusions  The processes are delineated by architectures, such as specified by ETSI, 3GPP, and ANSI, that facilitate systematic implementations and provisioning of LI systems.  The challenges to lawful interception remain, including the need to support a diversity of services, vendor technologies, wireless networking technologies, voice, and a multiplicity of high-speed data services.
Case Study 3: LIs for 3G Networks Using ALIS
Case Study 3: LIs for 3G Networks Using ALIS
Case Study 4: Lawful Interception for IP Networks Using ALIS Interception of Internet traffic involves complications  Target source and destination identities embedded on overall data flow  Target and non-target data are mixed at numerous IP circuits and network elements  Many parties involved in transporting data (access, transport, core)  Current laws on how to handle Internet interception are not clear.  Separation of applications and data from the flow are difficult  There is a lack of standards implementation
Case Study 4: Lawful Interception for IP Networks Using ALIS IP Interception Examples (Internet Access)  Internet Access Target Identification : LEA must coordinate interception activities with the TSP, regarding IP addresses which assigned through DHCP (including AAA) and fixed IP addresses assigned to customers business (T1, xDSL, etc). Others identifiers (username, ethernet address, Dial-in calling number identity, etc)  Collected Data (IRI) : Identity target, service and access, time of access success or denied, access location, etc. This data delivered to LEA through HI3 interfaces, but make sure LEA not become IP address spoofing  Lawful Interception Configurations for Network Access (shown in Figure 7.24a to Figure 7.24d) : interception points implement internal interception by applying probes or networking interfaces to local networks,access loops, routers, gateways, AAA functions, and so forth
Case Study 4: Lawful Interception for IP Networks Using ALIS
Case Study 4: Lawful Interception for IP Networks Using ALIS
Case Study 4: Lawful Interception for IP Networks Using ALIS
Case Study 4: Lawful Interception for IP Networks Using ALIS
Case Study 4: Lawful Interception for IP Networks Using ALIS IP Interception Examples (Email)  Collected Data (IRI) : Server IP, Client IP, Server port, Client port, E- mail protocol ID, E-mail sender, E-mail recipient list, Total recipient count, Server octets sent, Client octets sent, Message ID, Status.  Internal interception take place in the context of any e-mail server to identify targeted e-mail traffic and route the corresponding call data (CD) information to the mediation platform  LEAs as well must deal with spam to ensure not receive modified header on the email, use reverse DNS lookup practices to authenticate the origination of an e-mail, and subscribe to the e-mail blacklists for spam prevention.
Case Study 4: Lawful Interception for IP Networks Using ALIS
Case Study 4: Lawful Interception for IP Networks Using ALIS IP Interception Examples (VoIP)  Call control events : answer and origination target, release and terminated attempt.  Signaling events : Dialed digit extraction/DDE (captured extra digit after call connected), Direct signal reporting (signaling message), Network signal (activity network for provide signal), Subject Signal (signal initiate features)  Feature use events : signaling associated with conference calling, call transfer, and other call feature  Registration events : occur when the target provides address information to the VoIP network
Case Study 4: Lawful Interception for IP Networks Using ALIS
Case Study 4: Lawful Interception for IP Networks Using ALIS ALIS for IP  ALIS Internet access (Figure 7.28) : data information is extracted from RADIUS server and access termination point (CMTS, DSLAM, or modem pool). An internal intercept function (IIF) in a router replicates call content to and from the target and sends this data to ALIS-D.  ALIS mediation platform for e-mail (Figure 7.29) : Relevant e-mail header and other protocol information captured directly from the e- mail server as call data and routed to ALIS-D for reformatting and delivery to the LEA, while contents of e-mail messages routed to ALIS-D as call content.  ALIS for VoIP Calling (Figure 7.30) : ALIS-M sets triggering events for relevant network equipment, including the call agent (gatekeeper, SIP server, gateway, etc.) and routers assigned to capture data flow. Call data information is extracted via internal interception and sent to ALIS- D for processing.
Case Study 4: Lawful Interception for IP Networks Using ALIS
Case Study 4: Lawful Interception for IP Networks Using ALIS
Case Study 4: Lawful Interception for IP Networks Using ALIS
Case Study 6: Monitoring and Logging Activities Features of monitoring and logging for conducting LIs: ● Site-usage analysis: provides an understanding of how visitors (target) interact with Web sites ● Site-user analysis: particular messages to increase the likelihood that site visitors (targets) will be interested on web site information ● Site-content analysis: analyzes the content and structure of Web sites that may help indirectly with recognizing usage patterns Features and Attributes of Monitoring and Logging Tools ● Monitoring devices used at distributed locations ● Monitors are passively measuring the traffic in the network segments ● Data-capturing technique is also very important (location of probe, capturing schedule, location of logs) ● Intelligent filtering during collection and data compression/compaction ● Management of log files is very important (automatic log cycling, Visitors clustered) ● Predefined reports (template) and scheduler report
Case Study 6: Monitoring and Logging Activities IP Monitoring System (IMS) from GTEN AG ● Data Collection and Filtering Subsystem : deployed in strategic field with DCFD as for target monitoring based on log-in identification. ● Mass Storage Subsystem : file server acting as the mass storage which receive pre-filtered data from data collection and filter subsystem manually or automatic triggered. ● Data Re-Creation and Analysis Subsystem : recorded data viewed by standard browser (example e-mail displayed in e-mail format and an Internet page displayed as Internet page) including WWW sessions, FTP transfer, Email, Chat, Radius, etc. Typical Monitoring Applications ● Web-Site Monitoring : collect all traffic moving to and from a particular Web site, which done by wiretaps on Internet line and on Radius Server connection in order to correlate data recorded. ● Target Monitoring : monitored target must have unique ID (fixed IP address or user ID in RADIUS server), which DCFD sniff the all the packet after retrieves assigned IP address from RADIUS.
Case Study 6: Monitoring and Logging Activities
Case Study 9: MC Case Examples from Siemens AG Fixed Network — PSTN ● Network Protocols : E1 to network switches and EDSS1 line protocol. ● Network Switches : Any manufacturer switch comply to ETSI standard such as Siemens, Ericsson, Alcatel, and Nokia switches. ● Interception and Recording Modes : can be setup as mono or stereo, and compression mode to save space ● Types of Interception : conversation, call-related information, DTMF transmission, SMS, Fax, and modem ● Interception Management Systems : Any IMS comply ETSI standard such as Siemens LIOS, Utimaco IMS, Ericsson IMS, and Alcatel IMS Mobile Network — GSM ● Feature highlights are identical with intercepting fixed networks. ● Add-On Systems : location of the mobile cell is known through GIS
Case Study 9: MC Case Examples from Siemens AG
Case Study 9: MC Case Examples from Siemens AG
Case Study 9: MC Case Examples from Siemens AG Mobile Networks — GPRS/UMTS ● Network Protocols : E1 to network switches and EDSS1 line protocol. ● Network Switches : Any manufacturer switch comply to ETSI standard ● Interception Types : IP traffic on the packet-switch ● Add-On Systems : based on current location information can indicate the direction of travel ● Feature Highlights : IP traffic with the attributes read, view, navigate entire Web, e-mail, FTP, and chat sessions. Internet Monitoring ● Data Collectors : data collectors to connect points on the Internet to intercept ● Internet Applications : all IP traffic with decoding support for Web, Email (SMTP, POP3, Webmail), and Chat (IRC) ● Internet Access Points : collectors to any IP source such as GPRS switches, ISP SPAN ports, Internet backbone links, orInternet core computers ● Physical Interfaces : support many physical interfaces include Ethernet 100 Mbps, Ethernet 1000 Mbps, and OC3 ● Filtering : applied by the MC mediation device to collector, and filters IP data ● Back-End Internet Applications : operator can replay visited Web sites and viewed Web pages by the target user ● Interception Management Features : offered a single unified set of interception management features
Case Study 9: MC Case Examples from Siemens AG
Case Study 9: MC Case Examples from Siemens AG
Conclusion Case studies, in addition to the necessary level of awareness regarding product features, can help provide an understanding of how to deal with practical solutions. This chapter has addressed nine different cases — with some overlaps — that represent actual telecommunications services and products. These case studies, e.g., for wireless networks, packet data applications and VoIP, show that there are no technological barriers to lawful interception activities
Thank you

Recommended

A study-and-analysis-of-access-to-high-speed-connection-in-wireless-technology
A study-and-analysis-of-access-to-high-speed-connection-in-wireless-technologyA study-and-analysis-of-access-to-high-speed-connection-in-wireless-technology
A study-and-analysis-of-access-to-high-speed-connection-in-wireless-technologyaravindhawan
 
A046060105
A046060105A046060105
A046060105IJERA Editor
 
Tracing An IP Address or Domain Name by Raghu Khimani
Tracing An IP Address or Domain Name by Raghu KhimaniTracing An IP Address or Domain Name by Raghu Khimani
Tracing An IP Address or Domain Name by Raghu KhimaniDr Raghu Khimani
 
Internet 2.0
Internet 2.0Internet 2.0
Internet 2.0Chong Yee Er
 
Pervasive Device and Service Discovery Protocol in Interoperability XBee-IP N...
Pervasive Device and Service Discovery Protocol in Interoperability XBee-IP N...Pervasive Device and Service Discovery Protocol in Interoperability XBee-IP N...
Pervasive Device and Service Discovery Protocol in Interoperability XBee-IP N...TELKOMNIKA JOURNAL
 
A novel password based mutual authentication technique for 4 g mobile communi...
A novel password based mutual authentication technique for 4 g mobile communi...A novel password based mutual authentication technique for 4 g mobile communi...
A novel password based mutual authentication technique for 4 g mobile communi...eSAT Publishing House
 
Bluetooth
BluetoothBluetooth
Bluetoothaimenriyadh
 
Bq4301381388
Bq4301381388Bq4301381388
Bq4301381388IJERA Editor
 

Recommended

A study-and-analysis-of-access-to-high-speed-connection-in-wireless-technology
A study-and-analysis-of-access-to-high-speed-connection-in-wireless-technologyA study-and-analysis-of-access-to-high-speed-connection-in-wireless-technology
A study-and-analysis-of-access-to-high-speed-connection-in-wireless-technologyaravindhawan
 
A046060105
A046060105A046060105
A046060105IJERA Editor
 
Tracing An IP Address or Domain Name by Raghu Khimani
Tracing An IP Address or Domain Name by Raghu KhimaniTracing An IP Address or Domain Name by Raghu Khimani
Tracing An IP Address or Domain Name by Raghu KhimaniDr Raghu Khimani
 
Internet 2.0
Internet 2.0Internet 2.0
Internet 2.0Chong Yee Er
 
Pervasive Device and Service Discovery Protocol in Interoperability XBee-IP N...
Pervasive Device and Service Discovery Protocol in Interoperability XBee-IP N...Pervasive Device and Service Discovery Protocol in Interoperability XBee-IP N...
Pervasive Device and Service Discovery Protocol in Interoperability XBee-IP N...TELKOMNIKA JOURNAL
 
A novel password based mutual authentication technique for 4 g mobile communi...
A novel password based mutual authentication technique for 4 g mobile communi...A novel password based mutual authentication technique for 4 g mobile communi...
A novel password based mutual authentication technique for 4 g mobile communi...eSAT Publishing House
 
Bluetooth
BluetoothBluetooth
Bluetoothaimenriyadh
 
Bq4301381388
Bq4301381388Bq4301381388
Bq4301381388IJERA Editor
 
File000093
File000093File000093
File000093Desmond Devendran
 
MULTIMEDIA SERVICES OVER IP NETWORKS
MULTIMEDIA SERVICES OVER IP NETWORKSMULTIMEDIA SERVICES OVER IP NETWORKS
MULTIMEDIA SERVICES OVER IP NETWORKSYatish Bathla
 
GSM Technology and security impact
GSM Technology and security impactGSM Technology and security impact
GSM Technology and security impactAhmad Sharifi
 
Guideline for Call Data Record Analysis by Raghu Khimani
Guideline for Call Data Record Analysis by Raghu KhimaniGuideline for Call Data Record Analysis by Raghu Khimani
Guideline for Call Data Record Analysis by Raghu KhimaniDr Raghu Khimani
 
LoRa Technology - DNA of IoT
LoRa Technology - DNA of IoTLoRa Technology - DNA of IoT
LoRa Technology - DNA of IoTijtsrd
 
CSC 134
CSC 134CSC 134
CSC 134Farahana Sidek
 
Overview of Internet.ppt
Overview of Internet.pptOverview of Internet.ppt
Overview of Internet.pptVideoguy
 
Laws governing the internet service provider & there rights and liabilities.
Laws governing the internet service provider & there rights and liabilities.Laws governing the internet service provider & there rights and liabilities.
Laws governing the internet service provider & there rights and liabilities.Gaurav Chordia
 
Protocols in Bluetooth
Protocols in BluetoothProtocols in Bluetooth
Protocols in BluetoothSonali Parab
 
cyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricscyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricsMayank Diwakar
 
Migrating Visual Communications from H.323 to SIP
Migrating Visual Communications from H.323 to SIPMigrating Visual Communications from H.323 to SIP
Migrating Visual Communications from H.323 to SIPVideoguy
 
Ngn
NgnNgn
NgnMIDAS Automation & Telecommunications Pvt. Ltd. (MIDAUTEL)
 
Internet an how it works
Internet an how it worksInternet an how it works
Internet an how it worksshahnaz10
 
Bluetooth versus wi
Bluetooth versus wiBluetooth versus wi
Bluetooth versus wisher1242
 
Ip Address
Ip AddressIp Address
Ip AddressSahir Gulati
 
Md Minhajul Haq (072849556)
Md Minhajul Haq (072849556)Md Minhajul Haq (072849556)
Md Minhajul Haq (072849556)mashiur
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxronak56
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxdaniahendric
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxmakdul
 
Wireless security
Wireless securityWireless security
Wireless securitySalma Elhag
 
1, prevalent network threats and telecommunication security challenges and co...
1, prevalent network threats and telecommunication security challenges and co...1, prevalent network threats and telecommunication security challenges and co...
1, prevalent network threats and telecommunication security challenges and co...Alexander Decker
 
imsipmultimediasubsystempresent-101117110625-phpapp01.ppt
imsipmultimediasubsystempresent-101117110625-phpapp01.pptimsipmultimediasubsystempresent-101117110625-phpapp01.ppt
imsipmultimediasubsystempresent-101117110625-phpapp01.pptakimor
 

More Related Content

What's hot

MULTIMEDIA SERVICES OVER IP NETWORKS
MULTIMEDIA SERVICES OVER IP NETWORKSMULTIMEDIA SERVICES OVER IP NETWORKS
MULTIMEDIA SERVICES OVER IP NETWORKSYatish Bathla
 
GSM Technology and security impact
GSM Technology and security impactGSM Technology and security impact
GSM Technology and security impactAhmad Sharifi
 
Guideline for Call Data Record Analysis by Raghu Khimani
Guideline for Call Data Record Analysis by Raghu KhimaniGuideline for Call Data Record Analysis by Raghu Khimani
Guideline for Call Data Record Analysis by Raghu KhimaniDr Raghu Khimani
 
LoRa Technology - DNA of IoT
LoRa Technology - DNA of IoTLoRa Technology - DNA of IoT
LoRa Technology - DNA of IoTijtsrd
 
Overview of Internet.ppt
Overview of Internet.pptOverview of Internet.ppt
Overview of Internet.pptVideoguy
 
Laws governing the internet service provider & there rights and liabilities.
Laws governing the internet service provider & there rights and liabilities.Laws governing the internet service provider & there rights and liabilities.
Laws governing the internet service provider & there rights and liabilities.Gaurav Chordia
 
Protocols in Bluetooth
Protocols in BluetoothProtocols in Bluetooth
Protocols in BluetoothSonali Parab
 
cyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricscyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricsMayank Diwakar
 
Migrating Visual Communications from H.323 to SIP
Migrating Visual Communications from H.323 to SIPMigrating Visual Communications from H.323 to SIP
Migrating Visual Communications from H.323 to SIPVideoguy
 
Internet an how it works
Internet an how it worksInternet an how it works
Internet an how it worksshahnaz10
 
Bluetooth versus wi
Bluetooth versus wiBluetooth versus wi
Bluetooth versus wisher1242
 
Md Minhajul Haq (072849556)
Md Minhajul Haq (072849556)Md Minhajul Haq (072849556)
Md Minhajul Haq (072849556)mashiur
 

What's hot (16)

File000093
File000093File000093
File000093
 
MULTIMEDIA SERVICES OVER IP NETWORKS
MULTIMEDIA SERVICES OVER IP NETWORKSMULTIMEDIA SERVICES OVER IP NETWORKS
MULTIMEDIA SERVICES OVER IP NETWORKS
 
GSM Technology and security impact
GSM Technology and security impactGSM Technology and security impact
GSM Technology and security impact
 
Guideline for Call Data Record Analysis by Raghu Khimani
Guideline for Call Data Record Analysis by Raghu KhimaniGuideline for Call Data Record Analysis by Raghu Khimani
Guideline for Call Data Record Analysis by Raghu Khimani
 
LoRa Technology - DNA of IoT
LoRa Technology - DNA of IoTLoRa Technology - DNA of IoT
LoRa Technology - DNA of IoT
 
CSC 134
CSC 134CSC 134
CSC 134
 
Overview of Internet.ppt
Overview of Internet.pptOverview of Internet.ppt
Overview of Internet.ppt
 
Laws governing the internet service provider & there rights and liabilities.
Laws governing the internet service provider & there rights and liabilities.Laws governing the internet service provider & there rights and liabilities.
Laws governing the internet service provider & there rights and liabilities.
 
Protocols in Bluetooth
Protocols in BluetoothProtocols in Bluetooth
Protocols in Bluetooth
 
cyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricscyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometrics
 
Migrating Visual Communications from H.323 to SIP
Migrating Visual Communications from H.323 to SIPMigrating Visual Communications from H.323 to SIP
Migrating Visual Communications from H.323 to SIP
 
Ngn
NgnNgn
Ngn
 
Internet an how it works
Internet an how it worksInternet an how it works
Internet an how it works
 
Bluetooth versus wi
Bluetooth versus wiBluetooth versus wi
Bluetooth versus wi
 
Ip Address
Ip AddressIp Address
Ip Address
 
Md Minhajul Haq (072849556)
Md Minhajul Haq (072849556)Md Minhajul Haq (072849556)
Md Minhajul Haq (072849556)
 

Similar to Lawful Interception Case Studies for ISS Solutions

AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxronak56
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxdaniahendric
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxmakdul
 
Wireless security
Wireless securityWireless security
Wireless securitySalma Elhag
 
1, prevalent network threats and telecommunication security challenges and co...
1, prevalent network threats and telecommunication security challenges and co...1, prevalent network threats and telecommunication security challenges and co...
1, prevalent network threats and telecommunication security challenges and co...Alexander Decker
 
imsipmultimediasubsystempresent-101117110625-phpapp01.ppt
imsipmultimediasubsystempresent-101117110625-phpapp01.pptimsipmultimediasubsystempresent-101117110625-phpapp01.ppt
imsipmultimediasubsystempresent-101117110625-phpapp01.pptakimor
 
76 s201919
76 s20191976 s201919
76 s201919IJRAT
 
Effects of SIP in Interoperable LMR/Cellular Heterogeneous Mobile Wireless N...
Effects of SIP in Interoperable LMR/Cellular Heterogeneous Mobile Wireless N...Effects of SIP in Interoperable LMR/Cellular Heterogeneous Mobile Wireless N...
Effects of SIP in Interoperable LMR/Cellular Heterogeneous Mobile Wireless N...IOSR Journals
 
A Review Of IP And MAC Address Filtering In Wireless Network Security
A Review Of IP And MAC Address Filtering In Wireless Network SecurityA Review Of IP And MAC Address Filtering In Wireless Network Security
A Review Of IP And MAC Address Filtering In Wireless Network SecurityDustin Pytko
 
A Review of IP and MAC Address Filtering in Wireless Network Security
A Review of IP and MAC Address Filtering in Wireless Network SecurityA Review of IP and MAC Address Filtering in Wireless Network Security
A Review of IP and MAC Address Filtering in Wireless Network SecurityUniversitas Pembangunan Panca Budi
 
Chapter 4Networks for EfficientOperations andSustainabilit.docx
Chapter 4Networks for EfficientOperations andSustainabilit.docxChapter 4Networks for EfficientOperations andSustainabilit.docx
Chapter 4Networks for EfficientOperations andSustainabilit.docxchristinemaritza
 
osi-tcp ppt 1.pptx........................
osi-tcp ppt 1.pptx........................osi-tcp ppt 1.pptx........................
osi-tcp ppt 1.pptx........................swarnimprateek
 
Cryptography and network security.
Cryptography and network security.Cryptography and network security.
Cryptography and network security.RAVI RAJ
 
Security-aware fair transmission scheme for 802.11 based cognitive IoT
Security-aware fair transmission scheme for 802.11 based cognitive IoT Security-aware fair transmission scheme for 802.11 based cognitive IoT
Security-aware fair transmission scheme for 802.11 based cognitive IoT IJECEIAES
 
SYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introductionSYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introductionAfna Crcs
 
COMPUTER NETWORKS NOTES usefull for computer and elctronics students
COMPUTER NETWORKS NOTES usefull for computer and elctronics studentsCOMPUTER NETWORKS NOTES usefull for computer and elctronics students
COMPUTER NETWORKS NOTES usefull for computer and elctronics studentsGorra Narsimhulu
 

Similar to Lawful Interception Case Studies for ISS Solutions (20)

AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
 
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docxAbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
AbstractVoice over Internet Protocol (VoIP) is an advanced t.docx
 
Wireless security
Wireless securityWireless security
Wireless security
 
1, prevalent network threats and telecommunication security challenges and co...
1, prevalent network threats and telecommunication security challenges and co...1, prevalent network threats and telecommunication security challenges and co...
1, prevalent network threats and telecommunication security challenges and co...
 
imsipmultimediasubsystempresent-101117110625-phpapp01.ppt
imsipmultimediasubsystempresent-101117110625-phpapp01.pptimsipmultimediasubsystempresent-101117110625-phpapp01.ppt
imsipmultimediasubsystempresent-101117110625-phpapp01.ppt
 
76 s201919
76 s20191976 s201919
76 s201919
 
Effects of SIP in Interoperable LMR/Cellular Heterogeneous Mobile Wireless N...
Effects of SIP in Interoperable LMR/Cellular Heterogeneous Mobile Wireless N...Effects of SIP in Interoperable LMR/Cellular Heterogeneous Mobile Wireless N...
Effects of SIP in Interoperable LMR/Cellular Heterogeneous Mobile Wireless N...
 
A Review Of IP And MAC Address Filtering In Wireless Network Security
A Review Of IP And MAC Address Filtering In Wireless Network SecurityA Review Of IP And MAC Address Filtering In Wireless Network Security
A Review Of IP And MAC Address Filtering In Wireless Network Security
 
osi-tcp.ppt
osi-tcp.pptosi-tcp.ppt
osi-tcp.ppt
 
A Review of IP and MAC Address Filtering in Wireless Network Security
A Review of IP and MAC Address Filtering in Wireless Network SecurityA Review of IP and MAC Address Filtering in Wireless Network Security
A Review of IP and MAC Address Filtering in Wireless Network Security
 
Chapter 4Networks for EfficientOperations andSustainabilit.docx
Chapter 4Networks for EfficientOperations andSustainabilit.docxChapter 4Networks for EfficientOperations andSustainabilit.docx
Chapter 4Networks for EfficientOperations andSustainabilit.docx
 
F0353743
F0353743F0353743
F0353743
 
osi-tcp ppt 1.pptx........................
osi-tcp ppt 1.pptx........................osi-tcp ppt 1.pptx........................
osi-tcp ppt 1.pptx........................
 
Cryptography and network security.
Cryptography and network security.Cryptography and network security.
Cryptography and network security.
 
Security-aware fair transmission scheme for 802.11 based cognitive IoT
Security-aware fair transmission scheme for 802.11 based cognitive IoT Security-aware fair transmission scheme for 802.11 based cognitive IoT
Security-aware fair transmission scheme for 802.11 based cognitive IoT
 
SYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introductionSYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introduction
 
COMPUTER NETWORKS NOTES.pdf
COMPUTER NETWORKS NOTES.pdfCOMPUTER NETWORKS NOTES.pdf
COMPUTER NETWORKS NOTES.pdf
 
COMPUTER NETWORKS NOTES usefull for computer and elctronics students
COMPUTER NETWORKS NOTES usefull for computer and elctronics studentsCOMPUTER NETWORKS NOTES usefull for computer and elctronics students
COMPUTER NETWORKS NOTES usefull for computer and elctronics students
 
NOS Unit.pdf
NOS Unit.pdfNOS Unit.pdf
NOS Unit.pdf
 

Lawful Interception Case Studies for ISS Solutions

  • 1. Special Topic of Telecommunication Network Chapter 7 Case Studies for ISS Solutions Aris Cahyadi Risdianto 23210016
  • 2. Case Study 1: Wireline Voice Intercept and Surveillance Solutions from Lucent Technologies
  • 3. Case Study 1: Wireline Voice Intercept and Surveillance Solutions from Lucent Technologies CALEA function provide by TSP •Access: network entity intercepts and reports call data and/content to LEA •Delivery: network platform provide interface to LEAs for delivery of call content/data •Administration: capability that establishes and maintains surveillance with TSP Level of Surveillance •Level I — call related information: Only call-identifying information (CII) is reported, and it is intended to satisfy pen register and trap and trace court orders. •Level II — call and content related information: The intent is to satisfy a Title-III court order.
  • 4. Case Study 1: Wireline Voice Intercept and Surveillance Solutions from Lucent Technologies CALEA Interfaces (SAS, CDC, and CCC)  Surveillance administration system (SAS) for provisioning using existing 5ESS TTY ports  CDC for reporting CII (CDC messages) from the switch to the LEA  CCC for delivering call content from the switch to the LEA Conclusions  J-STD-025 compliance : allowing TSPs to meet their obligations under CALEA  Flexibility: Different LEAs in different locations may require different CALEA interfaces  Cost: Integrated delivery function and dial-out capability significantly reduced the costs  Evolution: Current 5ESS CALEA solution can be adapted to future technologies without any effect
  • 5. Case Study 2: Lawful Interception in CDMA Wireless IP Networks from SS8 Networks
  • 6. Case Study 2: Lawful Interception in CDMA Wireless IP Networks from SS8 Networks
  • 7. Case Study 2: Lawful Interception in CDMA Wireless IP Networks from SS8 Networks Reference Function  AF through IAP responsible for providing access to an intercept subject’s communications and CII.  DF is responsible for delivering intercepted communications and CII to collection functions.  CF is responsible for collecting lawfully authorized intercepted communications and CII for an LEA. CF handle by the LEA IAP on the CDMA 2000 Packet Data Network  AAA (IAP for CII)  PDSN (call-content IAP for simple IP)  HA (call-content IAP for mobile IP)
  • 8. Case Study 2: Lawful Interception in CDMA Wireless IP Networks from SS8 Networks Typical call flow scenarios are addressed  Scenario 1: Intercept Provisioning, Target Not Involved in Data Session  Scenario 2: Intercept Provisioning, Target Involved in Data Session  Scenario 3: Data Session Termination  Scenario 4: Intercept Expiration, Target Inactive  Scenario 5: Intercept Expiration, Target Active
  • 9. Case Study 3: LIs for 3G Networks Using ALIS Uses of 3G Technology and Implications for Lawful Interception  Voice, increasing proportion of LI requests from LEAs because increasing amount of voice traffic as users migrate from wireline to wireless services.  SMS, LI will have to address growing use of the service among interception targets.  General Internet connectivity, added complication of the mobility of the target, the proportion of Internet communications over mobile networks will grow because more "safer" for crimininals and variety of devices with which to communicate (modem, PDA, etc)  High-speed photo and video clip upload and download, LI need to be prepared to intercept video and still imagery in against abusers.  Multimedia games, LI tracking users and sources of games involving illicit thematic material (child pornography, gambling, and hate targeting).  VoIP, VoIP traffic raises a number of technical and legal issues that cannot be ignored.
  • 10. Case Study 3: LIs for 3G Networks Using ALIS Lawful Interception in 3G Networks  Figure 7.16 and Figure 7.17, give visualization of where to capture call data (IRI) and call content and also where LI management functions flow.  Figure 7.18, provide a closer view of interception topology in 3G networks (sufficiently general to include cdma2000) for circuit- switched network operations.  LI management commands are conveyed between the administrative function (ADMF) and other network elements via the X1 interface.  Intercepted call data (IRI) are conveyed via the X2 interface.  Intercepted call content is gathered via the X3 interface, and relayed to LEA using HI3.
  • 11. Case Study 3: LIs for 3G Networks Using ALIS
  • 12. Case Study 3: LIs for 3G Networks Using ALIS
  • 13. Case Study 3: LIs for 3G Networks Using ALIS
  • 14. Case Study 3: LIs for 3G Networks Using ALIS
  • 15. Case Study 3: LIs for 3G Networks Using ALIS ALIS in 3G Networks  Implementation of ALIS as a mediation platform in a UMTS and cdma2000 network shown in Figure 7.20 and Figure 7.21  Important are the call data, call content, and LI management paths leading from ALIS-D and ALIS-M to the appropriate network elements and functions. Conclusions  The processes are delineated by architectures, such as specified by ETSI, 3GPP, and ANSI, that facilitate systematic implementations and provisioning of LI systems.  The challenges to lawful interception remain, including the need to support a diversity of services, vendor technologies, wireless networking technologies, voice, and a multiplicity of high-speed data services.
  • 16. Case Study 3: LIs for 3G Networks Using ALIS
  • 17. Case Study 3: LIs for 3G Networks Using ALIS
  • 18. Case Study 4: Lawful Interception for IP Networks Using ALIS Interception of Internet traffic involves complications  Target source and destination identities embedded on overall data flow  Target and non-target data are mixed at numerous IP circuits and network elements  Many parties involved in transporting data (access, transport, core)  Current laws on how to handle Internet interception are not clear.  Separation of applications and data from the flow are difficult  There is a lack of standards implementation
  • 19. Case Study 4: Lawful Interception for IP Networks Using ALIS IP Interception Examples (Internet Access)  Internet Access Target Identification : LEA must coordinate interception activities with the TSP, regarding IP addresses which assigned through DHCP (including AAA) and fixed IP addresses assigned to customers business (T1, xDSL, etc). Others identifiers (username, ethernet address, Dial-in calling number identity, etc)  Collected Data (IRI) : Identity target, service and access, time of access success or denied, access location, etc. This data delivered to LEA through HI3 interfaces, but make sure LEA not become IP address spoofing  Lawful Interception Configurations for Network Access (shown in Figure 7.24a to Figure 7.24d) : interception points implement internal interception by applying probes or networking interfaces to local networks,access loops, routers, gateways, AAA functions, and so forth
  • 20. Case Study 4: Lawful Interception for IP Networks Using ALIS
  • 21. Case Study 4: Lawful Interception for IP Networks Using ALIS
  • 22. Case Study 4: Lawful Interception for IP Networks Using ALIS
  • 23. Case Study 4: Lawful Interception for IP Networks Using ALIS
  • 24. Case Study 4: Lawful Interception for IP Networks Using ALIS IP Interception Examples (Email)  Collected Data (IRI) : Server IP, Client IP, Server port, Client port, E- mail protocol ID, E-mail sender, E-mail recipient list, Total recipient count, Server octets sent, Client octets sent, Message ID, Status.  Internal interception take place in the context of any e-mail server to identify targeted e-mail traffic and route the corresponding call data (CD) information to the mediation platform  LEAs as well must deal with spam to ensure not receive modified header on the email, use reverse DNS lookup practices to authenticate the origination of an e-mail, and subscribe to the e-mail blacklists for spam prevention.
  • 25. Case Study 4: Lawful Interception for IP Networks Using ALIS
  • 26. Case Study 4: Lawful Interception for IP Networks Using ALIS IP Interception Examples (VoIP)  Call control events : answer and origination target, release and terminated attempt.  Signaling events : Dialed digit extraction/DDE (captured extra digit after call connected), Direct signal reporting (signaling message), Network signal (activity network for provide signal), Subject Signal (signal initiate features)  Feature use events : signaling associated with conference calling, call transfer, and other call feature  Registration events : occur when the target provides address information to the VoIP network
  • 27. Case Study 4: Lawful Interception for IP Networks Using ALIS
  • 28. Case Study 4: Lawful Interception for IP Networks Using ALIS ALIS for IP  ALIS Internet access (Figure 7.28) : data information is extracted from RADIUS server and access termination point (CMTS, DSLAM, or modem pool). An internal intercept function (IIF) in a router replicates call content to and from the target and sends this data to ALIS-D.  ALIS mediation platform for e-mail (Figure 7.29) : Relevant e-mail header and other protocol information captured directly from the e- mail server as call data and routed to ALIS-D for reformatting and delivery to the LEA, while contents of e-mail messages routed to ALIS-D as call content.  ALIS for VoIP Calling (Figure 7.30) : ALIS-M sets triggering events for relevant network equipment, including the call agent (gatekeeper, SIP server, gateway, etc.) and routers assigned to capture data flow. Call data information is extracted via internal interception and sent to ALIS- D for processing.
  • 29. Case Study 4: Lawful Interception for IP Networks Using ALIS
  • 30. Case Study 4: Lawful Interception for IP Networks Using ALIS
  • 31. Case Study 4: Lawful Interception for IP Networks Using ALIS
  • 32. Case Study 6: Monitoring and Logging Activities Features of monitoring and logging for conducting LIs: ● Site-usage analysis: provides an understanding of how visitors (target) interact with Web sites ● Site-user analysis: particular messages to increase the likelihood that site visitors (targets) will be interested on web site information ● Site-content analysis: analyzes the content and structure of Web sites that may help indirectly with recognizing usage patterns Features and Attributes of Monitoring and Logging Tools ● Monitoring devices used at distributed locations ● Monitors are passively measuring the traffic in the network segments ● Data-capturing technique is also very important (location of probe, capturing schedule, location of logs) ● Intelligent filtering during collection and data compression/compaction ● Management of log files is very important (automatic log cycling, Visitors clustered) ● Predefined reports (template) and scheduler report
  • 33. Case Study 6: Monitoring and Logging Activities IP Monitoring System (IMS) from GTEN AG ● Data Collection and Filtering Subsystem : deployed in strategic field with DCFD as for target monitoring based on log-in identification. ● Mass Storage Subsystem : file server acting as the mass storage which receive pre-filtered data from data collection and filter subsystem manually or automatic triggered. ● Data Re-Creation and Analysis Subsystem : recorded data viewed by standard browser (example e-mail displayed in e-mail format and an Internet page displayed as Internet page) including WWW sessions, FTP transfer, Email, Chat, Radius, etc. Typical Monitoring Applications ● Web-Site Monitoring : collect all traffic moving to and from a particular Web site, which done by wiretaps on Internet line and on Radius Server connection in order to correlate data recorded. ● Target Monitoring : monitored target must have unique ID (fixed IP address or user ID in RADIUS server), which DCFD sniff the all the packet after retrieves assigned IP address from RADIUS.
  • 34. Case Study 6: Monitoring and Logging Activities
  • 35. Case Study 9: MC Case Examples from Siemens AG Fixed Network — PSTN ● Network Protocols : E1 to network switches and EDSS1 line protocol. ● Network Switches : Any manufacturer switch comply to ETSI standard such as Siemens, Ericsson, Alcatel, and Nokia switches. ● Interception and Recording Modes : can be setup as mono or stereo, and compression mode to save space ● Types of Interception : conversation, call-related information, DTMF transmission, SMS, Fax, and modem ● Interception Management Systems : Any IMS comply ETSI standard such as Siemens LIOS, Utimaco IMS, Ericsson IMS, and Alcatel IMS Mobile Network — GSM ● Feature highlights are identical with intercepting fixed networks. ● Add-On Systems : location of the mobile cell is known through GIS
  • 36. Case Study 9: MC Case Examples from Siemens AG
  • 37. Case Study 9: MC Case Examples from Siemens AG
  • 38. Case Study 9: MC Case Examples from Siemens AG Mobile Networks — GPRS/UMTS ● Network Protocols : E1 to network switches and EDSS1 line protocol. ● Network Switches : Any manufacturer switch comply to ETSI standard ● Interception Types : IP traffic on the packet-switch ● Add-On Systems : based on current location information can indicate the direction of travel ● Feature Highlights : IP traffic with the attributes read, view, navigate entire Web, e-mail, FTP, and chat sessions. Internet Monitoring ● Data Collectors : data collectors to connect points on the Internet to intercept ● Internet Applications : all IP traffic with decoding support for Web, Email (SMTP, POP3, Webmail), and Chat (IRC) ● Internet Access Points : collectors to any IP source such as GPRS switches, ISP SPAN ports, Internet backbone links, orInternet core computers ● Physical Interfaces : support many physical interfaces include Ethernet 100 Mbps, Ethernet 1000 Mbps, and OC3 ● Filtering : applied by the MC mediation device to collector, and filters IP data ● Back-End Internet Applications : operator can replay visited Web sites and viewed Web pages by the target user ● Interception Management Features : offered a single unified set of interception management features
  • 39. Case Study 9: MC Case Examples from Siemens AG
  • 40. Case Study 9: MC Case Examples from Siemens AG
  • 41. Conclusion Case studies, in addition to the necessary level of awareness regarding product features, can help provide an understanding of how to deal with practical solutions. This chapter has addressed nine different cases — with some overlaps — that represent actual telecommunications services and products. These case studies, e.g., for wireless networks, packet data applications and VoIP, show that there are no technological barriers to lawful interception activities