Complete Intelligence Gathering Solutions
MASS - Monitoring All Systems Simultaneously
The MASS interception system provides mass and target interception, filtering and analysis functionality to Government Agencies, such as Intelligence Organizations, National Security Agencies and SIGNIT units. MASS delivers sophisticated technology for selectively collecting maximum communication content and metadata as well as real time filtering mechanisms that distil essential information from the large volumes of intercepted data. As part of its mass interception solution, MASS enables Government Agencies to retroactively analyze data to generate timely and critical intelligence. MASS‘s unique technology is specifically designed to provide Government Agencies with the following benefits:
Passive Monitoring on all Network Types
MASS provides simple and flexible connectivity to communications networks. From a single platform, MASS supports passive, non-intrusive monitoring of a wide range of network types, including landline, mobile and IP. Interception points vary and include the premises of the communication service provider as well as off air interception of satellite communications and microwave networks. Utilizing probe based techniques: MASS supports a high number of inputs for the interception ensures that the monitoring is undetectable by any device connected to the network and transparent to the subscribers.
An outstanding volume of traffic is analyzed and process at network speed by employing a combination of uniquely designed dedicated network processors and flexible software for applications decoding and filtering.
Total Intelligence Solutions
Terrorists, criminals and other entities to Government Agencies invest immense efforts to avoid exposure, and conceal their communication make sure of intermediaries and hidden networks raising obstacles to traditional investigation practices. Target interception collects valuable communications of known suspects and entities. It filters communications according to combinations of parameters such as phone numbers, email addresses, VoIP identifies, network parameter, keywords, and so on. Intercepted communications are monitored and evaluated in real time enabling Government Agencies to combat crime and thwart terror activities in advance. MASS interception methodology greatly expands the intelligence picture by potentially intercepting all network communications. The following figure provides workflow and explanation.
1.System administrator creates targeted users and assigns filters
2.Targeting is done by creating filters to collect communications (email, keywords, chat, user, etc)
3.Communications are decoded, processed and indexed
4.Communications is stored.
a.Communications that are filtered are sent to be analyzed by the administrator and/or monitoring in near real-time.
Alerts are routed to the authorized personnel to view, playback, evaluate the communications allow for actionable
intelligence as events occur.
b.To identify unknown elements and clues hidden in the communication the administrator can perform queries with
keywords, chats, email sessions, attachments, etc.
5.MASS quickly searches current and historical data for matches. Result sets show all matches for the query. The
administrator can assign multiple Analysts to review queries simultaneously.
6.Result sets are analyzed with multiple interactive analysis and visualization tools. Each analysis produces a new
result set that can then be analyzed by another tool to further refine your search or draw intelligence conclusions.
This process continues in a loop until MASS finds the needed intelligence.
7.New information leads are found during the analysis. These leads become new targets for interception.
8.Information relevant to current investigations that results from the analysis is forwarded to the administrator for
Throughout an investigation, investigators are exposed to large amounts of intercepted information each with various levels of urgency. MASS plays an important role in assisting investigators to identify urgent events as they occur. A choice of alerts is available which includes configurable workstation notifications, SMS messages and the delivery of the actual intercepted communications to the mobile phone of a field agent.
Analysis and Visualization Tools
To find “hidden” information MASS decodes, extracts, indexes and analyzes every bit of metadata and intercepted information. Its suite of analysis and tools gives investigators the power to exploit every intelligence lead. Investigators can handle multiple analysis cases simultaneously, allowing them to perform data mining activities such as cross referencing and automatic intersections between result sets and investigations.
ØPowerful Search Queries - rapidly searches through the entered database for specific information according to any metadata field and keyword combination. This tool is especially critical whenever there are huge amounts of data and speed it vital.
ØText Mining - searches broach content with advanced linguistic capabilities such as grammatical inflections of keywords, synonym, phonic and typing sensitive queries that together radically improve the success rate of any query or search
ØText Categorization - retrieves textual information, according to user defined categories topics, to expose valuable information and spot new individuals involved in specify cases or fields of interest to the Government Agency.
ØSpeech Analysis - filters, categorizes and prioritizes target intercepted communication according to specific speech characteristics, such as language identification, speaker verification and audio content.
ØAnalysis Reports - enable investigators to analyze stored information to reveal communication characteristics and distribution, patterns and trends, while creating effective and meaningful intelligence statistics
ØVisual and Location Analysis - reveals networks and relationships among seemingly unconnected entities along with geographical information.
MASS analysis Flow - An example
The diagram below shows how the integrated analysis tools can be used to effectively uncover possible suspects in tow separate bombings, one in London and the other in Saudi Arabia.
1.An analyst create two queries, on query for the words “bomb”, “train” and “London” and one query for the words
“bomb” “train” and “England”. The queries are defined for up to 6 months before the date of the bombing.
2.Results include all the Communications that match the query parameters.
3.Geo Location Analysis reveals the Communications that originated from Riyadh and London and therefore reveals the
people present at the locations at the time of the bombing.
4.Cross Query data mining shows which people were present in both the London and Riyadh bombings.
5.The Visual Link Analysis reveals that the following:
a.An identity that communicated with a known terrorist in the Al Qaeda organization. This identity becomes a prime
suspect in the investigation.
b.Identities that communicated with the prime suspect. These identities are now potential accomplices and new
target interception filters are created.
c.Which communication amongst the vast volumes should be opened and reviewed. Until this time only the metadata
has been analyzed.
To find a needle in the haystack, and to reveal and optimize the intelligence hidden in the vast amounts of
collected information, GSS specialist decodes, extracts, indexes and analyzes all collected data and information. Our powerful software then rapidly searches through the entire database for specific information according to any metadata field and keyword combination. This tool is especially critical whenever there are huge amounts of data and speed involved.
Robustness and Security
Security is an essential component of the overall design and use of MASS. The system contains security measures and mechanism that guard against external penetration and unauthorized internal usage. In so doing, it protects the confidentiality and controls access to sensitive stored information. Security measures include physical segregation, firewalls, virus protection and terminal server-based isolation quarantine, together with extensive authentication, authorization, and auditing controls. The systems can be deployed to be redundant confirmation that performs load balancing and backups for recovery of information.
Scalability and Modularity
In addition to giving Government Agencies a comprehensive solution that includes target interception and mass interception, MASS is flexible and scalable design enables to enlarge the system according to evolving needs. It is possible to initially install only a target interception solution with the intention of install the MASS interception solution later or vice versa.
The MASS architecture offers future growth while maintaining superior performance through scaling out. Rather than replacing existing hardware with stronger machines, MASS can load balance between inexpensive off-the-shelf servers that can be easily added as the need grows. This upgrading strategy preserves the customer’s existing investment and eliminates the need for complicated upgrade procedures and costly components.