Transcript E-DETECTIVE - Decision Group, Inc.

Network Forensics and Lawful Interception
Total Solutions Provider
E-Detective
Wireless-Detective
E-Detective Decoding Centre
E-Detective LEMF
Data Retention Management System
HTTPS/SSL Interceptor
VoIP Detective
FIT (Forensics Investigation Toolkit)
NIT (Network Investigation Toolkit)
Network Packet Forensic Analysis Training
Cyber Crime Investigation Training
DECISION GROUP INC.
E-Detective
LAN Internet Monitoring & Forensics Analysis System
Solution for:
• Auditing and Record Keeping with ISO 270001, SOX, HIPPA…etc
• Internet Monitoring/Network Behavior Recording
• Forensics Analysis and Investigation for LEA
Most Advanced Device for Data Leakage Protection,
Lawful Interception and Network Forensic
DECISION GROUP INC.
Wireless-Detective
WLAN Analytics/Forensics/Legal Interception System
• Support Wireless LAN
802.11a/b/g /n Scanning &
Packet Capturing
• Automatically WEP Key
Cracking (WPA Optional
Module)
• Decode and Reconstruct
WLAN packets
• Capture/Decode/Display
are All-in-One
Important Tool for Lawful Enforcement Agencies such as Police,
Military, Forensics, and Enterprise Auditing and Legal Department.
The Powerful Smallest Forensic Device in The World
DECISION GROUP INC.
E-Detective / Lawful Enforcement
Management Facility
• Major Functions:
– As a lawful interception system for parsing pcap file
format or raw packet data stream from frontend
mediation platforms or broadband service routers
– Decoding all data packets associated with protocol based
on service port number and session
– Saving un-decoded data into specified directory in pcap
format
– Output decoded data into database and associated
multimedia files with XML description files in predefined
way
– Compliance with ETSI TS 101 671 and ETSI ES 201 671
High Performance Passive LI Platform compliance
with ETSI Standard
DECISION GROUP INC.
Data Retention Management System

Data Retention Management System (DRMS) is designed for viewing
Backup ISO Data centrally from multiple E-Detective Systems.

Provides a User Friendly GUI. Easy to import (mount ISO) and view the
Backup Content especially for large amount of Backup ISO Files.

Capable to mount and view multiple Backup ISO Files at the same time.

Works with E-Detective system for Auto FTP Backup function. Allow
Auto Backup ISO File in E-Detective to be stored in Backup Server.

Search and Advance Search functions provided to search into Backup
ISO Content or specific Backup ISO Content.

Easy Management of Backup ISO Files.

Integration with 3rd party data mining or link analysis system
Large Volume Data Manipulation and Centralized Data Processing
with 3rd Party Analysis System
DECISION GROUP INC.
E-Detective Decoding Centre
 Designed for Off-line Packet Reconstruction
 Multi-Users and Case Base Management
 Administrator can create different project/case for different
user/investigator to conduct Internet raw data parser and
forensics analysis task on the system
 Various Content of Internet Applications Decoding
 Email (POP3, SMTP, IMAP), Webmail (Yahoo Mail, Gmail, Hotmail
etc.) IM (Yahoo, MSN, ICQ, QQ, UT, IRC, Google Talk, Skype Voice
Call Log), File Transfer (FTP, P2P), HTTP (Link, Content,
Reconstruct, Upload/Download, Video Stream), Telnet, Online
Games, VoIP, Webcam (Yahoo, MSN)
Cutting-edge Offline Decoding Device
DECISION GROUP INC.
HTTPS/SSL Interceptor
• Decrypting HTTPS/SSL Traffic
• Operation Modes
• Network Crack and Redirect - Man in the Middle Attack
• HTTP/HTTPS Proxy
• Certificate Replacement by Customization (optional)
To view encrypted
content,
a key is a needed
The Powerful HTTPS/SSL Cracker for Network Interception
DECISION GROUP INC.
VoIP-Detective
User may opt to purchase the complete
Appliance (Hardware + Software) or only
purchase Software from us. User may use their
own dedicated server for installing the
software.
• Capable to intercept and capture (through
Mirror Mode or Tap Deployment), decode and
reconstruct VoIP RTP sessions.
• Supports voice calls of SIP and H.323.
• Supported CODECS: G.711-a law, G.711-u
law, G.729, G.726 and ILBC.
• Capable to play back the reconstructed VoIP
sessions.
The Appliance for VoIP Cracking System
DECISION GROUP INC.
Forensics Investigation Toolkit
Offline Raw Data Files (PCAP) Decoding and Reconstruction Tool
Solution for:
•
Internet or Network Traffic Content Analysis
(Network Administrator)
• Auditing of Internet or Network Traffics
(Network Administrator)
• Network Forensics Analysis and Investigation
(Government and LEA)
Forensics Investigation Toolkit (FIT)
is a Windows based Application
Software suitable for all group of
users to analyze and forensically
investigate on the content of
Internet/network raw data files
captured.
* Compatible with:
The Powerful Forensic Analysis Tool on Windows System
DECISION GROUP INC.
Network Investigation Toolkit
What are the capabilities of NIT?
•
•
•
•
•
•
•
Interception of Ethernet LAN traffic
through mirror port (or by network
tap).
Interception of WLAN traffic (up to
4 different WLAN channels).
Intercept ion of Ethernet LAN
HTTPS/SSL traffic by MITM attack.
Intercept ion of WLAN HTTPS/SSL
traffic by MITM attack.
Real-time raw data decoding and
reconstruction.
Offline raw data decoding and
reconstruction.
Forensics analysis and investigation.
Solution for:
Lawful Enforcement Agencies
(Police Intelligence, Military
Intelligence, National Security,
Counter
Terrorism,
Cyber
Security, Defense Ministry etc.
Combine ED, WD and EDDC into one portable system
for field LEA agents
DECISION GROUP INC.
Network Packet Forensic Analysis Training
 Introduction to Network Packet Forensic Analysis
Training
This 3 day course utilizes the knowledge of computer
security concepts together with switched network
topologies and gives students hands on practical exposure
to critical knowledge base essential for network forensic
investigations.
 Courses include
 Introduction to Cyber Crime Investigation Process
 Study on Major Network Protocols
 Operation and Administration of E-Detective, Data
Retention Management System, VoIP and HTTPS/SSL
interception
 Practical Case Study and Drills
DECISION GROUP INC.
Cyber Crime Investigation Training
 Introduction to Cyber
Crime Investigation
Training
In order to fight against
rampaging cyber crimes in the
world effectively, you better
understand the nature of cyber
crime, the legal procedure, and
learn the lesson of real cases
from experienced investigators
and experts.
In this course, experienced
speakers
will
introduce
common cyber criminal skill,
how
to
take
investigation,
digital
data
analysis
with
practical case study.
 Courses include
 Cyber Crime with VoIP and
Telecom
 Cyber Crime with Internet
Services
 Legal Processes with Cyber
Crime Investigation
 Methodology of Data
Analysis for Cyber Crime
Investigation
 Weakness of Common IT
Systems
 Workshop on Drills
DECISION GROUP INC.
More Than 180 Internet Application Decoders
Generic E-Mail
Webmail
Instant Message
Web Page
Web FTP
Web Video
File Transfer
Telnet
Asia On-Line Game
VoIP
Social Network
Service
Mobile online
applications
POP3, IMAP, SMTP
GMail, Yahoo, Hotmail, … more than 21
webmail
MSN, GoogleTalk, ICQ, … more than 8 IM
Web Link, Content and Request
Upload/Download
YouTube, GoogleVideo …
FTP, P2P, … more than 20 service
BBS Playback is available
More than 81 game
SIP, H.323 (G.711, G.729, ILIBC)
Facebook, Twitter, Plurk …
iphone, Android …
DECISION GROUP INC.
About Decision Group
 Established in 1986 with 25 year experience in IT industry.
 Strong R&D Capability : 54 Software and Hardware engineers
with 5 PhD. 10 Master Degrees
 Offices: Taiwan, Singapore, China, Canada, Germany, Japan,
Zimbabwe, Hong Kong
Worldwide Business Partnership with
OEM/ODM Partners – LI Solution Provider, DPI Solution Provider,
Network Solution Provider, Security Solution Partner
SI Channels – Network Service Partner, System Service Partner, Telecom
Service Partner, Security Service Partner
Alliances – Consulting Firms, Legal Firms, Training Centers, LEA
•
•
•
Address : 4/F No. 31, Alley 4, Lane 36, Sec.5, Ming-Shen East Road Taipei, Taiwan, R.O.C .
Phone No : +886 2 2766 5753
Fax No : +886 2 2766 5702
E-Mail : [email protected]
URL : www.edecision4u.com
DECISION GROUP INC.