Ravi Borgaonkar

Dirty use of USSD Codes in Cellular Network

USSD stands for Unstructured Supplementary Service Data and is a session based GSM protocol unlike SMS or MMS. Typically it is used to send messages between a mobile phone and an application server in the network. Nowadays there are multiple services based on USSD, such as mobile banking, social networking (facebook, twitter), updating mobile software over-the-air, prepaid recharge/account balance info etc.
In this talk, I will discuss how to play with USSD codes using different tools and exploit different services based on it. In addition, critical security issues in USSD based services such as virtual money transfer/mobile banking and social networking will be discussed. At last, I would discuss what exactly does 'dirty use of' means.

Sobre Ravi Borgaonkar

Ravi works as a researcher in the the Security in Telecommunications department at Technical University Berlin. His research themes are related to mobile telecommunication and involved security threats. This ranges from GSM/UMTS/LTE, network security to end-user device security.

« volver a Speakers