Internet access is conducted by more and more mobile devices, because broadband wireless technology has been delivered more and more successfully by telecom service providers over the entire world. Now ubiquitous link with cyber world is part of our daily life. Every netizen can enjoy the diversity of thoughts and convenient services brought by others.
Though 3G or LTE is the major technology used for broadband wireless communication, lots of mobile users still like to use Wi-Fi link for accessing Internet. The reason behind is obvious that there is significant cost difference and instant bandwidth availability. Most mobile network service providers also provide both wireless services (3G and Wi-Fi) to their subscribers in the major metropolitan area for the convenience of network accessibility.
Of course, there is dark side at the corner of this colorful cyber world from the greedy nature of our humankind – cybercrimes. In order to have effective way to prevent such crime, LEA staff must target at such ubiquitous communication of cybercriminal links. For LI implementation on 3G networks there is a standard way commonly deployed from mediation device in telephony center for target traffic collection to backend systems in LEA monitor center for data analysis during investigation operation.
For LI implementation on public Wi-Fi network, the situation is somewhat different from that of 3G network. The service network is quite similar with that of fixed network system. On the other hand, the major issue is that Wi-Fi network lacks of good QoS mechanism, compared to its counter 3G networks, in radio access network segment. That’s why it is really hard for LEA to collect complete target traffic from core service wired network systems. Practically police officer usually likes to conduct LI operation by intercepting target Wi-Fi link between target device and Wi-Fi AP directly.
Wi-Fi link is based on wireless RF communication at 2.4GHz HF or 5GHz SHF, and highly bound to the physical nature of RF wave distribution, i.e. interference by background noisy, reflection of building and foliage or surrounding electromagnetic effect. When police officer conducts LI operation on Wi-Fi link, the major issue is also the hit rate of RF collection. If there is only 80% of RF collected for Wi-Fi link interception, it will be probably only 60-70% of data packets collected. Back to content reconstruction, it is only less than 50% of reconstructed content available. Of course, it will impact the final result of crime investigation.
“We fully understand the real situation of LI operation on Wi-Fi network,” said Casper Kan Chang, CEO of Decision Group “and we have developed some effective ways to enhance the RF signal quality in the field of wireless data collection by police officers for the past ten years.”
There are two major ways adopted by Decision Group Wireless Interceptors: one is through high gain antenna deployment, and the other is through multiple distributed systems deployed in different geological points in order to maximize the hit rate of RF collection.
Normally the antenna used for ordinary Wi-Fi communication is within the range of 3dBi to 5dBi by the distance of 30-50m. It is good for interception indoors; however, when conducting interception in open space or outdoors, such as city square, it may not be enough. So, high-gain directional antenna with above 8dBi and power supply should be used for better quality of data collection . Decision Group also provides recommended high-gain antenna equipment for customer demand by fully tested as options. By such high gain antenna, the hit rate of RF collection can be significantly increased in most of environment.
In few severe environments, for example, power plant nearby or reflection of building, high-gain antenna may not be the best solution for RF collection. Multiple distributed point deployment will be the best choice for RF data collection. Decision Group R&D team develops the mesh topology technology in such multiple distributed deployment for ultimate quality of RF collection.
There are two ways for multiple point deployment: one is the adoption of multiple (2-4 sets) Wi-Fi adaptors deployed in one system, and the other is for multiple distributed system deployment.
By the former way, system can enhance the receiving signal quality within the cell of 10-30 meters.
By the latter way, police officers can deploy at least 2 or 3 sets of frontend DG Wi-Fi interceptors in different corners of “cell” in the distance of 50-80 meters to collect all target RF signals, and consolidate all collected data into one centralized system for purgation of data redundancy and content reconstruction. By this way, the hit rate of RF data can reach to 100%, whereas the integrity and completeness of reconstructed content can be guaranteed for crime investigation. This unique technology provided by Decision Group is now under patent protection worldwide.
In Decision Group Wi-Fi interception product portfolio, there are 2 products for different police demands: one is Wireless-Detective (WD), and the other is Network Investigation Toolkit (NIT). Both are widely adopted by LEA in different countries.
Wireless-Detective is designed for police officer in LI operation on Wi-Fi network only. As mentioned above, it can be deployed standalone or by distributed deployment with multiple systems. Besides, it also can be used for wireless offense weapon – RF forbidder against foreign intruder through over-spilling RF to secure WLAN. In some countries, where interception on HTTPS traffic is not allowed by law, WD will be the best choice for police officers for crime investigation.
Network Forensic Toolkit is very unique solution for LEA staff to conduct LI operation in different environments, so it is designed with the capabilities of both wired and wireless interception. By such dual interception capabilities, it is the best tool for police or intelligence officer to carry out multiple missions of data collection in the case. On the other hand, it can also intercept HTTPS content service by Man-in-the-Middle attack on both wired and Wi-Fi networks. It is the hottest weapon for LEA staff in the field for crime investigation and intelligence collection.
Fig 1. Example of NIT deployment in the field
Both WD and NIT can decrypt WEP protected Wi-Fi traffic by itself automatically or manually. For Wi-Fi traffic by WPA-PSK and WPA2-PSK key protection, Decision Group also provides the powerful computing WPA Cracking System in the backend. The WPA Cracking system is equipped with 2-6 units of GPU for computing resource in key-cracking process by special decryption algorithm. Upon receiving the WPA beacons from frontend WD or NIT system, it will initiate the key cracking process to acquire the WPA key in short time, and send it to frontend wireless interceptor.
Fig 1. Example of NIT deployment in the field
Both WD and NIT systems are the official Wi-Fi interceptors in many countries all over the world for investigation on cybercrimes, drug and human trafficking, and terrorist activities. By both tactic systems in the field, police officers can easily find the criminal evidence and catch target suspects red-handed.
If you want to know more about WD and NIT, please also check out our website: http://www.edecision4u.com for more product sales, technical and service information. Wherever you are, if you need more information about our products and services, please contact with decision@decision.com.tw. We’ll be glad to give you our utmost support service.
Decision Group has launched Network Investigation Toolkit (NIT) since 2010, and it has been adopted by more than few thousands of customers around the world. For the past 5 years, along with advance of wireless network technology, Decision Group NIT was also upgraded for those existing clients year by year. Now Decision Group provides a new version of NIT 2.0 for customers. In this new version, Decision Group enhances the capability of wireless RF and HTTPS interception as well as more friendly user interface for operation and administration. The target intercepted online service list has been expanded from common web services into popular mobile APPs, whereas more statistic reports on online traffic situation are available for user reference during operation. The most important improvement is the enhancement of system performance by a totally brand new core protocol analysis engine.
For new version of NIT 2.0, Decision Group has tested it in early adoption customer site for more than 6 months. Now it is available with great maturity. If you are interested in this new product or you want to upgrade your current NIT system to the new version, we welcome for your request. Please contact with decision@decision.com.tw or you may check out the URL: http://www.edecision4u.com. We will answer for your request upon receiving it.
About Decision Group, Inc.
Decision Group is a company focused on worldwide renowned DPI application of E-Detective. Decision Group, established in Taipei, Taiwan since 1986, is one of the leaders in manufacturing of PC-Based Multi-Port RS232/422/425 Serial Cards, Data Acquisition & Measurement Products and Industrial Automation and Control Systems.
Decision Group, in the year 2000, started a new line involved in designing and developing equipment and software for Internet Content Monitoring and Network Forensics Analysis Solutions. Now, Decision Group has positioned itself as a total-solution provider with a full-spectrum of products in its portfolio for network forensic and lawful interception.
More Information and Contact by Email: decision@decision.com.tw
URL: www.edecision4u.com (Global), www.internet-recordor.com.tw (Taiwan), www.god-eyes.cn (China), www.decisionjapan.com (Japan) ,
www.e-detective.de (Germany), www.edecision4u.fr (France), www.edecision4u.es (Spain and Latin America) |