The massive diversity and volume of data available to feed lawful intelligence practices—from open source intelligence to intercepted communications and geolocation—creates significant technical complexity. Data connections must be established to all those sources, the data must be normalized and unified to work as a coherent whole, and manual analysis tasks must be streamlined and automated to make comprehensive interpretation of large-scale data feasible. In addition to batch and query processing with stored information, live data such as surveillance footage, social media posts, and emergency calls must be processed in real time as it comes in.
Lawful intelligence platforms work below the operational surface to manage that complexity, so investigators and analysts can focus on cases instead of the mechanics of technology. The SS8 platform abstracts away the diversity of data types and origins, connecting to all types of sources, ingesting and pre-processing data, and uniting it in a unified store. That store is based on a data lake that includes structured, semi-structured, and unstructured data in its raw form as well as various transformed versions, using a flat architecture that eliminates data siloes. Emerging AI and machine learning capabilities such as incident recognition and anomaly detection build on those data foundations.
Flexible, Comprehensive Ingestion and Pre-Processing
To provide broad connectivity to external data sources and applications, SS8 Intellego XT supports a range of data ingestion techniques. APIs provide programmatic access to data sources and applications, including real-time access to live data, and pre-built or custom data connectors integrate applications. In addition, Extract-Transform-Load (ETL) tools, streaming data platforms such as Kafka, and JDBC can all be used to ingest data for the SS8 data lake. Data is indexed for efficient search, query, and retrieval, including with descriptive metadata that allows users to discover and understand datasets without needing to process the raw data. Synchronization techniques ensure fidelity with changing source data, performing real-time and batch processing as needed.
Pre-processing prepares data for use in analytical processes, such as noise reduction to filter out redundant or irrelevant content, improving data quality. Normalization mechanisms convert disparate formats into a unified, fused structure that allows correlation, for example, of call data records with financial transactions. This preparation is especially critical to the success of AI workflows, ensuring that incoming data is compatible, clean, and contextually aligned with what the model expects.
Pre-processing tasks and requirements vary across different types of input data. Among many examples, image processing might include resizing, cropping, enhancement, or format conversion, as well as analysis functions such as object, facial, or character recognition. Voice data is normalized with measures including volume level adjustment and background noise removal to improve quality, and audio files may be transcribed into text to make them more readily searchable. Recordings may also be segmented by individual speaker or timespan to facilitate analysis. Comprehensive data sourcing and data hygiene provide the basis for efficient and accurate analysis.
Consuming Data for Advanced, Multidimensional Analysis
The SS8 lawful intelligence platform is built using tradecraft and workflows developed with and for the law-enforcement and intelligence communities. An established investigation pattern might set up a geofence to start establishing subjects of interest, then automatically pull in and correlate other information. This might include any number of sources, such as surveillance footage of the area, relevant social media posts, automated number plate readers, financial transactions, and others. Data fusion combines the data sources—which may be in different formats, at different levels of granularity and reliability—so they can be treated as a single coherent whole.
Tools and mechanisms to interrogate data include full-text search and natural language processing, which can process unstructured text to identify keywords or sentiments that are relevant to an investigation or indicate threats. Search parameters can reach across different dimensions, based on keywords, sequences of events, or periods of time. Those mechanisms are complemented by visualization tools such as heat maps, dashboards, and charts, creating a multimodal view of evidence. Graph databases in the SS8 platform create novel analyst views by mapping relationships between entities like users, IP addresses, devices, and locations to reveal hidden patterns.
SS8 uses workflows based on law enforcement tradecraft to enhance investigations
Machine learning models offer automated data analysis using various incident-detection algorithms that can act as tripwires. Anomaly detection identifies behaviors and other indicators that deviate from expected patterns, which may signal threats, fraud, or unauthorized activity. Correlation analysis identifies links between entities, events, or behaviors to help reveal associations and other meaningful patterns. Predictive modeling forecasts potential incidents based on the confluence of historical and emerging data. When insights and incidents are detected, alerts can be automatically raised to responders, forging links between data and action.
This blog is part two of a four-part series, “End-to-Intelligence Gathering,” which illustrates investigative challenges and technological solutions throughout the intelligence lifecycle. Part 1, “Sources & Methods”, introduces conceptual and operational practices for sourcing and identifying value in relevant data. This second installment, “Ingest & Analysis,” discusses transformation of that data into actionable intelligence. Part 3, “Dissemination & Impact,” addresses methods for using intelligence in investigations effectively and securely. Part 4, “Use Cases & Illustrations,” relates examples of how analysts apply end-to-end intelligence in real-world scenarios.
About David Anstiss
David Anstiss is Director of Solution Engineering at SS8 Networks. He has been with SS8 since 2015 and has significant experience in critical network architecture technology and advanced data analytics. He is part of the Technical CTO Group under Dr. Cemal Dikmen, leading engagement with intelligence agencies and communication providers globally. He is instrumental in helping clients transition to 5G, defining system requirements to meet regulatory compliance. As a member of ETSI, he represents SS8 to ensure the adoption of cloud-native infrastructure is met with industry best practices and lawful interception compliance. Learn more about David on his LinkedIn profile.
About Rory Quann
Rory Quann is a Senior Solutions Engineer specializing in End-to-End Government Solutions at SS8 Networks and brings with him over 14 years of experience in the Lawful Interception and Data Analysis industry. Prior to joining SS8 in 2013, Rory worked for BAE System Applied Intelligence where he was focused on large scale Government deployments of Intelligence Solutions. Rory has held multiple positions in the Lawful Intelligence space ranging from Deployment Engineer, System Consultant, and Sales Engineer focusing on Country-wide Passive deployments. Rory is a Certified Microsoft MCSA Engineer and EMC Certified deployment Engineer. Learn more about Rory on his LinkedIn profile here.
About SS8 Networks
As a leader in Lawful and Location Intelligence, SS8 is committed to making societies safer. Our mission is to extract, analyze, and visualize critical intelligence, providing real-time insights that help save lives. With 25 years of expertise, SS8 is a trusted partner of the world’s largest government agencies and communication providers, consistently remaining at the forefront of innovation.
Discovery is the latest solution from SS8. Provided as a subscription, it is an investigative force multiplier for local and state police to fuse, filter, and analyze massive volumes of investigative data – in real time.
Intellego® XT monitoring and data analytics portfolio is optimized for Law Enforcement Agencies to capture, analyze, and visualize complex data sets for real-time investigative intelligence.
LocationWise delivers the highest audited network location accuracy worldwide, providing active and passive location intelligence for emergency services, law enforcement, and mobile network operators.
Xcipio® mediation platform meets the demands of lawful intercept in any network type and provides the ability to transcode (convert) between lawful intercept handover versions and standard families.
To learn more, contact us at info@SS8.com.
