DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
Network Packet Reconstruction Technology for Computer Forensics and Information Security
Decision Group’s Core ValueCasper Kan Chang/ CEO
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
2. Network Forensics
3. Cell Phone / PDA Forensics
Digital Forensics Categories …
Data recovery
Password recovery
Analysis Software
1. Computer Forensics
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
Network forensics is the next step of network security !!
General
95 % of security breaches are internal
5% of security breaches are external
Company
Internal data leakage exploits information security from within the firewall by trusted users
Virus, Attack Hacker
from External
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
Network Packet Reconstruction Technology 1. Packets Captured ( Sniffer from Wire, Wireless, HTTPS/SSL).2. Packets Organized.3. Playback (Reconstruction ).4. Saved to database .
Sniffer
Packets Organize PlaybackSaved to Database
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
Core Values of E-Detective Product Series
Product + Price + Ability + Training Service = Values
The most complete product series and solutions for network packet
reconstruction in the world.
Supports network forensics and information security
auditing standards.
Value priced
Continued product development and updates for new and changing
network protocols.
Worldwide awards.Excellent and responsive professional customer service.
Software & hardware customization.
Supports most protocols under high network traffic globally.
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
Complete Solutions for Cyber Forensics
• Wired packet reconstruction.• Wireless (802.11 a/b/g/n) packet
reconstruction• HTTPS/SSL interceptor• Off-line packet reconstruction• VOIP packet reconstruction• Lawful Interception Suite• Packet Reconstruction Development
Toolkit (DTK)• E-Detective Decoding Centre• Enterprise Data Guard System
We Provide a Full range of Software, Training and Hardware Solutions for Network Forensics and Information Security
• Central Management System• Data Retention Management System• (FIT) Forensics Investigation Toolkit • (NIT) Network Investigation Toolkit• iMonitor• iWarrant• iMediator• E-Detective Decoding Centre• Cyber forensics training programs for LI,
Cyber Intelligence, and Protocol Analysis
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
Supports Most Internet Protocol Reconstruction, a Cyber Forensics and Information Security Requirement
• Email : POP3, SMTP, IMAP with attach files.• Web Mail : Yahoo Mail, Gmail, Windows Live Hotmail, Hinet, Hotmail Standard, PCHome, URL, Giga,
Yam, Sina, Seednet, mail.tom.com, mail.163.com, Sohu.com, Gawab.• Instant Messaging : Yahoo Messenger, Windows Live Messenger (MSN), IRC, ICQ, UT Chat Room, Gtalk,
Yahoo Web Chat, MSN Web Chat, Skype Voice Call Duration Log. • File Transfer : FTP Upload/Download, P2P File Sharing ( BitTorrent, eMule/eDonkey, FastTrack, Gnutella
) • VoIP : SIP, RTP Voice Sessions (Supported Codecs includes G.711, G.726, G.729 and iLBG).• Video Streaming : Youtube, Metacafe, Google Video and Request.• HTTP : Link, Content, Reconstruction, Upload and Download.• Online Games : More then 70+ Online Games word wide.• Skype : Text Chat Recording.• Telnet : Play back• Social Network Service: Facebook, Twitter, Plurk• Mobile Devices: APP & Web Services on iPhone and Android, (BYOD)• Other : Upon Request.
More than 180 Internet Service Decoders
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
Off-line packet reconstruction product launched.
Assisted in the course development of the Central Police University Network Security Forensics training material.
R&D in Computer Forensics and Information Security with 13 years experience
20002002
2004
2006
2007
2009
The first Wired Network Forensics product is launched in Asia.The first Wireless Network Forensics Product is Launched.The first HTTPS/SSL interceptor is launched.E-Detective became part of the Coast Guard Digital Forensics SOP.
2010
2011
2012
2013
Data Retention Management System and 10Gb E system launched
ETSI Compliant E-Detective/LI system with IMS for Telecom launched
Central Management System with DRMS for 3-tier infrastructure on large scale distributed network at national level and EDS2 launched
Announced mediation device with fixed and LTE networks for Lawful Interception (LI) deployment.
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
Continuous Product DevelopmentNext Generation Products
Lawful Interception Suite• iMediator (iMD) - for lawful interception operation as mediation
platform with telecom networks• iMonitor (iWnt, EDDM) – for lawful interception operation as content
reconstruction and monitoring system in LEA Monitoring Center
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
E-Detective Value-Added Product Applications 1. Internet interception systems by transparent or forward proxy
configuration.2. HTTPS Interceptor is the compliance solution for ISO 27001/ISMS.3. Supports Thin-Client Architecture.
AD ServerLDAP
INTERNET
Terminal Server
proxy connectionproxy connection
HTTPS / SSL E-Detective
sniff
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
ISP Internet Interception Systems
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
E-Detective for ISO 27001 / ISMS• E-Detective archives network data, Internet activities and
transactions of the organization IT environment. This recorded data and content is essential for auditing and tracking. E-Detective deployment ensures that these organizations comply with ISO27001 / ISMS standard.
• E-Detective provides complementary functions for network Firewall, IDS, IPS, UTM, SIEM, DLP and other application software for IT security management.
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
The Achievement of Scientists Changed the World
Galileo Galilei
The Father of Modern Science
Louis Pasteur
The Father of Microbiology
Thomas Alva Edison
The Inventor of the Long-lasting Practical Light Bulb
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
Edison’s achievement came from his spirit of not allowing setbacks to lead to failures. With this courage and endless trials, he found answers for all of us .
In the spirit of Thomas Edison, Decision Group implemented its forensics technology development. With sustained trials and experiments we have developed the latest in forensics technology over the past 13 years.
Thomas Alva Edison The Inventor of the Long-
lasting Practical Light Bulb
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
Customer List
1. Law Enforcement –Taiwan CIB / MJIB, Malaysia, …2. Financial Business – TSEC, CTFI …3. Corporation – Foxconn, Acer, PC-home …4. Education - Chung Yuan Christian University … …5. OEM – Broadweb, nForce, PCI, Guardian … …6. ODM – GIZA … … 7. Distributor / Reseller – HTCI, ST, PCS, … …
More than 6000 installations worldwide !!
For network forensics and information security audit needs !!
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
We are constantly searching for… ...
Qualified and Committed Business Partners –
ResellersDistributorODM/OEM Cooperation …
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
Decision Computers believes in a Win-Win with their Partners
• Build benefits and cooperation.
• Expand business opportunities
• Share profits
DECISION GROUP INC. Taipei, Singapore, Hong Kong, Germany
About Decision Group Established in 1986 with 27 years experience in IT industry.
Strong R&D Capability :
40 Professional Engineers with 3 PhD and 7 Masters degrees
25 manufacturing engineers
Sales: US$ 6.2M in 2012. Headquarters : Taipei, Taiwan Germany, Hong Kong, Japan, Egypt, Zimbabwe, Canada, China
Global Presence
Address: 4/F No. 31, Alley 4, Lane 36, Sec.5, Ming-Shan East Road Taipei, Taiwan, R.O.C .Phone No : +886 2 2766 5753 Fax No : +886 2 2766 5702E-Mail : [email protected] Url: www.edecision4u.com