Your search keyword '"Lawful interception"' showing total 227 results

1. Policy Recommendations for Combating New Trends in Drug Trafficking

Author

Makri, Freideriki, Dimitrakopoulou, Genny, Kapsalis, Nikolaos, Kokkinis, George, Akhgar, Babak, Series Editor, Gkotsis, Ilias, editor, Kavallieros, Dimitrios, editor, Stoianov, Nikolai, editor, Vrochidis, Stefanos, editor, and Diagourtas, Dimitrios, editor

Published

2025

2. Interrogating the standardisation of surveillance in 5G amid US–China competition.

Author

Becker, Christoph, ten Oever, Niels, and Nanni, Riccardo

Subjects

*INTERNET governance, *SOFTWARE development tools, *MEDIA studies, *TELECOMMUNICATION, EUROPE-United States relations

Abstract

In this article we show that the 5G competition between the United States and Western Europe versus China is not reflected in the standardisation of lawful interception (LI) technologies in the world's leading telecommunications standardisation body, the 3rd Generation Partnership Project (3GPP). Guided by the concept of infrastructure as a site and tool of political contestation, we develop a new approach to the study of Internet governance and standard-setting processes that leverages web scraping and computer-assisted document set discovery software tools. We bring these methods into conversation with theoretical approaches from material media studies, science and technology studies, and international relations. The 3GPP is the main telecommunications standardisation body and the only consortium developing standards to fulfil the ITU's criteria for the 5th generation of telecommunications technology (5G). The 3GPP therefore is a strategic venue to observe and interpret the politics of standardisation processes. As such, the LI-related work conducted in 3GPP exemplifies public and private actors' capacity to influence global surveillance standards and export their surveillance technologies. While European and United States governments engage in the standardisation of surveillance technologies, the Chinese government does not do this in the 3GPP. This fuels distrust in 5G technologies. We argue that further integration of China in standardisation could function as a trust-building measure. [ABSTRACT FROM AUTHOR]

Published

2024

3. The Attorney's Wiretapping Authority in Special Crimes and Military Crime Connection Cases.

Author

Wibisono, Danny K., HARIYANTI, DILLA, and Mugiati

Subjects

MILITARY crimes, LEGAL norms, LAWYERS, CRIMINAL investigation, EMBEZZLEMENT, MONEY laundering, CRIMINAL law

Abstract

The authority in lawful interception in the legal norms in force, in Indonesia today, can be exercised by Law Enforcement Officials (APH) and State Intelligence (IN). APH includes the Police, the Attorney General’s Office, the National Narcotics Agency, and the Corruption Eradication Commission, while the only state intelligence agency that has authority is the State Intelligence Agency. The Attorney General’s Office in accordance with legal norms has the authority to investigate general crimes in accordance with the material provisions of the Criminal Code (KUHP), special crimes according to provisions outside the Criminal Code, and military crimes in accordance with the provisions of military criminal law after the formation of the Junior Attorney General for Military Criminals ( Jampidmil). The Attorney General’s authority is to handle specific criminal acts related to corruption, gross human rights violations, money laundering, insubordination, use of unlawful force, theft, embezzlement, and other violations of law involving military personnel. This study will discuss the wiretapping authority of the Attorney General’s Office when dealing with special crimes, namely corruption and military crimes connected with terrorism so that the difference in wiretapping procedures can be seen in the handling of these two different crimes at the stages of investigation and prosecution. [ABSTRACT FROM AUTHOR]

Published

2024

4. Quantum Computing and Lawful Interception Applications

Author

Michail-Alexandros, Kourtis, George, Xilouris, Ioannis, Chochliouros, Anastasios, Kourtis, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Rocha, Álvaro, editor, Ferrás, Carlos, editor, and Ibarra, Waldo, editor

Published

2023

5. REMOTE SURVEILLANCE: A MEANS OF INTELLIGENCE GATHERING FOR MINIMIZING SECURITY CHALLENGES IN NIGERIA

Author

SHEHU, Anas, ALIYU KANGIWA, Hadiza, and SANI, Abubakar

Subjects

geospatial intelligence, national database, national security, lawful interception, soft wiretapping, sim card, Engineering (General). Civil engineering (General), TA1-2040, Electronic computers. Computer science, QA75.5-76.95

Abstract

Nowadays, national security issues are increasing day by day in most countries. A multitude of measures to reduce the challenges have been presented and even implemented by many authors, but without exhaustive results. The use of computers and sophisticated IT tools by the terrorist group, increasing number of citizens, lack of social amenities and other factors have made some of them inadequate enough to control the problems in Nigeria. The purpose of this paper is to highlight national security challenges in Nigeria and how security oversight is operated. To achieve this, the authors analyze available secondary data, investigating national security modus operandi and presenting the general concept of surveillance. Related works were also investigated for discussion. Remote surveillance, wiretapping, geospatial intelligence and a consolidated national database are proposed to achieve digital intelligence collection for insecurity management.

Published

2022

6. A Solution to Support Integrity in the Lawful Interception Ecosystem

Author

Buccafurri, Francesco, Consoli, Angelo, Labrini, Cecilia, Nesurini, Alice Mariotti, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Kö, Andrea, editor, Francesconi, Enrico, editor, Kotsis, Gabriele, editor, Tjoa, A Min, editor, and Khalil, Ismail, editor

Published

2021

7. Lawful Interception in WebRTC Peer-To-Peer Communication

Author

Wagner, Assaf, Puzis, Rami, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Dolev, Shlomi, editor, Margalit, Oded, editor, Pinkas, Benny, editor, and Schwarzmann, Alexander, editor

Published

2021

8. NFV Security: Emerging Technologies and Standards

Author

Faynberg, Igor, Goeringer, Steve, Sammes, A.J., Series editor, Rak, Jacek, Series editor, Zhu, Shao Ying, editor, Scott-Hayward, Sandra, editor, Jacquin, Ludovic, editor, and Hill, Richard, editor

Published

2017

9. A Comprehensive Overview of Government Hacking Worldwide

Author

Chen-Yu Li, Chien-Cheng Huang, Feipei Lai, San-Liang Lee, and Jingshown Wu

Subjects

Communication system and network security, government hacking, law enforcement, lawful interception, social network services, surveillance, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

There has been an ongoing and heated public policy debate on the appropriate role of and limitations to government hacking in maintaining a proper balance of national security and privacy. Asserting that they are compelled to use government hacking tools to protect their countries and populations, law enforcement and government agencies are increasingly strident in expressing the importance of accessing and intercepting encrypted communication data. However, many non-governmental and civil society organizations and activists strongly oppose government hacking because they consider its methods and techniques are extremely invasive and potentially compromising to the fundamental right of privacy. They are also concerned that the implementation of hacking techniques or similar methods would weaken encryption standards and place the security of the Internet at risk. This paper presents an overview of the current status of government hacking and discusses challenges to lawful interception (LI) technology and rules. The current state of LI and government hacking in five countries is reviewed, and capability is assessed in terms of several widely publicized events, in an effort to analyze the limitations of current solutions. Finally, the open challenges to and future direction of government hacking are highlighted.

Published

2018

10. On the Optimal Lawful Intercept Access Points Placement Problem in Hybrid Software-Defined Networks

Author

Xiaosa Xu, Wen-Kang Jia, Yi Wu, and Xufang Wang

Subjects

lawful interception, hybrid SDN, intercept access point, minimum vertex cover, Chemical technology, TP1-1185

Abstract

For the law enforcement agencies, lawful interception is still one of the main means to intercept a suspect or address most illegal actions. Due to its centralized management, however, it is easy to implement in traditional networks, but the cost is high. In view of this restriction, this paper aims to exploit software-defined network (SDN) technology to contribute to the next generation of intelligent lawful interception technology, i.e., to optimize the deployment of intercept access points (IAPs) in hybrid software-defined networks where both SDN nodes and non-SDN nodes exist simultaneously. In order to deploy IAPs, this paper puts forward an improved equal-cost multi-path shortest path algorithm and accordingly proposes three SDN interception models: T interception model, ECMP-T interception model and Fermat-point interception model. Considering the location relevance of all intercepted targets and the operation and maintenance cost of operators from the global perspective, by the way, we further propose a restrictive minimum vertex cover algorithm (RMVCA) in hybrid SDN. Implementing different SDN interception algorithms based RMVCA in real-world topologies, we can reasonably deploy the best intercept access point and intercept the whole hybrid SDN with the least SDN nodes, as well as significantly optimize the deployment efficiency of IAPs and improve the intercept link coverage in hybrid SDN, contributing to the implementation of lawful interception.

Published

2021

11. Regulating Social Network Services for Lawful Interception

Author

Peshin, Esti, Akan, Ozgur, Series editor, Bellavista, Paolo, Series editor, Cao, Jiannong, Series editor, Coulson, Geoffrey, Series editor, Dressler, Falko, Series editor, Ferrari, Domenico, Series editor, Gerla, Mario, Series editor, Kobayashi, Hisashi, Series editor, Palazzo, Sergio, Series editor, Sahni, Sartaj, Series editor, Shen, Xuemin (Sherman), Series editor, Stan, Mircea, Series editor, Xiaohua, Jia, Series editor, Zomaya, Albert, Series editor, Gladyshev, Pavel, editor, Marrington, Andrew, editor, and Baggili, Ibrahim, editor

Published

2014

12. A Bloom Filter-Based Monitoring Station for a Lawful Interception Platform

Author

de los Santos, Gerson Rodríguez, Hernández, Jose Alberto, Urueña, Manuel, Muñoz, Alfonso, Junqueira Barbosa, Simone Diniz, editor, Chen, Phoebe, editor, Cuzzocrea, Alfredo, editor, Du, Xiaoyong, editor, Filipe, Joaquim, editor, Kara, Orhun, editor, Kotenko, Igor, editor, Sivalingam, Krishna M., editor, Ślęzak, Dominik, editor, Washio, Takashi, editor, Yang, Xiaokang, editor, Dziech, Andrzej, editor, and Czyżewski, Andrzej, editor

Published

2014

13. New Secure Storage Architecture for Cloud Computing

Author

Almulla, Sameera Abdulrahman, Yeun, Chan Yeob, Park, James J., editor, Yang, Laurence T., editor, and Lee, Changhoon, editor

Published

2011

14. Wireless Sensing and Networking for the Internet of Things.

Author

Lin, Zihuai, Lin, Zihuai, and Xiang, Wei

Subjects

Energy industries & utilities, History of engineering & technology, Technology: general issues, 5G/6G, 6G, AI, D2D, ESPRIT algorithm, Green IoT, IIoT, Industry 5.0, Internet of Things (IoT), Internet of things, IoT, IoT measurements, LPWAN, LSTM model, LoRa, LoRaWAN, LoRaWAN™, LoS blockage, Precision Agriculture, URLLC, anomaly detection, artificial neural network, autonomous sensor node, blockchain, body shadowing compensation, cell decomposition, climate change, closed-from approximation, connectivity, conventional communication methods, coverage path planning, cybersecurity, data, decomposition methods, deep learning, digital circular economy, digital transition, digital twin, direction-of-arrival estimation, distributed sensing, downlink, economic value, edge AI, edge computing, electromagnetic sensing, electromagnetic vector-sensor array, energy harvesting, energy optimal path, energy-aware approaches, feature fusion, fingerprinting, full-wave simulations of PCB, geometric algebra, hardware security, harmonic balance method, hybrid SDN, indoor localisation, industrial IoT, inertial measurement device, intercept access point, inventoried sensor devices, label-free biosensor, landmark, lawful interception, long-distance transmission, machine learning, millimeter wave, minimum vertex cover, mobile sensors, moisture sensor, motion mode detection, multi-UAV, multi-robot systems, multi-tone signal, n/a, natural scene, nearest neighbour, network emulator, new radio, power conversion efficiency, principal component analysis, proximal soil sensor device, real time, reliability, resilience, robotic simulator, rooftop deployments, safety, sensor networks, sensors, single diode rectifier, smart cities, soil water content, support vector machine, sustainability, tactile Internet, technological development, text detection, the Internet of Things, ultralow power consumption, unmanned aerial vehicle, unmanned aerial vehicles, virtual testbed, voltage doubler, wearable device, wireless communication, wireless communications, wireless power transfer, wireless sensor network, wireless systems

Abstract

Summary: In recent years, we have been witnessing the exponential proliferation of the Internet of Things (IoT), networks of physical devices, vehicles, appliances and other items embedded with electronics, software, sensors, actuators and connectivity that enables these objects to connect and exchange data. Enabling the introduction of highly efficient IoT, wireless sensing and network technologies will reduce the need for traditional processes that are currently be carried out manually, thus freeing up the precious resources of dwindling working staff, to do more meaningful and human-centered work. This reprint aims to bring together innovative developments in areas related to IoT, wireless sensing and networking. The aspects covered include software-defined network (SDN)-based IoT networks, artificial intelligence (AI) for IoT, industrial IoT, smart sensors, optimization of energy efficiency for IoT, and wireless sensor networks, IoT applications for agriculture, smart cities, healthcare, localization and environment monitoring.

15. Requirements of EU law enforcement agencies for lawful interception of information in electronic communications networks

Author

S. Кokiza and V. Stepanov

Subjects

Lawful interception, Law enforcement, Normative, Context (language use), Electronic communication, Business, Interception, Computer security, computer.software_genre, computer

Abstract

The article is devoted to the analysis of regulatory and legal acts and normative documents of the EU on information interception in electronic communication networks in the context of preparation of technical regulations of the united system of technical means.

Published

2021

16. IPvest: Clustering the IP Traffic of Network Entities Hidden Behind a Single IP Address Using Machine Learning

Author

Haim Zlatokrilov, Liran Orevi, Robert Moskovitch, Roni Mateless, and Michael Segal

Subjects

Computer Networks and Communications, business.industry, Computer science, Cloud computing, Internet traffic, computer.software_genre, Virtual machine, Lawful interception, Server, Electrical and Electronic Engineering, business, Cluster analysis, Hardware_REGISTER-TRANSFER-LEVELIMPLEMENTATION, Mobile device, computer, Network address translation, Computer network

Abstract

IP Networks serve a variety of connected network entities (NEs) such as personal computers, servers, mobile devices, virtual machines, hosted containers, etc. The growth in the number of NEs and technical considerations has led to a reality where a single IP address is used by multiple NEs. A typical example is a home router using Network Address Translation (NAT). In organizations and cloud environments, a single IP can be used by multiple virtual machines or containers running on a single device. Discovering the number of NEs served by an IP address and clustering their traffic correctly is of value in many use cases for security, lawful interception, asset management, and other purposes. In this paper, we introduce IPvest, a system that incorporates unsupervised and supervised learning algorithms based on various features for counting and clustering network traffic of NEs masqueraded by a single IP. The features are based on the characteristics of operating systems (OSs), NAT behavior, and users’ habits. Our model is evaluated on real-world datasets including Windows, Linux-based, Android, and iOS-based devices, containers, virtual machines, and load-balancers. We show that IPvest can count the number of NEs and cluster their traffic with high precision, even for containers running on a single device and servers behind a load-balancer.

Published

2021

17. "Lawful interception – A market access barrier in the European Union"?

Author

Doronin, Vadim

Subjects

*LAW enforcement, *EAVESDROPPING, *TELECOMMUNICATION, *INTERNET of things

Abstract

This paper studies legal requirements across the European Union to implement technical and organizational capabilities to intercept and deliver content data to law enforcement authorities, arguing that a fragmentation of rules across EU Member States imposes market access barriers upon telecommunications providers. The aim of this paper is to raise awareness about discrepancy of lawful interception rules across the EU, which causes legal uncertainty and places burdensome requirements upon regulated entities such as OTT but also IoT connectivity and satellite service providers. The paper further argues that the EU has competencies to legislate on harmonization of lawful interception capability rules by specifying what types of telecommunications providers can be subject to those rules, address types of capabilities, determine whether Member States should be responsible to reimburse telecommunications providers with incurred costs; and finally, regulate on the ability to share or outsource capabilities with other providers or third-party vendors. The author doesn't address human rights or privacy considerations associated with exercising lawful interception, nor grounds on which lawful interception can be requested under national law, nor evidential admissibility of intercepted data. [ABSTRACT FROM AUTHOR]

Published

2023

18. A Framework for Secure and Verifiable Logging in Public Communication Networks

Author

Stathopoulos, Vassilios, Kotzanikolaou, Panayiotis, Magkos, Emmanouil, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Dough, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, and Lopez, Javier, editor

Published

2006

19. Key Recovery in Third Generation Wireless Communication Systems

Author

Nieto, Juanma González, Park, DongGook, Boyd, Colin, Dawson, Ed, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, Imai, Hideki, editor, and Zheng, Yuliang, editor

Published

2000

20. An Efficient Network Classification Based on Various-Widths Clustering and Semi-Supervised Stacking

Author

Abdulmohsen Almalawi and Adil Fahad

Subjects

semi-supervised learning, General Computer Science, Computer science, Quality of service, Internet traffic classification, multiview, General Engineering, Internet traffic, Intrusion detection system, computer.software_genre, TK1-9971, Support vector machine, Metadata, Traffic classification, Lawful interception, General Materials Science, Electrical engineering. Electronics. Nuclear engineering, Data mining, Cluster analysis, computer

Abstract

Network traffic classification is basic tool for internet service providers, various government and private organisations to carry out investigation on network activities such as Intrusion Detection Systems (IDS), security monitoring, lawful interception and Quality of Service (QoS). Recent network traffic classification approaches have used an extracted and predefined class label which come from multiple experts to build a robust network traffic classifier. However, keeping IP traffic classifiers up to date requires large amounts of new emerging labeled traffic flows which is often expensive and time-consuming. This paper proposes an efficient network classification (named Net-Stack) which inherits the advantages of various widths clustering and semi-supervised stacking to minimize the shortage of labeled flows, and accurately learn IP traffic features and knowledge. The Net-Stack approach consists of four stages. The first stage pre-processes the traffic data and removes noise traffic observations based on various widths clustering to select most representative observations from both the local and global perspective. The second stage generates strong discrimination ability for multiview representations of the original data using dimensionality reduction techniques. The third stage involves heterogeneous semi-supervised learning algorithms to exploit the complementary information contained in multiple views to refine the decision boundaries for each traffic class and get a low dimensional metadata representation. The final stage employs a meta-classifier and stacking approach to comprehensively learn from the metadata representation obtained in stage three for improving the generalization performance and predicting final classification decision. Experimental study on twelve traffic data sets shows the effectiveness of our proposed Net-Stack approach compared to the baseline methods when there is relatively less labelled training data available.

Published

2021

21. Positioning Technology Trends and Solutions Toward 6G

Author

Mikko Saily, Joerg Schaepperle, Eva Perez, Diomidis Michalopoulos, Osman Nuri Can Yilmaz, and Keating Ryan

Subjects

business.industry, Computer science, Lawful interception, Reliability (computer networking), Location-based service, Scalability, Use case, business, Telecommunications, Automation, 5G, Positioning technology

Abstract

In the 4G era, cellular positioning was used for emergency services and services associated to lawful interception. In 5G, commercial use cases have gained momentum and use cases like factory automation, transportation, and logistics are included in 5G besides the regulatory use cases. Toward 6G, it is anticipated that positioning and location services will be fundamental part of the system demanded by most commercial applications, such as AR/VR/XR, gaming, sensing, low-cost tracking and new industrial applications with extremely high accuracy. As a result, positioning accuracy and latency requirements are anticipated to tighten further from 5G. Thus, positioning and location services needs to be designed as an integral part of 5G evolution to address these requirements in a scalable and efficient manner both for devices and networks. This paper discusses the technical trends and enablers to realize this vision towards 6G, such as latency and accuracy enhancements, and low-cost positioning.

Published

2021

22. Escrowed decryption protocols for lawful interception of encrypted data

Author

Javier Lopez, Isaac Agudo, and David Nuñez

Subjects

Computer Networks and Communications, business.industry, Computer science, Escrow, 020206 networking & telecommunications, 0102 computer and information sciences, 02 engineering and technology, Cryptographic protocol, Encryption, Computer security, computer.software_genre, 01 natural sciences, Proxy re-encryption, Public-key cryptography, 010201 computation theory & mathematics, Lawful interception, 0202 electrical engineering, electronic engineering, information engineering, ComputingMilieux_COMPUTERSANDSOCIETY, Cryptosystem, business, Semantic security, computer, Software, Information Systems

Abstract

Escrowed decryption schemes (EDSs) are public-key encryption schemes with an escrowed decryption functionality that allows authorities to decrypt encrypted messages under investigation, following a protocol that involves a set of trusted entities called `custodians'; only if custodians collaborate, the requesting authority is capable of decrypting encrypted data. This type of cryptosystem represents an interesting trade-off to privacy versus surveillance dichotomy. In this study, the authors propose two EDSs where they use proxy re-encryption to build the escrowed decryption capability, so that custodians re-encrypt ciphertexts, in a distributed way, upon request from an escrow authority, and the re-encrypted ciphertexts can be opened only by the escrow authority. Their first scheme, called EDS, follows an all-or-nothing approach, which means that escrow decryption only works when all custodians collaborate. Their second scheme, called threshold EDS, supports a threshold number of custodians for the escrow decryption operation. They propose definitions of semantic security with respect to the authorities, custodians and external entities, and prove the security of their schemes, under standard pairing-based hardness assumptions. Finally, they present a theoretical and experimental analysis of the performance of both schemes, which show that they are applicable to real-world scenarios.

Published

2019

23. Meeting lawful interception requirements for selected IP traffic offload and local IP access traffic.

Author

Cartmell, John

Abstract

Cellular network operators are dealing with the increased data requirements of their customers by attempting to offload traffic from the mobile core network. The 3rd Generation Partnership Project (3GPP) standards have defined several strategies that allow for offloading user traffic from the mobile core network. The 3GPP standards also define requirements for the mobile networks to support lawful interception of subscriber traffic. The current methods employed by mobile network operators to perform lawful interception are insufficient to support the traffic offload methods. This paper describes the current lawful interception landscape as well as the methods to perform traffic offload. It then proposes the architecture and methods that allow for traffic offload while satisfying law enforcement needs. [ABSTRACT FROM PUBLISHER]

Published

2013

24. Exploring the Optimal Intercept Access Point Placement Problem in Software-Defined Networks

Author

Liang Chen, Ruisi Wu, and Wen-Kang Jia

Subjects

Computer science, business.industry, Total cost, Quality of service, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 05 social sciences, Law enforcement, 050801 communication & media studies, 020206 networking & telecommunications, 02 engineering and technology, Data modeling, 0508 media and communications, Lawful interception, Shortest path problem, 0202 electrical engineering, electronic engineering, information engineering, Interception, business, Software-defined networking, Computer network

Abstract

In modern networks, Lawful Interception (LI) is one of the necessary means for security agencies to safeguard national security and prevent crimes. This article intends to explore the dynamic placement problem of intercept access points (IAPs) unique to SDNs, and their derived interception strategies. by selecting the optimal intercept access point, bring the shortest path among the three points-source, destination, and law enforcement agency (LEA). In order to reduce the redundant return intercepted traffic in the network, the operating cost of the LI system must be minimized. We also addressed the performance of the fastest access to the return traffic by the LEA, and the impact on the communication quality of the monitored users. Comparison among the three-interception strategies-source/destination interception model, blocking interception model, and bicast model. the simulation results expressed as a percentage that improved by using the different strategies compared with each other of the total costs of ISP, the performance of LEAs, and affected QoS of monitored users.

Published

2021

25. Information security and the lawful interception of communications through telecom service providers infrastructure: advanced model system architecture

Author

Parlov, Natalija, Sičaja, Željko, Katulić, Tihomir, and Lusa, Riko

Subjects

lawful interception, LI, telecom service providers, information security, cybersecurity, national security

Abstract

Communication interception for national security purposes, as well as for purposes of conducting a criminal investigation, is an invaluable asset of law enforcement agencies. In technical terms, this field has seen rapid advances in the last decade, while available software programmes and platforms for lawful interception (LI) are now able to monitor a broad spectrum of communication channels. Lawful interception of communications invariably intersects with fundamental rights and freedoms of persons in the European Union and the Member States. The purpose of this paper, as part of the discussion on the framework of lawful interception, is to present a study of advanced lawful interception software with its functionalities and processes, compare it with the most common lawful interception models and analyse the software architecture defined by the European Telecommunications Standards Institute (ETSI) as a general standard. While this particular model of LI architecture has initially been designed to intercept voice communications, it can be successfully applied to intercept communications over Internet Protocol (IP) channels. Finally, the paper offers a comparative insight into different kinds of LI software and their capabilities in line with communication interception regulation.

Published

2021

26. On the Optimal Lawful Intercept Access Points Placement Problem in Hybrid Software-Defined Networks

Author

Xufang Wang, Xiaosa Xu, Wen-Kang Jia, and Yi Wu

Subjects

Software_OPERATINGSYSTEMS, Exploit, Computer science, lawful interception, intercept access point, 0507 social and economic geography, 02 engineering and technology, Network topology, lcsh:Chemical technology, Biochemistry, Article, Analytical Chemistry, 0202 electrical engineering, electronic engineering, information engineering, lcsh:TP1-1185, minimum vertex cover, Electrical and Electronic Engineering, Instrumentation, hybrid SDN, business.industry, 05 social sciences, 020206 networking & telecommunications, Atomic and Molecular Physics, and Optics, Lawful interception, Interception, Software-defined networking, business, 050703 geography, Computer network

Abstract

For the law enforcement agencies, lawful interception is still one of the main means to intercept a suspect or address most illegal actions. Due to its centralized management, however, it is easy to implement in traditional networks, but the cost is high. In view of this restriction, this paper aims to exploit software-defined network (SDN) technology to contribute to the next generation of intelligent lawful interception technology, i.e., to optimize the deployment of intercept access points (IAPs) in hybrid software-defined networks where both SDN nodes and non-SDN nodes exist simultaneously. In order to deploy IAPs, this paper puts forward an improved equal-cost multi-path shortest path algorithm and accordingly proposes three SDN interception models: T interception model, ECMP-T interception model and Fermat-point interception model. Considering the location relevance of all intercepted targets and the operation and maintenance cost of operators from the global perspective, by the way, we further propose a restrictive minimum vertex cover algorithm (RMVCA) in hybrid SDN. Implementing different SDN interception algorithms based RMVCA in real-world topologies, we can reasonably deploy the best intercept access point and intercept the whole hybrid SDN with the least SDN nodes, as well as significantly optimize the deployment efficiency of IAPs and improve the intercept link coverage in hybrid SDN, contributing to the implementation of lawful interception.

Published

2021

27. A Secure Encapsulation Schemes Based on Key Recovery System

Author

Tae Hoon Kim, Won-Bin Kim, Dae-Hee Seo, and Im-Yeong Lee

Subjects

Computer science, business.industry, Computer security, computer.software_genre, Encryption, Proxy re-encryption, Encapsulation (networking), Lawful interception, Ciphertext, Key encapsulation, business, computer, Key escrow, Signcryption

Abstract

Network users apply encryption to send and receive data securely. Since ciphertext can be encrypted and decrypted only by lawful users, third parties do not have the ability to know the content of an encrypted message. However, a secret key is uesed for encryption, and if the secret key is lost or corrupted, there is a problem that the encrypted text cannot be decrypted. Additionally, malicious use of this encryption will cause problems. If encryption is used maliciously, the government cannot prevent criminal activity. Because of this law enforcement agencies need support for lawful interception to decrypt criminals or suspect’s ciphertexts. We need a key recovery system that can safely recover these secret keys or decrypt messages for lawful interception. There are two types of key recovery systems, a key escrow method and a key encapsulation method. This paper proposes secure schemes using key encapsulation. The key encapsulation method requires the key information used in the ciphertext, and the key information can be obtained from the KRF (Key Recovery Field). The obtained key can be used to decrypt the ciphertext. however, various security threats exist in key recovery system. Such as forgery and alteration of KRF, single point of failure, inability to recover keys, and collusion attacks. To solve these problems, we propose secure encapsulation schemes based on key recovery system.

Published

2021

28. A distributed flow correlation attack to anonymizing overlay networks based on wavelet multi-resolution analysis

Author

Francesco Palmieri

Subjects

Overlay networks, Computer science, business.industry, Distributed computing, Overlay network, Distributed traffic interception, Wavelets, Encryption, Networking hardware, Attack model, Lawful interception, Obfuscation, The Internet, Electrical and Electronic Engineering, business, Correlation attack, Anonymity, Multi-resolution analysis, Flow correlation

Abstract

Government agencies rely more and more heavily on the availability of flexible and intelligent solutions for the interception and analysis of Internet-based telecommunications. Unfortunately, the global lawful interception market has been recently put into a corner by the emerging sophisticated encryption, obfuscation and anonymization technologies provided by modern overlay communication infrastructures. To face this challenge, this work proposes a novel strategy for defeating the anonymity of traffic flows, collected within and at the exit of these anonymizing networks, relying on distributed flow-capture, characterization and correlation attacks driven by wavelet-based multi-resolution analysis. Such a strategy, starting from a properly formalized attack model, results in an effective and promising framework that can be easily deployed on real-life network equipment and can potentially scale by working according to different distribution/parallelization scenarios.

Published

2021

29. Pegasus Spyware – 'A Privacy Killer'

Author

Ajay Chawla

Subjects

Password, Exploit, Phone, Computer science, Lawful interception, Ransomware, Malware, Digital security, Android (operating system), computer.software_genre, Computer security, computer

Abstract

The recent Pegasus Project revelations of about half a lakh people across the world, including several in India, being targeted for cyber surveillance has firmly brought the spotlight on the Pegasus spyware, which is widely understood to be the most sophisticated smartphone attack tool. The revelations also mark the first time that a malicious remote jailbreak exploit had been detected within an iPhone. Pegasus is a spyware (Trojan/Script) that can be installed remotely on devices running on Apple’s iOS & Google’s Android operating systems. It is developed and marketed by the Israeli technology firm NSO Group. NSO Group sells Pegasus to “vetted governments” for “lawful interception”, which is understood to mean combating terrorism and organized crime, as the firm claims, but suspicions exist that it is availed for other purposes. Pegasus is a modular malware that can initiate total surveillance on the targeted device, as per a report by digital security company Kaspersky. It installs the necessary modules to read the user’s messages and mail, listen to calls, send back the browser history and more, which basically means taking control of nearly all aspects of your digital life. It can even listen in to encrypted audio and text files on your device that makes all the data on your device up for grabs. Since Pegasus hacks into the operating system, every activity within the phone can be monitored when the phone is switched on. It's as if someone is monitoring your phone activity over your shoulders. Pegasus operators can remotely record audio and video from your phone, extract phone messages, use GPS for location tracking, and recover passwords and authentication keys without the user even noticing. It's only when a device is sent for forensic screening, and experts look into the transfer of data to and from the phone, is when a potential attack can be confirmed. The dooming fact of it all is that since Pegasus exploits zero-day vulnerabilities, there is nothing that can be done regarding such breaches unless operating system developers proactively ship out an update to your phone, aimed to protect you from hi-tech malware like Pegasus.

Published

2021

30. Make Remote Forensic Investigations Forensic Again: Increasing the Evidential Value of Remote Forensic Investigations

Author

Marcel Busch, Florian Nicolai, Christoph Safferling, Fabian Fleischer, Felix C. Freiling, and Christian Rückert

Subjects

Value (ethics), 021110 strategic, defence & security studies, Transport Layer Security, Computer science, business.industry, 0211 other engineering and technologies, Law enforcement, 020207 software engineering, 02 engineering and technology, Encryption, Computer security, computer.software_genre, Lawful interception, 0202 electrical engineering, electronic engineering, information engineering, Software system, Suspect, Android (operating system), business, computer

Abstract

Due to the increasing use of encrypted communication and anonymous services, many countries introduced new regulations that allow law enforcement to perform remote forensic investigations. During such investigations, law enforcement agencies secretly obtain remote access to a suspect’s computer to search for and collect evidence, including full copies of the (unencrypted) communication data. In this paper, we argue that the evidential value of the acquired evidence can be substantially increased by two technical methods: (1) employing integrity verification techniques offered by secure hardware, and (2) exfiltrating the decryption key of encrypted communication only in order to decrypt communication obtained by lawful interception. To prove the practicality of both methods, we design and implement TEE-BI, a solution for Trusted Execution Environment-based introspection. We deploy TEE-BI on an Android-based hardware platform featuring an ARM TrustZone and demonstrate the stealthy extraction of Secure Sockets Layer encryption keys from an Android userland application. We evaluate the effectiveness, performance, and compatibility of our prototype and argue that it provides a much higher level of evidential value than (the known) existing remote forensic software systems.

Published

2021

31. Définir une approche des droits de l'homme à la législation sur la surveillance des communications à travers le système africain des droits de l'homme au Nigeria, en Afrique du Sud et en Ouganda

Author

Ilori, Tomiwa

Subjects

South Africa, lawful interception, legal reforms, communication surveillance, human rights approach, Nigeria, Uganda, privacy

Abstract

Today, in any society where crime is possible, communication surveillance is a necessary evil. This is because technologies now offer faster means of preventing crime while they are also capable of undermining the right to privacy. However, protecting privacy should not be mutually exclusive of ensuring public safety. This article argues that while communication surveillance may be permissible under narrow and limited circumstances, the laws made to regulate it in Nigeria, South Africa and Uganda do not comply with international human rights standards. In demonstrating this, this article analyses the major laws in these countries alongside the various international human rights principles that must be complied with in framing a rights-respecting law on communication surveillance. The major contribution of this article is that communication surveillance laws can be designed in compliance with international human rights standards in the countries under focus. These include Nigeria, South Africa and Uganda carrying out specific legal reforms targeted at problematic laws on communication surveillance in order to bring them in ine with international human rights standards. This can also be supported by developing a more robust set of comprehensive guidelines through the African Commission and Human and Peoples' Rignts and ensuring that Nigeria, South Africa and Uganda embark on critical and strategic training for stakeholders involved in the enforcement and implementation of communication surveillance laws in these countries

Published

2021

32. Information security and the lawful interception of communications through telecom service providers infrastructure: advanced model system architecture

Author

Natalija Parlov, Željko Sičaja, Tihomir Katulić, and Riko Luša

Subjects

lawful interception, LI, telecom service providers, information security, cybersecurity, national security, ComputingMilieux_LEGALASPECTSOFCOMPUTING, zakonito presretanje, davatelji telekom usluga, informacijska sigurnost, cyber sigurnost, nacionalna sigurnost

Abstract

Communication interception for national security purposes, as well as for purposes of conducting a criminal investigation, is an invaluable asset of law enforcement agencies. In technical terms, this field has seen rapid advances in the last decade, while available software programmes and platforms for lawful interception (LI) are now able to monitor a broad spectrum of communication channels. Lawful interception of communications invariably intersects with fundamental rights and freedoms of persons in the European Union and the Member States. The purpose of this paper, as part of the discussion on the framework of lawful interception, is to present a study of advanced lawful interception software with its functionalities and processes, compare it with the most common lawful interception models and analyse the software architecture defined by the European Telecommunications Standards Institute (ETSI) as a general standard. While this particular model of LI architecture has initially been designed to intercept voice communications, it can be successfully applied to intercept communications over Internet Protocol (IP) channels. Finally, the paper offers a comparative insight into different kinds of LI software and their capabilities in line with communication interception regulation., Tajni nadzor komunikacija koji se rabi za potrebe nacionalne sigurnosti i u svrhu provođenja policijskih istražnih radnji vrijedno je tehničko sredstvo i koristan alat tijela policijskog, pravosudnog i sigurnosnog sustava. U tehničkim aspektima, ovo polje bilježi značajne pomake u posljednjem desetljeću gdje su dostupni softver i platforme za provođenje tajnog nadzora proširene mogućnostima nadzora širokog spektra različitih komunikacijskih kanala. Funkcija tajnog nadzora komunikacija u suštini predstavlja ograničenje temeljnih prava pojedinaca na području Europske unije i država članica. Svrha ovog rada kao priloga raspravi o mehanizmima tajnog nadzora jest izložiti osobine modela naprednog softvera razvijenog u svrhu tajnog nadzora, usporedba s najčešćim modelima tajnog nadzora i analiza softverske arhitekture definirane od strane Europskog instituta za telekomunikacijske norme (ETSI) kao dominantne norme u ovom području. Iako se ovaj model arhitekture tajnog nadzora razvio inicijalno za nadzor glasovnih komunikacija, može ga se uspješno primijeniti i za tajni nadzor komunikacija koje koriste internet protokol (IP). Konačno, članak pruža komparativni pregled različitog softvera tajnog nadzora u skladu s regulativom funkcije tajnog nadzora.

Published

2021

33. ON IDENTITIES IN MODERN NETWORKS.

Author

Polčák, Libor, Hranický, Radek, and Martínek, Tomáš

Abstract

Communicating parties inside computer networks use different kind of identifiers. Some of these identifiers are stable, e.g., logins used to access a specific service, some are only temporary, e.g., dynamically assigned IP addresses. This paper tackles several challenges of lawful interception that emerged in modern networks. The main contribution is the graph model that links identities learnt from various sources distributed in a network. The inferred identities result into an interception of more detailed data in conformance with the issued court order. The approach deals with network address translation, short-lived identifiers and simultaneous usage of different identities. The approach was evaluated to be viable during real network testing based on various means to learn identities of users connected to a network. [ABSTRACT FROM AUTHOR]

Published

2014

34. Implementation and performance of VoIP interception based on SIP session border controller.

Author

Yang, Menghui and Liu, Hua

Subjects

INTERNET telephony, TEST interpretation, COMPUTER network architectures, DATA packeting, SESSION Initiation Protocol (Computer network protocol)

Abstract

In an effort to provide lawful interception for session initiation protocol (SIP) voice over Internet protocol (VoIP), an interception architecture using session border controller (SBC) is proposed. Moreover, a prototype based on the proposed architecture is implemented. A testbed is set up and tests are carried out in order to analyze the performance and the capability of function entities and interfaces in the proposed architecture. Test results show that SBC interception capability in SIP signaling is superior to that in real-time transport protocol (RTP) media stream. In order to eliminate the possible bottleneck of RTP packets interception in SBC, an analytic model is proposed to investigate the mechanism in which RTP packet's traffics are shared among different SBC media functions. Analysis results show that multiple SBC media functions can share the RTP packets arrival and can significantly decrease RTP packets service time in SBC. Test results also show that delivery function, collect function and their interfaces in the proposed interception architecture have corresponding interception performance and capability with SBC. [ABSTRACT FROM AUTHOR]

Published

2014

35. Towards 5G cellular network forensics

Author

Filipo Sharevski

Subjects

Network Functions Virtualization, lcsh:Computer engineering. Computer hardware, Lawful Access Location Services (LALS), Computer science, Digital forensics, 0211 other engineering and technologies, lcsh:TK7885-7895, 02 engineering and technology, Fifth generation, Slicing, lcsh:QA75.5-76.95, System capacity, 0202 electrical engineering, electronic engineering, information engineering, 021110 strategic, defence & security studies, business.industry, Lawful Interception (LI), Cellular networks, 020206 networking & telecommunications, Computer Science Applications, Lawful interception, Signal Processing, Cellular network, LTE/LTE-Advanced, lcsh:Electronic computers. Computer science, business, 5G, Computer network

Abstract

The fifth generation (5G) of cellular networks will bring 10 Gb/s user speeds, 1000-fold increase in system capacity, and 100 times higher connection density. In response to these requirements, the 5G networks will incorporate technologies like CUPS, NFV, network slicing, and CIoT. Each of these 5G features requires system adaptations to enable acquisition and forensic processing of cellular network evidence. This paper reviews the digital forensics mechanisms for Lawful Interception and user localization available in LTE and LTE-Advanced networks together with the associated evidence types, tools for forensic analysis, and supporting legal framework. The challenges and potential adaptations for retaining these capabilities in the future 5G networks are also discussed to outline the future research directions for cellular network forensics.

Published

2018

36. Avlyssnad? : En studie om användandet av hemliga tvångsmedel i preventivt syfte

Author

Lövgren, Evelina and Lövgren, Evelina

Abstract

The legal mandate for taking secret interception measures has increased. Law enforcement agencies can now not only monitor the communications of individuals when they are suspected of a crime. Secret interception measures can be taken before a crime is committed, if there are vague signs that an individual could perhaps commit a crime. This progress in preventive direction is a cause of internationalization, social and technological development and increased organized crime and terror. Therefore, the state and the public have a strong interest in gaining access to an increased amount of data. However, these coercive measures constitute an infringement of the individual's interest in privacy and protection of privacy. In this paper, based on a legal dogmatic method, the relationship between the rule of law security guarantees, personal integrity and crime prevention is analysed. The paper finds that it is important for both the individual and the state power that the legislature carefully considers whether a breach of personal integrity is justifiable. Moreover, some aspects of preventive use of coercive measures are of greater importance than others. These include the requirements for the functioning of the legislation in a democratic society, the precision and predictability of the law, as well as the existence of independent review, control and protection against abuse. A regulation without these requirements could lead to negative legal consequences and both mistrust and insecurity among citizens.

Published

2020

37. Secure SIP authentication scheme supporting lawful interception.

Author

Pu, Qiong, Wang, Jian, and Wu, Shuhua

Subjects

INTERNET telephony, SESSION Initiation Protocol (Computer network protocol), ELLIPTIC curves, COMPUTER access control, INTERNET protocols

Abstract

ABSTRACT The session initiation protocol (SIP) is the most widely used signaling protocol for creating, modifying, and terminating multimedia sessions in an Internet Protocol-based telephony environment. Recently, Arshad et al. proposed an authentication scheme based on elliptic curve cryptosystems for SIP. In this paper, we first show that their scheme is vulnerable to the password-guessing attack. Thereafter, we propose a new authentication and key agreement scheme for SIP, which is immune to the presented attacks. Our scheme achieves provable security and, yet, is efficient. Moreover, we also provide an extended scheme capable of protecting media stream's privacy even against SIP servers while supporting lawful interception, which is inevitably required for protecting the national security or for detecting the criminal evidence. Copyright © 2012 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published

2013

38. Private Clouds with No Silver Lining: Legal Risk in Private Cloud Services.

Author

Iglesias, Rebecca, Nicholls, Rob, and Travis, Anisha

Subjects

CLOUD computing, DATA protection, INFORMATION & communication technologies, TECHNOLOGICAL innovations, COMPUTER security

Abstract

This paper provides an overview of the legal risks that arise from the use of private clouds arising from lawful interception, data protection obligations and legal professional privilege. The paper uses an Australian perspective to provide examples, but concludes that there are significant legal risks in all jurisdictions. [ABSTRACT FROM AUTHOR]

Published

2012

39. Seamless Lawful Interception Handover for 3G IP Multimedia Subsystem (IMS).

Author

Hoh Peter In, Myoungrak Lee, Dohoon Kim, Nunghoe Kim, and Byungsik Yoon

Subjects

PACKET switching, DATA packeting, DATA transmission systems, INTERNET protocols, ROAMING (Telecommunication), WIRELESS communications

Abstract

After the 9.11 terror attack, lawful Interception (LI) has emerged as an important tool for anti-terrorist activity. Law enforcement agents and administrative government bodies effectively monitor suspicious target users of permanent IP-based network devices by LI in Packet Data Networks (PDNs). However, it is difficult to perform LI in monitoring migrating users from a location to another, who change their IPs due to the proliferation of portable Internet devices enabling 3G IP Multimedia Subsystems (IMS). The existing, manual handover technique in 3G IMS makes it even more difficult to continue the LI activities due to time-lag reissuance of LI authority warrants when the target users move to a new LI jurisdiction via a roaming service. Our proposed model is a seamless LI handover mechanism in 3G IMS to support mobility detection of the target users. The LI warrants are transferred to the new LI agent automatically with the target users when they move to a new LI jurisdiction. Thus, time-lag human intervention of reissuance of the LI warrants is removed and enables the LI authorities to continue monitoring. In the simulation of our proposed mechanism, the quality of lawful interception achieves a mean score of over 97.5% out of the possible 100% maximum score, whereas the quality of the existing mechanism has a mean score of 22.725%. [ABSTRACT FROM AUTHOR]

Published

2011

40. A scalable and efficient key escrow model for lawful interception of IDBC-based secure communication.

Author

Han, Kyusuk, Yeun, Chan Yeob, Shon, Taeshik, Park, Jonghyuk, and Kim, Kwangjo

Subjects

*ESCROWS, *WIRELESS sensor networks, *MATHEMATICAL models, *TELECOMMUNICATION systems, *LAW enforcement, *EAVESDROPPING, *CELL phones

Abstract

Key escrowing is one of the core technologies for the lawful interception (LI) of secure communications in the wired and wireless networks. Although many previous studies on the key escrowing have been done before, they are insufficient to be deployed in practical networks due to conflicts with the LI requirements. Moreover, there is lack of consideration on the LI of ID-based cryptosystem (IDBC)-based secure communication because the interest of the LI was moved to the industries and IDBC has the inherent key escrowing property. However, the inherent property of IDBC cannot prevent 'illegal' eavesdropping of all the communications in the networks from the law enforcement agency with the 'legally' obtained key. Thus, we propose a new key escrow model that satisfies the requirements of LI and overcomes the potential threats of IDBC. Our contributions enable the scalable and efficient key escrowing for the LI of secure one-way and two-pass communication in the mobile networks. Copyright © 2010 John Wiley & Sons, Ltd. We propose a new key escrow model that satisfies the requirements of LI and overcomes the potential threats of IDBC that cannot initially prevent 'illegal' eavesdropping of all the communications in the networks from the law enforcement agency with the 'legally' obtained key. Our contributions enable scalable and efficient key escrowing for the lawful interception of secure one-way and two-pass communication in mobile networks. Copyright © 2010 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published

2011

41. Computational approaches to suspicion in adversarial settings.

Author

Skillicorn, David B.

Subjects

DATA analysis, ONLINE social networks, COUNTERTERRORISM, LAW enforcement, FRAUD

Abstract

Intelligence and law enforcement agencies collect large datasets, but have difficulty focusing analyst attention on the most significant records and structures within them. We address this problem using suspicion, which we interpret as relevant anomaly, as the measure associated with data records and individuals. For datasets collected about widespread activities in which the signs of adversarial activity are rare, we suggest ways to build predictive models of suspicion. For datasets collected as the result of lawful interception, we suggest a model of suspicion spreading using the social network implied by the intercepted data. [ABSTRACT FROM AUTHOR]

Published

2011

42. A Comprehensive Overview of Government Hacking Worldwide

Author

Jingshown Wu, San-Liang Lee, Chien-Cheng Huang, Chen-Yu Li, and Feipei Lai

Subjects

Civil society, government hacking, National security, General Computer Science, lawful interception, Internet privacy, Public policy, ComputingMilieux_LEGALASPECTSOFCOMPUTING, 02 engineering and technology, 020204 information systems, law enforcement, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, Hacker, Government, business.industry, General Engineering, Law enforcement, 020206 networking & telecommunications, Lawful interception, surveillance, Communication system and network security, The Internet, social network services, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971

Abstract

There has been an ongoing and heated public policy debate on the appropriate role of and limitations to government hacking in maintaining a proper balance of national security and privacy. Asserting that they are compelled to use government hacking tools to protect their countries and populations, law enforcement and government agencies are increasingly strident in expressing the importance of accessing and intercepting encrypted communication data. However, many non-governmental and civil society organizations and activists strongly oppose government hacking because they consider its methods and techniques are extremely invasive and potentially compromising to the fundamental right of privacy. They are also concerned that the implementation of hacking techniques or similar methods would weaken encryption standards and place the security of the Internet at risk. This paper presents an overview of the current status of government hacking and discusses challenges to lawful interception (LI) technology and rules. The current state of LI and government hacking in five countries is reviewed, and capability is assessed in terms of several widely publicized events, in an effort to analyze the limitations of current solutions. Finally, the open challenges to and future direction of government hacking are highlighted.

Published

2018

43. An overview of VoIP and P2P copyright and lawful-interception issues in the United States and Taiwan.

Author

Cheng, Fa-Chang and Lai, Wen-Hsing

Subjects

INTERNET telephony, PEER-to-peer file sharing, COPYRIGHT, COPYRIGHT infringement, DIGITAL technology, INTERNET protocols

Abstract

Abstract: With the evolution of increasingly sophisticated Internet communication technologies, ensuing legal and policy issues have also emerged. VoIP (voice-over-Internet Protocol) and P2P (peer-to-peer) file-sharing software are two relevant examples of the differing characteristics of Internet communications compared to traditional communication technologies, e.g., telephone, cell phone or client-and-server architecture, from the viewpoint of government surveillance (or the investigation of copyright infringement) and the protection of user privacy. Herein, we try to make observations and opinions regarding the legal issues related to VoIP and P2P file-sharing software. [ABSTRACT FROM AUTHOR]

Published

2010

44. A hybrid clustering-classification for accurate and efficient network classification

Author

Xun Yi, Adil Fahad, Zahir Tari, and Abdulmohsen Almalawi

Subjects

Empirical research, Traffic classification, Computer science, Lawful interception, Quality of service, Intrusion detection system, Data mining, Noise (video), Cluster analysis, computer.software_genre, computer, Port (computer networking)

Abstract

The traffic classification is the foundation for many network activities, such as quality of service (QoS), security monitoring, lawful interception, and intrusion detection system (IDS). A recent statistics-based method to address the unsatisfactory results of traditional port-based and payload-based methods has attracted attention. However, the presence of non-informative attributes and noise instances degrade the performance of this method. Thus, to address this problem, in this chapter, a hybrid clustering-classification method (called CluClas) is described to improve the accuracy and efficiency of network traffic classification by selecting informative attributes and representative instances. An extensive empirical study on four traffic data sets shows the effectiveness of the CluClas method.

Published

2020

45. Wired? A study on preventive use of coercive measures

Author

Lövgren, Evelina

Subjects

private life, prevention, ECHR, European convention, lawful interception, Juridik, coercive measures, secret interception measures, human rights, privacy, Law

Abstract

The legal mandate for taking secret interception measures has increased. Law enforcement agencies can now not only monitor the communications of individuals when they are suspected of a crime. Secret interception measures can be taken before a crime is committed, if there are vague signs that an individual could perhaps commit a crime. This progress in preventive direction is a cause of internationalization, social and technological development and increased organized crime and terror. Therefore, the state and the public have a strong interest in gaining access to an increased amount of data. However, these coercive measures constitute an infringement of the individual's interest in privacy and protection of privacy. In this paper, based on a legal dogmatic method, the relationship between the rule of law security guarantees, personal integrity and crime prevention is analysed. The paper finds that it is important for both the individual and the state power that the legislature carefully considers whether a breach of personal integrity is justifiable. Moreover, some aspects of preventive use of coercive measures are of greater importance than others. These include the requirements for the functioning of the legislation in a democratic society, the precision and predictability of the law, as well as the existence of independent review, control and protection against abuse. A regulation without these requirements could lead to negative legal consequences and both mistrust and insecurity among citizens.

Published

2020

46. Comparison of Cuckoo Hash Table and Bloom Filter for Fast Packet Filtering Using Data Plane Development Kit

Author

Karlo Slovenec, Lucija Petricioli, Ivan Sicic, Miljenko Mikuc, Begušić, Dinko, Rožić, Nikola, Radić, Joško, and Šarić, Matko

Subjects

Hardware_MEMORYSTRUCTURES, cuckoo hash, bloom filter, packet filtering, Data Plane Development Kit, lawful interception, Computer science, 020302 automobile design & engineering, 020206 networking & telecommunications, Context (language use), 02 engineering and technology, Bloom filter, Cuckoo hashing, 0203 mechanical engineering, Computer engineering, Lawful interception, Packet analyzer, 0202 electrical engineering, electronic engineering, information engineering, Forwarding plane, Table (database), Cache

Abstract

This paper presents a performance comparison of the cuckoo hash table and Bloom filter for packet classification with application in packet filtering with emphasis on lawful interception systems. Alongside enabling fast packet capture on commodity hardware, Data Plane Development Kit offers those methods already implemented in its library. We have chosen the cuckoo hash table as an exact classification method and the Bloom filter as a space-efficient probabilistic method that should have a better cache utilization and therefore more viable usage in performance critical systems, but allows false positive results. The execution time and memory requirements of the two methods are compared to determine whether the performance benefits of using a probabilistic method outweigh its drawbacks, and in which context those benefits arise.

Published

2019

47. Requirements Analysis Required--Otherwise Targeted Monitoring Enables Pervasive Monitoring

Author

Stephen Farrell

Subjects

Ubiquitous computing, General Computer Science, business.industry, Computer science, Interoperability, Internet privacy, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Computer security, computer.software_genre, 020204 information systems, Lawful interception, 0202 electrical engineering, electronic engineering, information engineering, The Internet, business, Requirements analysis, computer

Abstract

Lawful interception was developed in a closed manner and is usable for pervasive monitoring, which the Internet community has deemed an attack. Further developing lawful interception technology is therefore counter-productive unless accompanied by an open re-evaluation of targeted monitoring requirements assigning equal priority to requirements for security, privacy, and Internet-scale interoperability.

Published

2016

48. Extracting Suspicious IP Addresses from WhatsApp Network Traffic in Cybercrime Investigations

Author

En-Cih Chang, Da-Yu Kao, and Fu-Ching Tsai

Subjects

Network forensics, Computer science, Network packet, business.industry, Law enforcement, ComputingMilieux_LEGALASPECTSOFCOMPUTING, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Cybercrime, Lawful interception, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, The Internet, business, computer

Abstract

Sniffers are among the commonest approaches for capturing network traffic activities and collecting digital evidences in cybercrime investigations. The ubiquity of instant messaging (IM) apps on smartphones has provided criminals with communication channels that are difficult to decode. Moreover, investigators and analysts of cybercrimes are encountering increasingly large datasets. To combat criminal activity, law enforcement agencies (LEAs) often rely on call-record analysis. In this paper, cybercriminals are investigated by network forensics and sniffing techniques. Retrieving valuable information from specific IM apps is difficult because the criminal’s IP address records are not easily recognisable on the Internet. Here, a criminal’s identity is located more effectively by a packet filter framework that isolates the WhatsApp communication features from huge collections of network packets. A rule extraction method for sniffing packets is proposed that retrieves the relevant attributes from high-dimensional analysis based on geolocation and a pivot table. The utility of this methodology is illustrated on real-time network forensics and a lawful interception system in Taiwan. The methodology also meets the ISO/IEC 27043:2015 standards of fear, uncertainty, and doubt avoidance. Besides supporting LEAs in discovering criminal communication payloads, prosecuting cybercriminals and bringing them to justice, it improves the effectiveness of modern call-record analysis.

Published

2019

49. Improving Lawful Interception in Virtual Datacenters

Author

Tobias Eggendorfer, Daniel Spiekermann, and Jörg Keller

Subjects

business.industry, Computer science, Network packet, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, computer.software_genre, Virtualization, Virtual network interface, Virtual machine, Server, Lawful interception, Packet analyzer, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer, Computer network

Abstract

The rise of cloud computing led to the need for highly flexible and dynamic infrastructures, which are able to handle a variety of different applications, the accruing big data and the requests of various customers simultaneously. By the use of virtualization modern datacenters provide an environment for cloud computing infrastructures. In these environments hundreds of thousands of physical servers host hundreds of thousands of virtual machines. This huge number of involved systems as well as additional virtual layer inside these environments impede lawful interceptions and network forensic investigations, which are performed to wiretap a suspicious system. Without any constraints, all phases of a network forensic investigation are faced with arising challenges like access and packet capture of virtual network interface cards, record the captured packets on hardware devices or the subsequent analysis of encapsulated network packets. Due to the huge number of relevant systems, the investigation gets inflexible and slow, which prevents a valid and usable wiretapping of a suspicious system. In this paper we propose an improvement of the packet capture process, which in turn enhances the recording and the subsequent analysis of the lawful interception. By reducing the number of relevant physical servers the number of involved hosting servers is decreased. In combination with further information of the virtual environment an enhanced process is possible, which ensures a valid lawful interception of the relevant network traffic.

Published

2018

50. Defeating the Downgrade Attack on Identity Privacy in 5G

Author

Kimmo Järvinen, Valtteri Niemi, Philip Ginzboorg, Mohsin Khan, Cremers, Cas, Lehmann, Anja, Department of Computer Science, Doctoral Programme in Computer Science, Helsinki Institute for Information Technology, University of Helsinki, Department of Communications and Networking, Aalto-yliopisto, and Aalto University

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer science, education, 0211 other engineering and technologies, 02 engineering and technology, Pseudonym, Identity privacy, Computer security, computer.software_genre, Public-key cryptography, 020204 information systems, Synchronization (computer science), 0202 electrical engineering, electronic engineering, information engineering, 3GPP, IMSI catchers, 021110 strategic, defence & security studies, business.industry, 113 Computer and information sciences, Downgrade attack, User equipment, Lawful interception, Identity (object-oriented programming), business, Cryptography and Security (cs.CR), computer, 5G, conference

Abstract

3GPP Release 15, the first 5G standard, includes protection of user identity privacy against IMSI catchers. These protection mechanisms are based on public key encryption. Despite this protection, IMSI catching is still possible in LTE networks which opens the possibility of a downgrade attack on user identity privacy, where a fake LTE base station obtains the identity of a 5G user equipment. We propose (i) to use an existing pseudonym-based solution to protect user identity privacy of 5G user equipment against IMSI catchers in LTE and (ii) to include a mechanism for updating LTE pseudonyms in the public key encryption based 5G identity privacy procedure. The latter helps to recover from a loss of synchronization of LTE pseudonyms. Using this mechanism, pseudonyms in the user equipment and home network are automatically synchronized when the user equipment connects to 5G. Our mechanisms utilize existing LTE and 3GPP Release 15 messages and require modifications only in the user equipment and home network in order to provide identity privacy. Additionally, lawful interception requires minor patching in the serving network.

Published

2018