In the past decade, there has been amazing growth in the amount of data available on individuals, their communications, and their patterns of life, but an increasing proportion of that data is encrypted. Web traffic is now almost entirely protected by HTTPS in transit, while 5G networks obscure the identities of subscribers. As a result, lawful intelligence must evolve from its focus on the content of messages and use all available data sources, including metadata, to illuminate the activities of subjects or devices of interest.
Law enforcement agencies (LEAs) today must fill the gaps left due to encrypted message content, and one way is using a growing array of open-source intelligence (OSINT) sources. For example, IP resolvers provide lookup tables that associate static IP addresses with their geolocation, and IMEI databases can identify when specific handsets are being used. In addition, LEAs should leverage data from automatic number plate recognition (ANPR), vehicle tracking devices (VTRs), banks, call data records, and more. This variety of sources has become instrumental to modern lawful intelligence, but to make use of the disparate information sets, data fusion solutions must assume new importance.
Insights from Any and All Data Sources
SS8’s MetaHub enables LEAs to assemble information from any source—including lawful intercept data, OSINT, and various specialized data sets—into a single, coherent data set that can be queried against. MetaHub can be deployed with SS8’s Intellego XT to form a comprehensive platform that ingests and enriches lawful intercept data and offers real-time monitoring with powerful analytics. It can also be deployed in a stand-alone form to ingest data from whatever set of data sources is called for in a given investigation.
Whereas Intellego XT uses a structured schema built to operate using data structured according to industry standards for lawful intelligence, MetaHub is a more flexible backend, extensible to any data structure. This open framework allows different data sources to enrich each other, making each individual source more valuable. Call data records (CDRs) can be enriched with cell tower location to generate a sequence of latitude and longitude locations. MetaHub visualizes these coordinates and can clearly distinguish locations based on the differing data sources that have been ingested into the platform, providing insights about a suspect’s movements and patterns of life – valuable information that could not be built from the simple comma-separated values (CSV) CDR file alone.
Enriching location information also allows MetaHub to define points of population within the coordinates where people are most likely to be present. This approach uses survey data to identify where the most hits to a particular cell tower come from, providing a probabilistic estimation of a subject’s location at a higher granularity than otherwise possible. For example, if a highway surrounded by fields lies in the circular service area of a cell tower, points of population would reveal that the subject of interest is more likely to be traveling on that road than in the surrounding fields without requiring the analyst to zoom-in on it using cell range
Foundations for a Broadened Scope of Lawful Intelligence
MetaHub’s extensible schema is designed to ingest any data structure from any source but is also dynamic enough to accommodate changes to those data sources on the fly. The platform therefore provides the agility to meet the changing demands for lawful intelligence as LEAs investigate individual cases.
SS8 works closely with LEAs to integrate the broadest range of disparate data sources, no matter the file type. These can range from simple CSV files to nested JSON file structures containing object arrays, eliminating the need for the LEA to normalize the data. MetaHub provides the mechanism to build relationships between data sources right out of the box, and SS8 can tailor implementations for specific scenarios by working with customers to define flexible templates that link and enrich different data sets for various usages.
Bringing in large volumes of data from new sources can easily lead to struggles for LEA analysts trying to derive value from them. After assembling perhaps billions of records from various sources, they must understand what is available and how individual pieces relate to each other. Whereas manually analyzing that data is an intractable task, MetaHub gives LEAs the ability to define rules and patterns that automatically associate and enrich the information, revealing fundamental insights that advance investigations by unlocking the hidden value of all available data sources, no matter its size, type, or format. Backed by SS8’s over 20 years of experience leading the lawful intelligence industry, MetaHub is a critical tool for investigators in today’s world of high-speed, encrypted communications.
About Simon Patten
Simon joined SS8 following a 30-year career with British Telecommunications Plc in the UK. For the majority of this time, Simon held senior sales and general management positions working with the defense, security and law enforcement agencies. He led teams selling and delivering a diverse range of solutions, including major national and international networks, computer network defense, and other security-based capabilities. Simon holds a BA in Business Studies and gained his MSC as a Sloan Fellow of the London Business School. You can view his LinkedIn profile here.
About SS8 Networks
SS8, a network intelligence company, provides solutions to help customers quickly identify, track, and investigate devices and subjects of interest. SS8 is trusted by six of the largest intelligence agencies, eight of the fourteen largest communications providers and five of the largest systems integrators.