INTELLIGO:

Blue Light Intelligence & Investigation

Agenda

INTELLIGO: Analysis & Intelligence Companion

Data Fusion & Investigation Support
Open Source INTelligence
Case Study: Law Enforcement Agency
Agenda

INTELLIGO: Analysis & Intelligence Companion

Data Fusion & Investigation Support
Open Source INTelligence
Case Study: Law Enforcement Agency
 The challenge

Identify, prevent, manage and investigate potential threats to national

security or other serious crime in a changing environment

Globally connected
Copyright Selex ES 2015 All rights reserved

community

Highly mobile people, data & Readily available technology

resources providing agility to suspect
individuals and groups Public & private information
sources

Legacy data sources within National capability for sovereign

Increasing volume & diversity of
disparate organisations & interests but ability to collaborate
digital communications
departments internationally

4
 The Answer: INTELLIGO

Databases Gather and retain data from

Government systems & Collect heterogeneous sources
service providers

Search, analyse & visualise this

Analyse & data
Visualise
Copyright Selex ES 2015 All rights reserved

Improve situational awareness,

Intelligence generate actionable intelligence

Open Source Intelligence (OSINT)

Public newsfeeds, web, blogs, social media,
darknet

Environmental Tapping
Audio, Video, Radio Localisation
GIS/Imagery (IMINT) 5
 INTELLIGO our Intelligence Solution

Our INTELLIGO solution responds to this challenge with 4 key themes

Flexible end-to-end information processing capability

Collect, normalise, correlate, search and visualise to gain insight
Copyright Selex ES 2015 All rights reserved

Single, integrated, information platform with multiple views

Right information for the right people at the right time

Intelligent components to enrich and simplify source information

Make best use of skilled analyst effort

Business change and training for an improved operational capability

Establish, transition, sustain and grow

6
 INTELLIGO: Analysis & Intelligence Platform
Reference Architecture

COLLECTION VISUALISATION &

ANALYSIS
REPORT

Customer DBs and

Federate Data Banks (ex. Dashboard
Tax Office, Cadaster) Real Time Stream Processing
Unstructured & Structured Big Data
Copyright Selex ES 2015 All rights reserved

Open Sources Index

Real time
(ex. Deep and Dark Internet, Event Correlation
summary
Social Media) Machine Learning
Semantic Analysis
Sensors Search & Filtering
(ex. Audio ,Video and Phone Explore & Visualize
Input)

Case Management, Workflow Management, Back-end Configuration

Infrastructure: SaaS, On-Premises, Hybrid

7
 INTELLIGO: Collect Main Capabilities

Internet Data Interception Fixed Line Intercept Mobile Network Intercept

OSINT

INTELLIGO: Analysis & Intelligence Platform

Trained operational staff

Equipped intelligence & Integrated Information Integration to existing & ways of working
monitoring facilities Platform databases & systems

Satellite Communications Satellite Imagery

Intercept (Thuraya, INMARSAT) (COSMO-SkyMed) Airborne Intercept Unit Mobile Intercept Units

8
Copyright Selex ES 2015 All rights reserved
 INTELLIGO: Analysis Main Capabilities

Access to unstructured and structured, internal and external

repositories with capacity to importing more than 1000 formats (pdf, office
file, msg, image, audio, Web service, html, social, RSS, ECM, GPS, CDR,
KML, POI, GIS Layer)
Lawful interception global system for management and analysis of
Copyright Selex ES 2015 All rights reserved

information acquired (voice, data, internet, GPS positioning, video

surveillance, etc.)
Call Content Analysis for target identification and correlations,
Transcription)
Video Analysis, Face & Plate Recognition
Semantic Analysis & Pattern Matching Statistic algorithm

9
 INTELLIGO: Analysis Main Capabilities

INTELLIGO innovative approach rests on the combination of different methods:

Probability & Statistics: statistic pattern matching is completely automatic and

Copyright Selex ES 2015 All rights reserved

makes the system fast, flexible, adaptive, and always robust the changes of the
knowledge base

Artificial Intelligence & Linguistics: semantic rules, based on a priori

knowledge, guarantee high precision in entities detection and classification
(people, car plates, phone numbers, organizations)

10
 INTELLIGO: Visualisation Main Capabilities

Powerful Visual Analysis (Graph, Geospatial &

Temporal)
Case Folders Management & Event Strategic
Copyright Selex ES 2015 All rights reserved

Intelligence
Workflow automation

11
 Copyright Selex ES 2015 All rights reserved

Visual Analysis Relational Graph and GIS

12
 CASE MANAGER

Registered
address Targeted Analysis
Vehicle Number Plate
HMG DVLA

Code word FRUITS Property Owner

Semantic Analysis HMG Land Registry

Message Fixed line

exchanges telephones

Charles Lang
Co-ordinator

Chat.com Instant
Copyright Selex ES 2015 All rights reserved

Fixed Line Phone #

Messaging Voice Biometric
Packet Analysis
Voice
Network profile
traffic

Mobile Phone #
Voice Biometric

Exploratory Analysis
Case Book
(Collate, Review, Manage and
Share) Evidence 13
 INTELLIGO: Platform Design Principles

Scalable
Scalable architecture and centralised, semi-distributed or distributed
approaches to fit the customer growth needs

Extensible
Copyright Selex ES 2015 All rights reserved

Modular architecture with the ability to extend and enrich features,

interfaces and capabilities

Flexible
Collect data from multiple and heterogeneous sources, normalise,
correlate, search and visualise

Secure & Resilient

Data protection, users profiling, disaster recovery

14
 INTELLIGO: Scalable Architecture

Master Backup

Secure Data, Indexes, Products

Network Flexibly Shared across
Backbone the Network
Copyright Selex ES 2015 All rights reserved

Regional
Regional
Centre
Centre

Regional Tactical
Centre Assets

15
 INTELLIGO: Extensible Platform

Every functionality is accessible through the tabs of its Web page

with no need for any client installation
Copyright Selex ES 2015 All rights reserved

16
 INTELLIGO: Secure Platform

Data, Indexes and Products Distributed across

Sites to meet User needs
All data accessible anywhere (subject to
access rights)
Very fine-grained access control
Copyright Selex ES 2015 All rights reserved

Appears to user as a single fully integrated solution

Data is placed where it needs to be
Data is accessed efficiently

17
 INTELLIGO: Resilient Platform

Site Autonomous Working

On loss of WAN all locally available data still
accessible
Local interfaces still processed

Remote-site working
Users can access remote site services during
temporary local site outage
Site High Availability
Features:
Load Balancing
Clustering Site level Disaster Recovery
Virtualisation Data Replicated Offsite
RAID Storage, Disk and Tape Able to stand up all processing at
Backup DR site
No Single Point Of Failure Manual or Automated failover of
Network Design interfaces

Copyright Selex ES 2015 All rights reserved 18

Agenda

INTELLIGO: Analysis & Intelligence Companion

Data Fusion & Investigation Support
Open Source INTelligence
Case Study: Law Enforcement Agency

19
 INTELLIGO (OSINT)

INTELLIGO has an OSINT embedded module, based

on a High Performance Computer (HPC), specialized
in high speed elaboration of real time streaming and
big data.

Definition of problem-oriented analysis

Copyright Selex ES 2015 All rights reserved

(topics) to support the investigation

process
Indexed Web
Application of different mathematical
algorithms and vertical applications to
generate actionable intelligence Deep Web
(results)

Exploitation of HPC computing power Dark Web

(parallel programming)

Production of continuous reports that

can help defining actions for
remediation 20
 INTELLIGO (OSINT)

The service analyses unstructured information

sources (news, blogs, etc.) in order to collect
information on people, places, etc., that can be
exploited to understand the interconnection
relationships among specific entities
Copyright Selex ES 2015 All rights reserved

Input:
A scenario of interest representing a specific
question, defined in terms of information sources
and filtering rules

Output:
OSINT information discovered, discriminated, distilled
and presented to analysts in different formats (list of
items, timeline histograms, geopolitical maps, tag-
cloud, etc.)

Benefits:
Relevant results from huge quantities of data are
delivered via consumable and easy to use interfaces

21
 INTELLIGO (OSINT): Intelligence Service Cycle

NEEDS

Dissemination: Service
Copyright Selex ES 2015 All rights reserved

Customer Dashboard Design and

and Reporting Planning

Service
Service
Configuration
Delivery Intelligence
and Setup
Analyst Team
Business User
Domain Analyst
Intelligence
Service

22
 INTELLIGO (OSINT): Intelligence Service Model

Dedicated Web portals to access the Intelligence

Services accessed via VPN
Direct access to the HPC platform to develop custom
services
Intelligence Analyst team supporting the customer
throughout the service cycle
No CAPEX

Copyright Selex ES 2015 All rights reserved

Flexible and modular service fees, adaptable to

customer needs
On Premises Solutions is an alternative to Saas

23
 INTELLIGO (OSINT): Cyber Attack Configuration

The service analyses cyber attacks not immediately

recognized by existing security systems and provides
guidance on the type of attacks

Input:
Set of data sources to be monitored (Web URLs, PAD,
Forum, Twitter) in search of signs of cyber attacks
Search criteria describing critical information related to
customers organization (e.g., email addresses, system
Copyright Selex ES 2015 All rights reserved

configurations, etc.) and about cyber security topics (e.g.,

botnet)

Output:
List of links of Internet items where the information about
cyber threats has been found

Benefits:
Early detection of external malicious activities targeting
customers infrastructure
Real time monitoring of Internet for internal data being
leaked from customers organization
Minimization/Mitigation of risks of successful cyber attacks
(risk treatment strategy based on the information obtained
with the specified search)

24
 INTELLIGO (OSINT): Early Warning Configuration
Copyright Selex ES 2015 All rights reserved

The service detects possible application threats through constant analysis of data from open and closed sources
and feed databases of technological players in information security
Input:
Set of data sources (Web URLs, Twitter, RSS feed) to be monitored as providing services and operations critical
for the customer
List of technologies (e.g., Microsoft IE, Windows, etc.) and vulnerabilities (e.g., virus, worm, etc.) of interest for
the customer
Output:
Threat reports keeping the customers staff on the cutting edge of emerging threats and changing adversary trends
and tactics
Benefits:
Evidence of specialized attacks targeting customers infrastructure
Global situational awareness on the general state of cyber security
25
Agenda

INTELLIGO: Analysis & Intelligence Companion

Data Fusion & Investigation Support
Open Source INTelligence
Case Study: Law Enforcement Agency

26
 Selex ES Solution Turnkey Solution
Copyright Selex ES 2015 All rights reserved

Organizational Development & Change Management

System design and development of technical solution
System Integration
Installation, Commissioning & Testing
Training (Planning & Delivery)
Operation & Maintenance
Civil Works
27
 Copyright Selex ES 2015 All rights reserved

Selex ES Solution Turnkey Solution

28
 Law Enforcement Agency Application
S.I.Co.TE Project - Carabinieri
General
Headquarters
5 regional
headquarters

19 commands Legion
Copyright Selex ES 2015 All rights reserved

102 Provincial Headquarters

12 Groups Headquarters

534 Command of company

65 Lieutenant Units
4589 Stations

Extended hierarchical organization with articulated structure, from the

headquarter to the furthest site through the ramification of organizational
units designed for the territory control
29
 Law Enforcement Agency Application:
Carabinieri

Territorial INTELLIGO platform distributed model,

organization providing centralized services to peripheral
sites facing infrastructural critical issues:
Connection reliability and bandwidth:
Copyright Selex ES 2015 All rights reserved

dedicated optical fiber rings for sites

connection and HF radio infrastructure for
mobile units communication
Information security: storage and
connection protection
Information availability: disaster recovery
management

30
 Operational Capability
For example:

Governance
Operational processes
Analysis techniques
For example:
Training:
Intelligence User training for systems
Operations Administration
Support & maintenance
Training: Training:
For example: Enabling Skills Technical
Copyright Selex ES 2015 All rights reserved

Usage
Language skills
Technology awareness
Operational
Capability

Interception & Transformation

Surveillance & Change
Sources Management
Intelligence
Analysis
Platform

31
 Delivery Scenario
Copyright Selex ES 2015 All rights reserved

National HQ Mobile Centre Secondary

HQ Regional
Tactical Vehicles Facilities

Aircraft Satellite
Evaluation Imaging
Facility
32
 Selex ES Logistic Solution

Logistic
support
enables
continuous,
global and
long term
support to all
our
Customers

Copyright Selex ES 2015 All rights reserved 33

 Copyright Selex ES 2015 All rights reserved

IP Data Analysis
Visualisation Graphing

34
 Copyright Selex ES 2015 All rights reserved

Visualisation - GIS

35
THANK YOU FOR YOUR ATTENTION

Selex ES S.p.A.
via Tiburtina km 12.400 00131 Rome, Italy
Tel. +39 064150.1 www.selex-es.com