CARBON | ClearTrail Technologies

Intelligence Runs Deep in Intercepted IP Data

The intelligence generated in today’s criminal investigation scenario is largely dependent on cleartext internet data. The ever-evolving end-to-end encryption channels and limited intercepted IP data decoding technologies present an incomplete picture of a suspect’s communication pattern.
There is a lot of actionable intelligence hidden within the encrypted and unknown transactions of IP data.

Cleartext forms only the tip of proverbial iceberg of PCAP data comprising of


Majority of the PCAP Data is encrypted, which enables criminals to operate behind secured channels

such as communication over WhatsApp, Telegram, Line, Signal, Twitter, Facebook, and usage of TOR, VPN, etc.

Then there are thousands of unknown communication channels which perpetrators use anonymously

for chatting, audio/video calling, uploading & downloading content; this almost always gets missed by the conventional Deep Packet Inspection (DPI) tools.

Get 100% visibility into terabytes of IP Data in minutes

Within the rising volumes, velocity and variety of IP data could be critical information related to patterns of communication, location, or time of activity that can take days to uncover a vital lead for an ongoing criminal investigation.

Now unleash intelligence from every actionable bit of PCAP data to uncover correlations, build a suspect’s profile and connect all the data points across cleartext data, encrypted data and unknown data transactions to reveal what is truly actionable such as

Messaging Events

Voice/Video Call Events

Social Media Activities

Devices Used

Locations Visited

Sensitive Images & Videos

Applications Used

Domains Accessed



Deep Packet Inspection meets Advanced Analytics and Automation

CARBON is an IP traffic analytics system designed for Federal & Law Enforcement Agencies.  It has a technically advanced DPI engine which has evolved over 20 years’ experience of decoding and analysing 100s of Gbps of real-time IP traffic.

It is built on an open architecture based intelligence delivery platform that helps Intelligence Analysts to automate most of their manual tasks to derive meaningful intelligence.

Deep Packet Inspection

Classifies 1000s of protocols and applications, extracts entities from cleartext content, performs metadata analysis and generates actionable intelligence.

Advanced Analytics

Provides AML & NLP based text, image & video analytics to extract entities from millions of resources reconstructed from unstructured data and identifies case relevant objects from images & videos.

Encrypted Data Analysis

Extracts metadata from a suspect’s encrypted capture files by using a passive IP traffic analysis mechanism to detect chat events, VoIP calls, media uploads/downloads, extract SSL certificates, etc. and get a complete picture of its communication patterns and internet usage behavior.


Automates criminal intelligence, evidence gathering and analysis processes by tracking key indicators through scheduling operations and triggering conditional alerts.

Ready to use Investigation Modules

Comes with a library of ready to use investigation modules that save hours of work for a technical investigator. These modules auto provide insights, identify connections and behavioural aspects of a person of interest.

Trusted by

Government and Law Enforcement Agencies across



GCC Countries



Multiple suspects and no way of knowing how are they collaborating over the internet?

One of the biggest challenges being faced by technical investigators involved in the lawful interception of IP data is knowing multiple suspects are collaborating over encrypted messaging applications such as Skype, WhatsApp, Facebook, Telegram and others but not finding a way to establish a clear pattern of communication of their internet activity over a period of time.

Request Case Study

Extract intelligence from PCAP data 20x better and faster

Technical investigators spend a lot of time making sense out of reconstructed data extracted from images, texts, videos, GPS leaks, virtual identities, device information and other relevant information all jumbled together. This causes not just a loss of precious time but also makes investigators lose vital information.

Request Case Study

See CARBON in Action

Want to find out how CARBON can transform the way you analyse intercepted PCAP data? Share your details and we’d connect you with our customer success champions.