Dirty use of USSD Codes in Cellular Network
USSD stands for Unstructured Supplementary Service Data and
is a session based GSM protocol unlike SMS or MMS. Typically it is used
to send messages between a mobile phone and an application server
in the network. Nowadays there are multiple services based on USSD, such
as mobile banking, social networking (facebook, twitter), updating
mobile software over-the-air, prepaid recharge/account balance info etc.
In this talk, I will discuss how to play with USSD codes using
different tools and exploit different services based on it.
In addition, critical security issues in USSD based services such as
virtual money transfer/mobile banking and social networking will be
discussed. At last, I would discuss what exactly does 'dirty use of' means.
Sobre Ravi Borgaonkar
Ravi works as a researcher in the the Security in Telecommunications department at Technical University Berlin. His research themes are related to mobile telecommunication and involved security threats. This ranges from GSM/UMTS/LTE, network security to end-user device security.