SlideShare a Scribd company logo

Lifting the Lid on Lawful Intercept

Lifting the Lid on Lawful Intercept

1 of 26
Download to read offline
Lifting the Lid on Lawful Intercept
Shane Alcock
University of Waikato
New Zealand
shane.alcock@waikato.ac.nz
© The University of Waikato • Te Whare Wānanga o Waikato
Introductions
● Research Programmer at the University of Waikato
○ Specialist in packet capture and analysis
○ Most of my work ends up as open source
○ Recently, developing software to assist with lawful intercept
● Unlike other LI experts...
○ I don’t work in law enforcement
○ I don’t work for a commercial LI vendor
○ I can be much more transparent about the LI process
© The University of Waikato • Te Whare Wānanga o Waikato
Lawful Intercept (LI)
● Legal and authorised interception of telecommunications
○ Mandated by governments
○ Aim is to investigate or prevent criminal activity
● Requested by Law Enforcement Agencies (LEAs)
○ Police, Intelligence Services, National security agencies
● Actioned by network operators
© The University of Waikato • Te Whare Wānanga o Waikato
Lawful Intercept (LI)
● Targeted at a specific user
● Supported by a lawfully issued warrant
● Severe penalties for failure to comply
○ Be prepared ahead of time!
© The University of Waikato • Te Whare Wānanga o Waikato
Lawful Intercept (LI)
LEA Network
Operator
Warrant
© The University of Waikato • Te Whare Wānanga o Waikato
Lawful Intercept (LI)
Warrant
Configuration
LI System
Ad

Recommended

China Telecom Global
China Telecom GlobalChina Telecom Global
China Telecom GlobalEdwin Woo
 
Internet Landscape in Thailand by Kittinan Sriprasert & Viraphan Smadi
Internet Landscape in Thailand by Kittinan Sriprasert & Viraphan SmadiInternet Landscape in Thailand by Kittinan Sriprasert & Viraphan Smadi
Internet Landscape in Thailand by Kittinan Sriprasert & Viraphan SmadiMyNOG
 
Peering Personals @ Peering Asia 3.0
Peering Personals @ Peering Asia 3.0Peering Personals @ Peering Asia 3.0
Peering Personals @ Peering Asia 3.0MyNOG
 
China Telecom Americas - General Overview
China Telecom Americas - General OverviewChina Telecom Americas - General Overview
China Telecom Americas - General OverviewBrian Trentacost
 
2017 China Telecom Presentation
2017 China Telecom Presentation2017 China Telecom Presentation
2017 China Telecom PresentationJY Tian
 
Content Localization Exercise in Telekom Malaysia by MUSLINA DEVI Nurhemdi
Content Localization Exercise in Telekom Malaysia by MUSLINA DEVI NurhemdiContent Localization Exercise in Telekom Malaysia by MUSLINA DEVI Nurhemdi
Content Localization Exercise in Telekom Malaysia by MUSLINA DEVI NurhemdiMyNOG
 

More Related Content

What's hot

China Telecom - China Data Centers
China Telecom - China Data CentersChina Telecom - China Data Centers
China Telecom - China Data CentersBrian Trentacost
 
Hitrail: The Hermes VPN Network for Railway Services
Hitrail: The Hermes VPN Network for Railway ServicesHitrail: The Hermes VPN Network for Railway Services
Hitrail: The Hermes VPN Network for Railway Servicesictseserv
 
The Future of Roaming
The Future of RoamingThe Future of Roaming
The Future of RoamingMark Phillips
 
Superloop Investor Presentation
Superloop Investor PresentationSuperloop Investor Presentation
Superloop Investor PresentationPranav Rao
 
Best Network Practices for DSL Deployment
Best Network Practices for DSL DeploymentBest Network Practices for DSL Deployment
Best Network Practices for DSL DeploymentGlobal MarCom & LeadGen
 
Colt Access Solution Presentation External 12 07 2011
Colt Access Solution Presentation   External   12 07 2011Colt Access Solution Presentation   External   12 07 2011
Colt Access Solution Presentation External 12 07 2011acaiani
 
Active sharing best practice for regulators
Active sharing best practice for regulatorsActive sharing best practice for regulators
Active sharing best practice for regulatorsColeago Consulting
 
China Unicom Global Profile
China Unicom Global ProfileChina Unicom Global Profile
China Unicom Global ProfileAbhijit Datey
 
MNO, MVNO, MVNA, MVNE: Different types of mobile operators
MNO, MVNO, MVNA, MVNE: Different types of mobile operatorsMNO, MVNO, MVNA, MVNE: Different types of mobile operators
MNO, MVNO, MVNA, MVNE: Different types of mobile operators3G4G
 
FTTx Panorama - Services & Positioning - Broadband World Forum 2013
FTTx Panorama - Services & Positioning - Broadband World Forum 2013FTTx Panorama - Services & Positioning - Broadband World Forum 2013
FTTx Panorama - Services & Positioning - Broadband World Forum 2013IDATE DigiWorld
 
Colt Backbone Solution Presentation External 12 07 2011
Colt Backbone Solution Presentation   External   12 07 2011Colt Backbone Solution Presentation   External   12 07 2011
Colt Backbone Solution Presentation External 12 07 2011acaiani
 
The 4G LTE Auction in Thailand
The 4G LTE Auction in ThailandThe 4G LTE Auction in Thailand
The 4G LTE Auction in ThailandYOZZO
 
Diversity
DiversityDiversity
Diversityswbuza
 
Port of rotterdam & Blockchain
Port of rotterdam & BlockchainPort of rotterdam & Blockchain
Port of rotterdam & BlockchainSajjad Khaksari
 
UK Spectrum Policy Forum - Report on future use of licence exempt radio spectrum
UK Spectrum Policy Forum - Report on future use of licence exempt radio spectrumUK Spectrum Policy Forum - Report on future use of licence exempt radio spectrum
UK Spectrum Policy Forum - Report on future use of licence exempt radio spectrumtechUK
 
Transport network strategies at Telekom Austria Group- January 2014
Transport network strategies at Telekom Austria Group- January 2014Transport network strategies at Telekom Austria Group- January 2014
Transport network strategies at Telekom Austria Group- January 2014Wi-Fi 360
 
Motivation of the New SI Proposal: Study on Licensed-Assisted Access using LTE
Motivation of the New SI Proposal:Study on Licensed-Assisted Access using LTEMotivation of the New SI Proposal:Study on Licensed-Assisted Access using LTE
Motivation of the New SI Proposal: Study on Licensed-Assisted Access using LTEYi-Hsueh Tsai
 

What's hot (19)

China Telecom - China Data Centers
China Telecom - China Data CentersChina Telecom - China Data Centers
China Telecom - China Data Centers
 
Hitrail: The Hermes VPN Network for Railway Services
Hitrail: The Hermes VPN Network for Railway ServicesHitrail: The Hermes VPN Network for Railway Services
Hitrail: The Hermes VPN Network for Railway Services
 
The Future of Roaming
The Future of RoamingThe Future of Roaming
The Future of Roaming
 
Superloop Investor Presentation
Superloop Investor PresentationSuperloop Investor Presentation
Superloop Investor Presentation
 
Best Network Practices for DSL Deployment
Best Network Practices for DSL DeploymentBest Network Practices for DSL Deployment
Best Network Practices for DSL Deployment
 
Colt Access Solution Presentation External 12 07 2011
Colt Access Solution Presentation   External   12 07 2011Colt Access Solution Presentation   External   12 07 2011
Colt Access Solution Presentation External 12 07 2011
 
Active sharing best practice for regulators
Active sharing best practice for regulatorsActive sharing best practice for regulators
Active sharing best practice for regulators
 
China Unicom Global Profile
China Unicom Global ProfileChina Unicom Global Profile
China Unicom Global Profile
 
MNO, MVNO, MVNA, MVNE: Different types of mobile operators
MNO, MVNO, MVNA, MVNE: Different types of mobile operatorsMNO, MVNO, MVNA, MVNE: Different types of mobile operators
MNO, MVNO, MVNA, MVNE: Different types of mobile operators
 
FTTx Panorama - Services & Positioning - Broadband World Forum 2013
FTTx Panorama - Services & Positioning - Broadband World Forum 2013FTTx Panorama - Services & Positioning - Broadband World Forum 2013
FTTx Panorama - Services & Positioning - Broadband World Forum 2013
 
FTC6 Olivier Breton Level3 resolving Frogans addresses worldwide 2016/02/16
FTC6 Olivier Breton Level3 resolving Frogans addresses worldwide 2016/02/16FTC6 Olivier Breton Level3 resolving Frogans addresses worldwide 2016/02/16
FTC6 Olivier Breton Level3 resolving Frogans addresses worldwide 2016/02/16
 
Colt Backbone Solution Presentation External 12 07 2011
Colt Backbone Solution Presentation   External   12 07 2011Colt Backbone Solution Presentation   External   12 07 2011
Colt Backbone Solution Presentation External 12 07 2011
 
The 4G LTE Auction in Thailand
The 4G LTE Auction in ThailandThe 4G LTE Auction in Thailand
The 4G LTE Auction in Thailand
 
Diversity
DiversityDiversity
Diversity
 
Port of rotterdam & Blockchain
Port of rotterdam & BlockchainPort of rotterdam & Blockchain
Port of rotterdam & Blockchain
 
NBTC over view
NBTC over viewNBTC over view
NBTC over view
 
UK Spectrum Policy Forum - Report on future use of licence exempt radio spectrum
UK Spectrum Policy Forum - Report on future use of licence exempt radio spectrumUK Spectrum Policy Forum - Report on future use of licence exempt radio spectrum
UK Spectrum Policy Forum - Report on future use of licence exempt radio spectrum
 
Transport network strategies at Telekom Austria Group- January 2014
Transport network strategies at Telekom Austria Group- January 2014Transport network strategies at Telekom Austria Group- January 2014
Transport network strategies at Telekom Austria Group- January 2014
 
Motivation of the New SI Proposal: Study on Licensed-Assisted Access using LTE
Motivation of the New SI Proposal:Study on Licensed-Assisted Access using LTEMotivation of the New SI Proposal:Study on Licensed-Assisted Access using LTE
Motivation of the New SI Proposal: Study on Licensed-Assisted Access using LTE
 

Similar to Lifting the Lid on Lawful Intercept

Blockchain Technology - Week 4 - Hyperledger and Smart Contracts
Blockchain Technology - Week 4 - Hyperledger and Smart ContractsBlockchain Technology - Week 4 - Hyperledger and Smart Contracts
Blockchain Technology - Week 4 - Hyperledger and Smart ContractsFerdin Joe John Joseph PhD
 
Blockchain and government opportunities
Blockchain and government opportunitiesBlockchain and government opportunities
Blockchain and government opportunitiesSusan Dart
 
Janet and The Cloud / Sky - Universities driving value from Guest Wi-Fi
Janet and The Cloud / Sky - Universities driving value from Guest Wi-FiJanet and The Cloud / Sky - Universities driving value from Guest Wi-Fi
Janet and The Cloud / Sky - Universities driving value from Guest Wi-FiThomas Aspinall
 
20190626 eu blockchain_how europe supports blockcahcin (cv conference) (1)
20190626 eu blockchain_how europe supports blockcahcin (cv conference) (1)20190626 eu blockchain_how europe supports blockcahcin (cv conference) (1)
20190626 eu blockchain_how europe supports blockcahcin (cv conference) (1)Tom Lyons
 
Unit 1 IoT Fundamentals.pdf
Unit 1 IoT Fundamentals.pdfUnit 1 IoT Fundamentals.pdf
Unit 1 IoT Fundamentals.pdfZoyaAli844417
 
PITA 22: Addressing interconnection and security in the Pacific
PITA 22: Addressing interconnection and security in the PacificPITA 22: Addressing interconnection and security in the Pacific
PITA 22: Addressing interconnection and security in the PacificAPNIC
 
TTBizLink Project, Trinidad And Tobago
TTBizLink Project, Trinidad And TobagoTTBizLink Project, Trinidad And Tobago
TTBizLink Project, Trinidad And TobagoUNDP India
 
Isoc bishkek 2015 11-25
Isoc bishkek 2015 11-25Isoc bishkek 2015 11-25
Isoc bishkek 2015 11-25ISOC-KG
 
Trust and identity - enabling intra- and inter-organisational authentication ...
Trust and identity - enabling intra- and inter-organisational authentication ...Trust and identity - enabling intra- and inter-organisational authentication ...
Trust and identity - enabling intra- and inter-organisational authentication ...Jisc
 
Julie Marguerite - Tefis open calls (fia dec 2010)
Julie Marguerite - Tefis open calls  (fia dec 2010)Julie Marguerite - Tefis open calls  (fia dec 2010)
Julie Marguerite - Tefis open calls (fia dec 2010)FIA2010
 
Understanding blockchains
Understanding blockchainsUnderstanding blockchains
Understanding blockchainsLen Bass
 
Opening plenary session - Day one Networkshop46
Opening plenary session - Day one Networkshop46Opening plenary session - Day one Networkshop46
Opening plenary session - Day one Networkshop46Jisc
 
SDN evolution: the view from academia. Dr Brendan Jennings, TSSG
SDN evolution: the view from academia. Dr Brendan Jennings, TSSGSDN evolution: the view from academia. Dr Brendan Jennings, TSSG
SDN evolution: the view from academia. Dr Brendan Jennings, TSSGWalton Institute
 
COMIT community day summer 2018 - main slides
COMIT community day summer 2018 - main slidesCOMIT community day summer 2018 - main slides
COMIT community day summer 2018 - main slidesComit Projects Ltd
 
IOT_module_3.pdf
IOT_module_3.pdfIOT_module_3.pdf
IOT_module_3.pdfAmitH42
 
Cyber Security Practices and Future Plan: Real Scenario in ISPs In Nepal
Cyber Security Practices and Future Plan: Real Scenario in ISPs In NepalCyber Security Practices and Future Plan: Real Scenario in ISPs In Nepal
Cyber Security Practices and Future Plan: Real Scenario in ISPs In NepalICT Frame Magazine Pvt. Ltd.
 

Similar to Lifting the Lid on Lawful Intercept (20)

Blockchain Technology - Week 4 - Hyperledger and Smart Contracts
Blockchain Technology - Week 4 - Hyperledger and Smart ContractsBlockchain Technology - Week 4 - Hyperledger and Smart Contracts
Blockchain Technology - Week 4 - Hyperledger and Smart Contracts
 
Blockchain and government opportunities
Blockchain and government opportunitiesBlockchain and government opportunities
Blockchain and government opportunities
 
Janet and The Cloud / Sky - Universities driving value from Guest Wi-Fi
Janet and The Cloud / Sky - Universities driving value from Guest Wi-FiJanet and The Cloud / Sky - Universities driving value from Guest Wi-Fi
Janet and The Cloud / Sky - Universities driving value from Guest Wi-Fi
 
20190626 eu blockchain_how europe supports blockcahcin (cv conference) (1)
20190626 eu blockchain_how europe supports blockcahcin (cv conference) (1)20190626 eu blockchain_how europe supports blockcahcin (cv conference) (1)
20190626 eu blockchain_how europe supports blockcahcin (cv conference) (1)
 
Unit 1 IoT Fundamentals.pdf
Unit 1 IoT Fundamentals.pdfUnit 1 IoT Fundamentals.pdf
Unit 1 IoT Fundamentals.pdf
 
PITA 22: Addressing interconnection and security in the Pacific
PITA 22: Addressing interconnection and security in the PacificPITA 22: Addressing interconnection and security in the Pacific
PITA 22: Addressing interconnection and security in the Pacific
 
TTBizLink Project, Trinidad And Tobago
TTBizLink Project, Trinidad And TobagoTTBizLink Project, Trinidad And Tobago
TTBizLink Project, Trinidad And Tobago
 
Isoc bishkek 2015 11-25
Isoc bishkek 2015 11-25Isoc bishkek 2015 11-25
Isoc bishkek 2015 11-25
 
Trust and identity - enabling intra- and inter-organisational authentication ...
Trust and identity - enabling intra- and inter-organisational authentication ...Trust and identity - enabling intra- and inter-organisational authentication ...
Trust and identity - enabling intra- and inter-organisational authentication ...
 
Julie Marguerite - Tefis open calls (fia dec 2010)
Julie Marguerite - Tefis open calls  (fia dec 2010)Julie Marguerite - Tefis open calls  (fia dec 2010)
Julie Marguerite - Tefis open calls (fia dec 2010)
 
chapter-1_iot.pptx
chapter-1_iot.pptxchapter-1_iot.pptx
chapter-1_iot.pptx
 
IOT UNIT 1B.ppt
IOT UNIT 1B.pptIOT UNIT 1B.ppt
IOT UNIT 1B.ppt
 
intro to iot.pdf
intro to iot.pdfintro to iot.pdf
intro to iot.pdf
 
Understanding blockchains
Understanding blockchainsUnderstanding blockchains
Understanding blockchains
 
The I in Internet of Things: Implications for the Global Open Internet
The I in Internet of Things: Implications for the Global Open InternetThe I in Internet of Things: Implications for the Global Open Internet
The I in Internet of Things: Implications for the Global Open Internet
 
Opening plenary session - Day one Networkshop46
Opening plenary session - Day one Networkshop46Opening plenary session - Day one Networkshop46
Opening plenary session - Day one Networkshop46
 
SDN evolution: the view from academia. Dr Brendan Jennings, TSSG
SDN evolution: the view from academia. Dr Brendan Jennings, TSSGSDN evolution: the view from academia. Dr Brendan Jennings, TSSG
SDN evolution: the view from academia. Dr Brendan Jennings, TSSG
 
COMIT community day summer 2018 - main slides
COMIT community day summer 2018 - main slidesCOMIT community day summer 2018 - main slides
COMIT community day summer 2018 - main slides
 
IOT_module_3.pdf
IOT_module_3.pdfIOT_module_3.pdf
IOT_module_3.pdf
 
Cyber Security Practices and Future Plan: Real Scenario in ISPs In Nepal
Cyber Security Practices and Future Plan: Real Scenario in ISPs In NepalCyber Security Practices and Future Plan: Real Scenario in ISPs In Nepal
Cyber Security Practices and Future Plan: Real Scenario in ISPs In Nepal
 

More from Bangladesh Network Operators Group

Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephAccelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephBangladesh Network Operators Group
 
Contents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceContents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceBangladesh Network Operators Group
 
Re-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaRe-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaBangladesh Network Operators Group
 

More from Bangladesh Network Operators Group (20)

Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and CephAccelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
Accelerating Hyper-Converged Enterprise Virtualization using Proxmox and Ceph
 
Recent IRR changes by Yoshinobu Matsuzaki, IIJ
Recent IRR changes by Yoshinobu Matsuzaki, IIJRecent IRR changes by Yoshinobu Matsuzaki, IIJ
Recent IRR changes by Yoshinobu Matsuzaki, IIJ
 
Fact Sheets : Network Status in Bangladesh
Fact Sheets : Network Status in BangladeshFact Sheets : Network Status in Bangladesh
Fact Sheets : Network Status in Bangladesh
 
AI Driven Wi-Fi for the Bottom of the Pyramid
AI Driven Wi-Fi for the Bottom of the PyramidAI Driven Wi-Fi for the Bottom of the Pyramid
AI Driven Wi-Fi for the Bottom of the Pyramid
 
IPv6 Security Overview by QS Tahmeed, APNIC RCT
IPv6 Security Overview by QS Tahmeed, APNIC RCTIPv6 Security Overview by QS Tahmeed, APNIC RCT
IPv6 Security Overview by QS Tahmeed, APNIC RCT
 
Network eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life ProductNetwork eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life Product
 
A plenarily integrated SIEM solution and it’s Deployment
A plenarily integrated SIEM solution and it’s DeploymentA plenarily integrated SIEM solution and it’s Deployment
A plenarily integrated SIEM solution and it’s Deployment
 
IPv6 Deployment in South Asia 2022
IPv6 Deployment in South Asia  2022IPv6 Deployment in South Asia  2022
IPv6 Deployment in South Asia 2022
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)
 
RPKI Deployment Status in Bangladesh
RPKI Deployment Status in BangladeshRPKI Deployment Status in Bangladesh
RPKI Deployment Status in Bangladesh
 
An Overview about open UDP Services
An Overview about open UDP ServicesAn Overview about open UDP Services
An Overview about open UDP Services
 
12 Years in DNS Security As a Defender
12 Years in DNS Security As a Defender12 Years in DNS Security As a Defender
12 Years in DNS Security As a Defender
 
Contents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceContents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User Experience
 
BdNOG-20220625-MT-v6.0.pptx
BdNOG-20220625-MT-v6.0.pptxBdNOG-20220625-MT-v6.0.pptx
BdNOG-20220625-MT-v6.0.pptx
 
Route Leak Prevension with BGP Community
Route Leak Prevension with BGP CommunityRoute Leak Prevension with BGP Community
Route Leak Prevension with BGP Community
 
Tale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIXTale of a New Bangladeshi NIX
Tale of a New Bangladeshi NIX
 
MANRS for Network Operators
MANRS for Network OperatorsMANRS for Network Operators
MANRS for Network Operators
 
Re-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with GrafanaRe-define network visibility for capacity planning & forecasting with Grafana
Re-define network visibility for capacity planning & forecasting with Grafana
 
RPKI ROA updates
RPKI ROA updatesRPKI ROA updates
RPKI ROA updates
 
Blockchain Demystified
Blockchain DemystifiedBlockchain Demystified
Blockchain Demystified
 

Recently uploaded

Augmented and Mixed Reality Solutions for Frontline Medical Professionals
Augmented and Mixed Reality Solutions for Frontline Medical ProfessionalsAugmented and Mixed Reality Solutions for Frontline Medical Professionals
Augmented and Mixed Reality Solutions for Frontline Medical Professionalsthirdeyegen65
 
history of tau gamma architect.1968.....
history of tau gamma architect.1968.....history of tau gamma architect.1968.....
history of tau gamma architect.1968.....josephiigo
 
Obstructive jaundice is a medical condition characterized by the yellowing of...
Obstructive jaundice is a medical condition characterized by the yellowing of...Obstructive jaundice is a medical condition characterized by the yellowing of...
Obstructive jaundice is a medical condition characterized by the yellowing of...ssuser7b7f4e
 
Model Jaringan network jaringan komputer.pdf
Model Jaringan network jaringan komputer.pdfModel Jaringan network jaringan komputer.pdf
Model Jaringan network jaringan komputer.pdfgalfinprihardiputra0
 
UGB INTERNETBANKING FACILITY LAUNCHED.pptx
UGB INTERNETBANKING FACILITY LAUNCHED.pptxUGB INTERNETBANKING FACILITY LAUNCHED.pptx
UGB INTERNETBANKING FACILITY LAUNCHED.pptxRitesh Sahu
 
Modern Red Teaming - subverting mature defenses on a budget
Modern Red Teaming - subverting mature defenses on a budgetModern Red Teaming - subverting mature defenses on a budget
Modern Red Teaming - subverting mature defenses on a budgetmatt806068
 
Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023Damar Juniarto
 
AWS Overview of AWS Clarify, Feature Store, Hyper parameter Tuning
AWS Overview of AWS  Clarify, Feature Store, Hyper parameter TuningAWS Overview of AWS  Clarify, Feature Store, Hyper parameter Tuning
AWS Overview of AWS Clarify, Feature Store, Hyper parameter TuningVarun Garg
 
Augmented and Mixed Reality Solutions for Aerospace & Defense
Augmented and Mixed Reality Solutions for Aerospace & DefenseAugmented and Mixed Reality Solutions for Aerospace & Defense
Augmented and Mixed Reality Solutions for Aerospace & Defensethirdeyegen65
 
Red shadows ringing in Japan's Cyberspace
Red shadows ringing in Japan's CyberspaceRed shadows ringing in Japan's Cyberspace
Red shadows ringing in Japan's Cyberspacesttyk
 

Recently uploaded (10)

Augmented and Mixed Reality Solutions for Frontline Medical Professionals
Augmented and Mixed Reality Solutions for Frontline Medical ProfessionalsAugmented and Mixed Reality Solutions for Frontline Medical Professionals
Augmented and Mixed Reality Solutions for Frontline Medical Professionals
 
history of tau gamma architect.1968.....
history of tau gamma architect.1968.....history of tau gamma architect.1968.....
history of tau gamma architect.1968.....
 
Obstructive jaundice is a medical condition characterized by the yellowing of...
Obstructive jaundice is a medical condition characterized by the yellowing of...Obstructive jaundice is a medical condition characterized by the yellowing of...
Obstructive jaundice is a medical condition characterized by the yellowing of...
 
Model Jaringan network jaringan komputer.pdf
Model Jaringan network jaringan komputer.pdfModel Jaringan network jaringan komputer.pdf
Model Jaringan network jaringan komputer.pdf
 
UGB INTERNETBANKING FACILITY LAUNCHED.pptx
UGB INTERNETBANKING FACILITY LAUNCHED.pptxUGB INTERNETBANKING FACILITY LAUNCHED.pptx
UGB INTERNETBANKING FACILITY LAUNCHED.pptx
 
Modern Red Teaming - subverting mature defenses on a budget
Modern Red Teaming - subverting mature defenses on a budgetModern Red Teaming - subverting mature defenses on a budget
Modern Red Teaming - subverting mature defenses on a budget
 
Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023Regulation is Coming - Trusted Media Summit 2023
Regulation is Coming - Trusted Media Summit 2023
 
AWS Overview of AWS Clarify, Feature Store, Hyper parameter Tuning
AWS Overview of AWS  Clarify, Feature Store, Hyper parameter TuningAWS Overview of AWS  Clarify, Feature Store, Hyper parameter Tuning
AWS Overview of AWS Clarify, Feature Store, Hyper parameter Tuning
 
Augmented and Mixed Reality Solutions for Aerospace & Defense
Augmented and Mixed Reality Solutions for Aerospace & DefenseAugmented and Mixed Reality Solutions for Aerospace & Defense
Augmented and Mixed Reality Solutions for Aerospace & Defense
 
Red shadows ringing in Japan's Cyberspace
Red shadows ringing in Japan's CyberspaceRed shadows ringing in Japan's Cyberspace
Red shadows ringing in Japan's Cyberspace
 

Lifting the Lid on Lawful Intercept

  • 1. Lifting the Lid on Lawful Intercept Shane Alcock University of Waikato New Zealand shane.alcock@waikato.ac.nz
  • 2. © The University of Waikato • Te Whare Wānanga o Waikato Introductions ● Research Programmer at the University of Waikato ○ Specialist in packet capture and analysis ○ Most of my work ends up as open source ○ Recently, developing software to assist with lawful intercept ● Unlike other LI experts... ○ I don’t work in law enforcement ○ I don’t work for a commercial LI vendor ○ I can be much more transparent about the LI process
  • 3. © The University of Waikato • Te Whare Wānanga o Waikato Lawful Intercept (LI) ● Legal and authorised interception of telecommunications ○ Mandated by governments ○ Aim is to investigate or prevent criminal activity ● Requested by Law Enforcement Agencies (LEAs) ○ Police, Intelligence Services, National security agencies ● Actioned by network operators
  • 4. © The University of Waikato • Te Whare Wānanga o Waikato Lawful Intercept (LI) ● Targeted at a specific user ● Supported by a lawfully issued warrant ● Severe penalties for failure to comply ○ Be prepared ahead of time!
  • 5. © The University of Waikato • Te Whare Wānanga o Waikato Lawful Intercept (LI) LEA Network Operator Warrant
  • 6. © The University of Waikato • Te Whare Wānanga o Waikato Lawful Intercept (LI) Warrant Configuration LI System
  • 7. © The University of Waikato • Te Whare Wānanga o Waikato Lawful Intercept (LI) Warrant LI System Configuration AAA SIP IP
  • 8. © The University of Waikato • Te Whare Wānanga o Waikato Lawful Intercept (LI) Warrant LI System Configuration AAA SIP IP Meta-data (IRI) Communication Contents (CC)
  • 9. © The University of Waikato • Te Whare Wānanga o Waikato Standards ● Two widely recognised standards for LI ○ CALEA / ATIS: used in USA ○ ETSI: used almost everywhere else ● Not as simple as just sending a pcap to the LEA! ○ Standards ensure the intercept can withstand scrutiny in court
  • 10. © The University of Waikato • Te Whare Wānanga o Waikato ETSI Requirements ● Intercepted traffic must be streamed to LEAs in real time ○ Encrypted TCP sessions over public Internet ○ Closed physical connections for very sensitive intercepts
  • 11. © The University of Waikato • Te Whare Wānanga o Waikato ETSI Requirements ● Two separate handovers ○ Separate encrypted TCP session for each handover ○ One handover for meta-data ○ One for intercepted communications / packets
  • 12. © The University of Waikato • Te Whare Wānanga o Waikato ETSI Requirements ● Custom record format to label and sequence recorded data ○ Unique LIID provided by the LEA ○ Each session or call must also have a unique CIN ○ Sequence numbers per CIN to identify lost data ● Format is defined by many pages of ASN.1
  • 13. © The University of Waikato • Te Whare Wānanga o Waikato ETSI Requirements ● All communication by a target must be delivered to the LEA ○ No packet loss allowed ● Protect privacy of other network users ○ No interception of traffic for anyone other than the target
  • 14. © The University of Waikato • Te Whare Wānanga o Waikato ETSI Requirements ● Target cannot detect that the intercept is taking place ○ Communication must continue uninterrupted ○ No noticeable changes in routing or latency
  • 15. © The University of Waikato • Te Whare Wānanga o Waikato OpenLI ● Open source software for ETSI-compliant LI ○ Designed and maintained by me (mostly) ○ Low cost alternative to buying solutions from an LI vendor ○ Runs of Linux + commodity server hardware ○ Target audience: smaller operators ○ Deployed in production by operators in NZ ○ Can convert some network vendor LI formats into ETSI https://openli.nz
  • 16. © The University of Waikato • Te Whare Wānanga o Waikato IP Lawful Intercept with OpenLI Warrant REST API Requests AAA SIP Meta-data (IRI) Communication Contents (CC) OpenLI Provisioner OpenLI Collector OpenLI Mediator Intercept InstructionsAgency Details Intercepted Data
  • 17. © The University of Waikato • Te Whare Wānanga o Waikato OpenLI ● Multiple collectors can be distributed throughout a network ○ One per BNG or customer aggregation point ● Collector uses AAA protocols to determine target IP ○ Only intercepts packets for that session ○ Tracks dynamic IP changes ● Mediator is the only external-facing component ○ Makes outbound connections to the LEAs
  • 18. © The University of Waikato • Te Whare Wānanga o Waikato Alternatives ● Specialist LI vendors ○ Many companies offering LI solutions to choose from ○ Costs will be high and ongoing ○ Commercial-grade support ○ Provisioning and mediation included in the system ○ Good option for large carriers with money to spend
  • 19. © The University of Waikato • Te Whare Wānanga o Waikato Alternatives ● LI licenses for networking hardware ○ Cisco, Juniper, Nokia, etc. ○ Can be used for the collection phase ○ Still require a third-party mediator, as output is not ETSI compliant Image credit: Jim Bryson
  • 20. © The University of Waikato • Te Whare Wānanga o Waikato The LI Deployment Checklist ▢ Determine the LI standards that apply to your network ○ Enquire with the relevant LEAs ○ Is the ETSI standard required? ○ Choose a vendor that meets the required standard
  • 21. © The University of Waikato • Te Whare Wānanga o Waikato The LI Deployment Checklist ▢ Security of your LI platform ○ LI is very sensitive infrastructure ○ Some vendors may not be allowed in your region ○ Also consider if you trust certain vendors ○ Internal security plan ○ Control access to the LI provisioning system ○ Audit logs of intercepts created and halted
  • 22. © The University of Waikato • Te Whare Wānanga o Waikato The LI Deployment Checklist ▢ Budgeting ○ Who pays for the LI equipment and software? ○ Who pays for support and maintenance? ○ Account for time to learn, integrate and validate LI system
  • 23. © The University of Waikato • Te Whare Wānanga o Waikato The LI Deployment Checklist ▢ Testing and validation ○ How do you confirm that the LI system is working? ○ Internally -- is there a validation mechanism available ○ Coordination with LEAs to test production system ○ Plan for regular monitoring to detect disruption
  • 24. © The University of Waikato • Te Whare Wānanga o Waikato The LI Deployment Checklist ▢ Upkeep and support ○ LI systems will require continuous maintenance ○ Adapting to new technologies, e.g. 5G ○ Updating to conform to changes in standards ○ Again, who pays and what is the budget?
  • 25. © The University of Waikato • Te Whare Wānanga o Waikato Interested in OpenLI? ● Learn more: ○ https://openli.nz ○ https://github.com/wanduow/openli ○ Email: openli-support@waikato.ac.nz ● I would love to learn more about the LI situation here ○ Public information is scarce ○ Allow me to ensure OpenLI is compliant with LEA requirements ○ Conversations would be off the record
  • 26. © The University of Waikato • Te Whare Wānanga o Waikato Thank you! ● Questions?