The ability to ingest and analyze an unlimited range of data sources is a key requirement for a modern lawful intelligence practice. The data may include lawfully intercepted communications and location information, human and open-source intelligence, or any number of other data feeds. Lawful intelligence platforms must be able to collate these sources in a centralized repository and provide APIs for seamless analytics.
These databases can be extraordinarily large and diverse, and analytics might be required on a specific target in near real-time or using asynchronous batch processing. The number, size, and complexity of these operations can strain traditional monitoring centers, which are limited by monolithic, on-premises system architectures. SS8 improves on this using modernized software services and architectures that are built to be flexible and scalable.
Next-generation law-enforcement monitoring facilities (LEMFs), also known as High-Density Monitoring Centers, require the ability to take in massive data, normalize it, interpret it, and provide tools, visualizations, and navigation options that enable analysts to derive investigative insights and build patterns of life efficiently and effectively.
Curating High-Volume Data
Typically, a large proportion of a subject of interest’s internet traffic is irrelevant for the purposes of investigation. Small but important pieces of evidence tend to be obscured within huge data sets. While it can often take powerful analytics to hone in on a specific target, , some proportion of low-value traffic can be filtered out with very little heavy lifting by the LEMF.
SS8’s Intellego XT assists law enforcement in this area with a capability known as Packet Header Information Reporting (PHIR). For example, as much as 80% of a target’s intercepted internet data consists of encrypted video from streaming services such as Netflix or Hulu. Typically, the encrypted content itself is of little or no investigative value, so Intellego can be configured to identify and report it to analysts yet exclude it from more detailed analytics, if so chosen – allowing the platform to focus instead on how much data was consumed over how much time, for example. PHIR services are available in the SS8 platform itself as well as in a containerized microservice or “grey-box” for law enforcement agencies (LEA) that have not yet adopted SS8 more broadly but want to reduce overhead.
In addition, when many intelligence feeds, especially those including large files such as surveillance videos from public facilities, are combined, they can quickly generate untenably large data volumes. Retrospective analysis of video can require a prohibitive number of analyst hours. SS8 addresses that challenge by integrating third-party batch analytics via APIs that can, for example, systematically and automatically locate everyone wearing a red jacket on an airport surveillance video in a defined time.
Cloud-Native Elastic Capacity
The types and volumes of data that lawful intelligence must address continues to grow, as does the sophistication of the analytics applied to it. But monolithic lawful intelligence platforms have limited scalability to address this growth because they are limited by the on-premises resources available. SS8 has built a cloud-native microservices architecture from the ground up to capture the efficiency and elasticity advantages of cloud computing, including full Kubernetes orchestration. Deploying microservices in containers enables them to be spun up and down as needed, using public cloud infrastructure for open-ended scale and the most appropriate instance for a given function.
In the context of a high-density monitoring center, a microservices architecture enables SS8’s Intellego XT to ingest and process packets at line rate, regardless of volume. It also helps ensure interoperability with software from other vendors. Therefore, for example, Intellego can provide a single pane of glass view that integrates geographical services such as ESRI within elements of the lawful intelligence environment such as text, location, metadata, voice, video, and more, mapping it all in a visual format to help analysts gain investigative insights.
Advanced Data Handling for LEMF Density
SS8 constantly updates its platform’s capabilities for emerging technologies and data sources. For example, SS8 is at the forefront of accommodating Video over LTE (ViLTE), a video call technology that is expected to become prevalent in the next few years.
Building a pattern of life for a subject of interest requires stitching together information from a range of siloed databases. To determine that a subject drove their car, made a phone call, and carried out an ATM transaction in a single morning often requires manually cross-referencing several data siloes, each with its own isolated interface. Intellego XT provides a data fusion layer that can combine lawful interception content, bank records, number plate readers, open-source intelligence, and more into a cohesive whole that can be queried by the LEA.
SS8 also offers an enhanced protocol extraction engine (ePXE) for big data analysis of encrypted information. For example, metadata generated by an online banking transaction may reveal a previously unknown bank account in a foreign country. Law enforcement might then pursue legal authorization to examine those bank records to further inform their pattern of intelligence about the subject, supporting richer investigations.
With Intellego XT, LEAs can ingest and analyze vast volumes of data from disparate data sources and leverage powerful analytics and third-party feed and applications with minimal on-premises resources or processing overhead, helping investigators solve crimes faster.
About David Anstiss
David Anstiss is Director of Solution Engineering at SS8 Networks. He has been with SS8 since 2015 and has significant experience in critical network architecture technology and advanced data analytics. He currently works as part of the Technical CTO Group under the leadership of Dr. Cemal Dikmen and is responsible for leading engagement with both intelligence agencies and Communication Service Providers (CSPs) around the world. He has been instrumental in helping them transition to 5G, defining system requirements to meet regulatory compliance. As a member of ETSI, he represents SS8 to ensure the adoption of cloud-native infrastructure is met with industry best practices and to guarantee that compliance of lawful interception is maintained. Learn more about David here on his LinkedIn profile.
About SS8 Networks
As a leader in Lawful and Location Intelligence, SS8 helps make societies safer. Our commitment is to extract, analyze, and visualize the critical intelligence that gives law enforcement, intelligence agencies, and emergency services the real-time insights that help save lives. Our high performance, flexible, and future-proof solutions also enable mobile network operators to achieve regulatory compliance with minimum disruption, time, and cost. SS8 is trusted by the largest government agencies, communications providers, and systems integrators globally.
Intellego® XT monitoring and data analytics portfolio is optimized for Law Enforcement Agencies to capture, analyze, and visualize complex data sets for real-time investigative intelligence.
LocationWise delivers the highest audited network location accuracy worldwide, providing active and passive location intelligence for emergency services, law enforcement, and mobile network operators.
Xcipio® mediation platform meets the demands of lawful intercept in any network type and provides the ability to transcode (convert) between lawful intercept handover versions and standard families.
To learn more, contact us at info@ss8.com.