All digital evidence is identified in our forensic laboratory, which adheres to international standards. Our forensic engineers, who have years of experience in their field, perform these identifications in a reliable and auditable manner, and the results are reported in compliance with the legal system.
HTS (Historical Traffic Search) Analysis
HTS (Historical Traffic Search) analysis examines signal data from communication records that the Public Prosecutor’s Office and/or the Courts request. These records, showing the history of traffic searches, can be requested by mobile phone number or by the IMEI number of the mobile phone used as a communication tool.
The HTS table generally includes records of calls made and received, messages sent and received, time data for these records, and location information of the relevant operator’s base station at the time these records were created.
HTS records also contain data about internet usage, which come in two types: GPRS/WAP records and CGNAT (Carrier-Grade NAT) records.
GPRS/WAP records show the IP address through which internet traffic was made for the requested number, the accessed page, and the time frame in which data transfer operations started and ended.
CGNAT records include the IP address where the internet access request for the requested number was made, the time information when this request was initiated, and the location information of the relevant operator’s base station at that time.
Examining and evaluating these records requires technical skills and experience. Experts can use these records to shed light on cases involving migrant smuggling, human trafficking, organ or tissue trafficking, intentional homicide, torture, sexual assault, child sexual abuse, aggravated theft and robbery, qualified fraud, drug production and trafficking, counterfeiting money, establishing a criminal organization, gang crimes, organized crime cases, prostitution, bid rigging, usury, bribery, laundering assets obtained from crime, undermining state unity and territorial integrity, crimes against the constitutional order and its functioning, crimes against state secrets, and espionage.
Let’s discuss how an HTS analysis is conducted with a specific case example.
Upon receiving the CGNAT records, the first step is to identify the time period when the records were requested, determine the dates when access requests were made, and conduct a special and technical examination to identify suspicious and contradictory records.
Subsequently, a similar examination is carried out on GPRS data along with CGNAT records. Analyses are conducted to determine whether these two tables overlap. There are certain prerequisites for the overlap to occur; these issues are detailed in the reports prepared by us. The findings resulting from the examination and analysis of these two tables are interpreted with concrete reasons. The examination aims to determine the necessary conditions for identifying whether a person is a Bylock program user based on these records.
By consulting the Forensic Defence team, you can request an expert opinion/report following the Criminal Procedure Code to be used in a possible case.
For more details and information don’t hesitate to contact us.
