/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsCommunication Monitoring plays an instrumental role in gathering vital electronic intelligence data needed to restrain terrorism and track other such threats to the security of people, assets and information. As communication and its means, networks and techniques evolve, so does the need for it's monitoring.
Lawful Interception (LI) techniques have come a long way since their inception and are still undergoing radical transformations to cope with the dynamic evolutions in the communication domain.
Today's Networks
With the advent of sophisticated and finer communication options, the complexity and intricacy of the networks has gone up substantially. Today's packet-switched networks operate on very high bandwidth, and offer a host of services to the consumers, thus making their monitoring a bountiful task.
In lieu of the recent developments in the communication domain LEAs (Law Enforcement Agencies) are increasingly having to work with acute limitations on the LI front. This poses ever new challenges for the LI fraternity.
Information BOOM
The outburst of the World Wide Web has revolutionized the way information is shared; today a variety of sensitive information can be secretly made available to the public domain, hence raising an immediate need to check sources of critical information. While blocking such information is a meticulous job, spotting information on the wide cyber space before it reaches the public itself remains a challenge.
A majority of information theft instances and anti-social activities today are allegedly coordinated through Internet-based utilities and other Internet-driven hi-tech communication devices. Mistreating Internet capabilities has in fact become an expert profession in itself and the Internet has become an operational ground for criminals and anti social elements.
As compared to access network surveillance, monitoring of the Internet is more tough and underdeveloped. However, Internet interception is becoming critical as LEAs realize that access network interception is increasingly becoming less relevant. Unfortunately, the common approaches to Internet interception have some fundamental weaknesses, which tends to compromise security, privacy and network reliability. Existing monitoring systems need to be scaled up to deal with the growing complexity of these new and emerging communication paradigms.
Carrier-Class Monitoring Handicap
Carrier-class monitoring gives a wider perspective of the users' behaviors in general, and provides a bird's-eye view for broad analysis. It is instrumental in conducting random investigations through massive filtering of the transported traffic in order to spot unknown users showing suspected behaviors, or while replicating all the traffic generated by a pre-identified target.
But, the real handicap lies in its inability to quickly provide the necessary intelligence as and when required. Conventional monitoring is a time consuming process as it has to go through a mandatory and complex approval process, which may result in loss of critical time and, in turn, vital intelligence.
In certain specialized probe operations which are of utmost importance to national security, provisioning of tactical solutions that operate in stealth mode may be critical, not just in gathering timely intelligence but also in having physical access to the suspect; the matter however is subject to local LI rules and regulations.
High Bandwidth Network Monitoring.
Increase in communication using patterns, a plethora of network-based services, high service awareness and acceptance levels among users, and the growth of new transport data mechanisms has put an unprecedented load on the information transport backbone. Our traditional LI architecture fails to consolidate such a huge rise in data transport.
The need of the hour is to implement enhanced hardware and software architecture that facilitates interception and speedy data capture at high rates, and reconstruction and presentation mechanisms that can do justice to the high network payload.
Cryptography
Cryptography is the art of keeping messages secret by using different theoretical or mathematical methods. Its primary goal is to conceal data to protect it against third-party access by applying encryption. Stronger the encryption, greater the theoretical or mathematical effort required for an unauthorized third party to recover data. Most of the unlawful communications today are reported to be encrypted.
In case of the Internet the luxury of encryption is freely available for all and the operators have a very limited control over the same. This poses an additional challenge on the LEAs.
Coordination among Stakeholders
Since Government, Service Providers and LEAs are driven by varied objectives and serve entirely different purposes in their space, bringing about a synergy in their operations is vital to ensure an effective and efficient surveillance mechanism.
Government equips agencies with interception tools that empower them to conduct selective surveillance operations on a need basis, for collecting crucial information to assist them in critical probes, without putting people's privacy at risk. Government also binds service providers to enforce a system that enables intelligence gathering for security purposes.
The primary objective of the LEA's is gathering intelligence, which holds secondary position in case of the service providers, their primary objective being enhancing revenues by extending a host of value-add services to the consumers.
An ideal surveillance system should take into account such disparities to avoid any conflict of interests and leverage coordination among parties involved to facilitate smooth functioning. At the same time, it needs to streamline and synergize for implementing best-of-the-breed interception practices without affecting network performance.
IP Networks: The Worst Nightmare for LI
Gone are the days when telecommunications were dependent on fixed PSTN networks, transport networks were simple and uniform, the only type of payload transported was voice, interception was possible at any point between the ends, even a plain vanilla solution was sufficient to keep a watch on circuit-switched networks.
Contemporary packet-switched networks are far more complex, are interoperable in nature, carry large amounts of data and deliver a wide range of value added services, They also demand for integration of intelligence information received through a variety of media, hence monitoring them is turning out to be a nightmare.
The extension of voice and multimedia over IP networks has posed mammoth challenges for Service Providers complying with LI standards. Voice and multimedia networks comprise complex topologies and are often deployed with equipment that are devoid of LI capabilities.
A model solution for voice and multimedia over IP networks would offer the scalability and flexibility to handle the high growth rates and traffic volumes of voice and multimedia over IP networks and support the environment associated with these networks.
And Finally..
Till there are ways to exploit the networks, there are reasons to fight the challenges, whether consequential challenges like high bandwidth monitoring or imposed ones like cryptography.
We are yet to come across a technology challenge which is insurmountable and we are yet to produce a solution which is fool-proof. Lawful Interception is a process not a point. The play is still on, and will only keep getting more interesting and evolved.
The author is Chief Architect with ClearTrail Technologies