network packet reconstruction technology for computer forensics and information security

DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany

Network Packet Reconstruction Technology for Computer Forensics and Information Security

Decision Group’s Core ValueCasper Kan Chang/ CEO


2. Network Forensics

3. Cell Phone / PDA Forensics

Digital Forensics Categories …

Data recovery

Password recovery

Analysis Software

1. Computer Forensics


Network forensics is the next step of network security !!

General

95 % of security breaches are internal

5% of security breaches are external

Company

Internal data leakage exploits information security from within the firewall by trusted users

Virus, Attack Hacker

from External


Network Packet Reconstruction Technology 1. Packets Captured ( Sniffer from Wire, Wireless, HTTPS/SSL).2. Packets Organized.3. Playback (Reconstruction ).4. Saved to database .

Sniffer

Packets Organize PlaybackSaved to Database


Core Values of E-Detective Product Series

Product + Price + Ability + Training Service = Values

The most complete product series and solutions for network packet

reconstruction in the world.

Supports network forensics and information security

auditing standards.

Value priced

Continued product development and updates for new and changing

network protocols.

Worldwide awards.Excellent and responsive professional customer service.

Software & hardware customization.

Supports most protocols under high network traffic globally.


Complete Solutions for Cyber Forensics

• Wired packet reconstruction.• Wireless (802.11 a/b/g/n) packet

reconstruction• HTTPS/SSL interceptor• Off-line packet reconstruction• VOIP packet reconstruction• Lawful Interception Suite• Packet Reconstruction Development

Toolkit (DTK)• E-Detective Decoding Centre• Enterprise Data Guard System

We Provide a Full range of Software, Training and Hardware Solutions for Network Forensics and Information Security

• Central Management System• Data Retention Management System• (FIT) Forensics Investigation Toolkit • (NIT) Network Investigation Toolkit• iMonitor• iWarrant• iMediator• E-Detective Decoding Centre• Cyber forensics training programs for LI,

Cyber Intelligence, and Protocol Analysis


Supports Most Internet Protocol Reconstruction, a Cyber Forensics and Information Security Requirement

• Email : POP3, SMTP, IMAP with attach files.• Web Mail : Yahoo Mail, Gmail, Windows Live Hotmail, Hinet, Hotmail Standard, PCHome, URL, Giga,

Yam, Sina, Seednet, mail.tom.com, mail.163.com, Sohu.com, Gawab.• Instant Messaging : Yahoo Messenger, Windows Live Messenger (MSN), IRC, ICQ, UT Chat Room, Gtalk,

Yahoo Web Chat, MSN Web Chat, Skype Voice Call Duration Log. • File Transfer : FTP Upload/Download, P2P File Sharing ( BitTorrent, eMule/eDonkey, FastTrack, Gnutella

) • VoIP : SIP, RTP Voice Sessions (Supported Codecs includes G.711, G.726, G.729 and iLBG).• Video Streaming : Youtube, Metacafe, Google Video and Request.• HTTP : Link, Content, Reconstruction, Upload and Download.• Online Games : More then 70+ Online Games word wide.• Skype : Text Chat Recording.• Telnet : Play back• Social Network Service: Facebook, Twitter, Plurk• Mobile Devices: APP & Web Services on iPhone and Android, (BYOD)• Other : Upon Request.

More than 180 Internet Service Decoders


Off-line packet reconstruction product launched.

Assisted in the course development of the Central Police University Network Security Forensics training material.

R&D in Computer Forensics and Information Security with 13 years experience

20002002

2004

2006

2007

2009

The first Wired Network Forensics product is launched in Asia.The first Wireless Network Forensics Product is Launched.The first HTTPS/SSL interceptor is launched.E-Detective became part of the Coast Guard Digital Forensics SOP.

2010

2011

2012

2013

Data Retention Management System and 10Gb E system launched

ETSI Compliant E-Detective/LI system with IMS for Telecom launched

Central Management System with DRMS for 3-tier infrastructure on large scale distributed network at national level and EDS2 launched

Announced mediation device with fixed and LTE networks for Lawful Interception (LI) deployment.


Continuous Product DevelopmentNext Generation Products

Lawful Interception Suite• iMediator (iMD) - for lawful interception operation as mediation

platform with telecom networks• iMonitor (iWnt, EDDM) – for lawful interception operation as content

reconstruction and monitoring system in LEA Monitoring Center


E-Detective Value-Added Product Applications 1. Internet interception systems by transparent or forward proxy

configuration.2. HTTPS Interceptor is the compliance solution for ISO 27001/ISMS.3. Supports Thin-Client Architecture.

AD ServerLDAP

INTERNET

Terminal Server

proxy connectionproxy connection

HTTPS / SSL E-Detective

sniff


ISP Internet Interception Systems


E-Detective for ISO 27001 / ISMS• E-Detective archives network data, Internet activities and

transactions of the organization IT environment. This recorded data and content is essential for auditing and tracking. E-Detective deployment ensures that these organizations comply with ISO27001 / ISMS standard.

• E-Detective provides complementary functions for network Firewall, IDS, IPS, UTM, SIEM, DLP and other application software for IT security management.


The Achievement of Scientists Changed the World

Galileo Galilei

The Father of Modern Science

Louis Pasteur

The Father of Microbiology

Thomas Alva Edison

The Inventor of the Long-lasting Practical Light Bulb


Edison’s achievement came from his spirit of not allowing setbacks to lead to failures. With this courage and endless trials, he found answers for all of us .

In the spirit of Thomas Edison, Decision Group implemented its forensics technology development. With sustained trials and experiments we have developed the latest in forensics technology over the past 13 years.

Thomas Alva Edison The Inventor of the Long-

lasting Practical Light Bulb


Customer List

1. Law Enforcement –Taiwan CIB / MJIB, Malaysia, …2. Financial Business – TSEC, CTFI …3. Corporation – Foxconn, Acer, PC-home …4. Education - Chung Yuan Christian University … …5. OEM – Broadweb, nForce, PCI, Guardian … …6. ODM – GIZA … … 7. Distributor / Reseller – HTCI, ST, PCS, … …

More than 6000 installations worldwide !!

For network forensics and information security audit needs !!


We are constantly searching for… ...

Qualified and Committed Business Partners –

ResellersDistributorODM/OEM Cooperation …


Decision Computers believes in a Win-Win with their Partners

• Build benefits and cooperation.

• Expand business opportunities

• Share profits


About Decision Group Established in 1986 with 27 years experience in IT industry.

Strong R&D Capability :

40 Professional Engineers with 3 PhD and 7 Masters degrees

25 manufacturing engineers

Sales: US$ 6.2M in 2012. Headquarters : Taipei, Taiwan Germany, Hong Kong, Japan, Egypt, Zimbabwe, Canada, China

Global Presence

Address: 4/F No. 31, Alley 4, Lane 36, Sec.5, Ming-Shan East Road Taipei, Taiwan, R.O.C .Phone No : +886 2 2766 5753 Fax No : +886 2 2766 5702E-Mail : [email protected] Url: www.edecision4u.com

network packet reconstruction technology for computer forensics and information security

Documents