Founder at NOZ Berkarya Indonesia
6
Talks Delivered
3
Events Spoken At
1
Countries Visited
4
Years Speaking
6
Total Talks Given
A Telco Security Researcher and Embedded System Developer with over 10 years of experience in telecommunication protocol analysis, embedded system design, and cybersecurity research. Founder and principal researcher at NOZ Berkarya Indonesia, focusing on emerging network security, OpenBTS/Osmocom stack integration, and SIEM for Telco networks. Specialized in combining radio frequency analysis, reverse engineering, and real network behavior modeling to improve detection, response, and resilience in telecom infrastructures (2G–5G). Committed to advancing Sustainable Development Goal (SDG) 9: Industry, Innovation, and Infrastructure, by fostering innovation and resilient digital infrastructure through open-source research and secure communication technologies.
These are some of the results of my research that I have published.
1. 2 Januari 2015 - Publication of research result at Infosec Institute with title “Introduction to RFID Security” At this research we do Reverse Engineering at ticket commuter line and make a attack scenario RFID
2. Januari 2015 - Research RFID – Berdikari Standalone RFID Reader dan Emulator At this research we do a design PCB use ATmega328P to be Reader and Emulator to do cloning RFID Tag.
• Deep learning microcontroller
• Emulate RFID Tag
• RFID cloning more than 3 tags in 1 Device
3. 12 Februari 2015 - Publication of research result at Infosec Institute with title “Introduction to Smartcard Security”
At this research we learn about communication of protocol used on Smartcard EMV Debit Card and 4G Provider BOLT and implement several attack
• Deep learning about SIM Card
• Smartcard Architecture
• simulated attack identification
◦ Physical attack: Reverse engineering, Smartcard cloning
◦ Remote attack: IMSI catcher, OTA
4. 19 Maret 2015 - Publication of research result at Infosec Institute with title “Introduction to GSM security”
At this research we learn about communication of protocol used on Handphone and BTS (base transceiver station). We do analysis using radio (Universal Software Radio Peripheral) to know type of encription used and tracking handphone location used LAC and Cell ID.
• Analisys 2G GSM Protocol
• Tracking IMSI in your area
5. 9 Juni 2015 - Publication of research result at Infosec Institute with title “Reverse Engineering of Embedded Devices”
At this research we learn about how to work “broadcasters livestream” with identify all CHIP used and learning about protocol communication used, we do Reverse Engineering using Bus Pirate and Saleae Logic Analyzer.
• Device disassembly and PCB design analysis.
• Debugging Communication Protocol 1-Wire, UART, I2C, SPI, JTAG.
• Analyze the logic signals, capture sampling and decode protocol.
• extracting the firmware.
• Mapping the component Device and protocol used
6. Maret 2016 - Publication Mini Course of INFOSEC INSTITUTE with title “Advanced Pentesting Techniques with Metasploit”
• AUXILIARY — Scanners (Intermediate → Advanced). Mastery of additional modules for discovery, fingerprinting, and brute force against services
• AUXILIARY — Fuzzers (Intermediate). Find crashes/vulnerabilities in services through Metasploit's built-in fuzzing
• Credential Harvesting & Social-Engineering (Intermediate → Advanced). Technique to retrieve credentials from endpoints via post-exploit modules.
• Post-Exploitation — Privilege Escalation (Advanced).
• Post-Exploitation — Lateral Movement & Persistence (Advanced).
• IE Proxy PAC / Proxy Abuse (Attack on Browsing Infrastructure) (Advanced).
• Misc: NOP generator & Encoders (Exploit robustness / Evasion) (Advanced).
• Advanced module/payload configuration & custom Metasploit modules (Expert)
7. Desember 2018 - Research and manufacture of post-disaster telecomunication equipment. Post-disaster telecommunications equipment (portable BTS / emergency comms kit) aims to provide emergency voice/data services when commercial infrastructure is damaged. This solution involves the design of radio equipment (small/portable BTS), a standalone power system, backhaul options (satellite / microwave / cellular fallback), antenna and RF tuning, signal security, and field operations and logistics procedures.
8. 24 Agustus 2019 - Publication of research result at Infosec Institute with title “Mobile Phone Tracking”
At the research we learning about protocol communication between Mobile Phone and BTS (base transceiver station) working, with identification LAC , Cell ID and Timing advance (TA) we could to know where the signaling come from.
9. September 2025 – SIEM Telco Research at the research we make a idea inovasion combination of OpenBTS , Osmocom Stack , and ella-core to build a telco-aware SIEM pipeline, benefit for analysis behavior endpoint and cell realtime for detection response, low level kernel analysis behavior realtime detection response, fraud detection realtime.
Presentation Types
Audience Types
In this workshop, I will provide a comprehensive overview of the standard communication procedures used by mobile phones, including the attach procedure, location update, Mobile Originating Call, Mobile Terminating Call, and handover mechanisms. Participants will explore a practical case study in which a mobile device receives a phishing SMS via a fake BTS, followed by an analysis of IMSI Catcher operations and the design of effective detection mechanisms.
The workshop offers hands-on experience in building a 2G network from scratch using OpenBTS and USRP hardware. Participants will gain practical knowledge of key security aspects, including SMS phishing, IMSI Catchers, SIM Swap exploitation, and RRLP (Radio Resource LCS) vulnerabilities, equipping them with the skills to analyze, test, and secure real mobile network environments.
The concept idea is to be able to have IMSI CATCHER Detector alerts with a budget under 20$
The presentation “Stolen e‑money in 60sec” analyzes the vulnerabilities of RFID-based e‑money systems commonly used for payments, access cards, or transit tickets. It explains the basic RFID architecture — including TAG (client) and READER (server) — and shows how, through relatively simple equipment and reverse engineering, an attacker can capture, clone, or spoof RFID tags. The work demonstrates that many RFID implementations lack proper security (e.g. no encryption, no authentication), making them susceptible to fast and easy digital theft, identity misuse, or unauthorized access. The slide concludes that without robust protective measures, widespread use of RFID for e‑money or identity applications heightens the risk of digital crime and fraud
As part of my research in mobile network security, I have conducted in-depth studies on GSM protocol vulnerabilities, focusing on the operation and mitigation of IMSI Catchers. This work involved analyzing 2G network signaling, examining how mobile devices attach to base stations, and demonstrating practical scenarios with fake BTS deployments and intercepted SMS traffic. I explored both passive and active techniques for identifying potential subscriber tracking and network exploits, while emphasizing ethical and controlled experimentation.
The research provided hands-on insights into GSM protocol weaknesses, illustrating real-world attack vectors and highlighting the need for detection mechanisms and enhanced mobile security practices. This experience reflects my ability to translate theoretical knowledge into practical, security-oriented network experimentation, contributing to both academic research and applied telecommunications security.
This Research present of RFID (Radio‑Frequency Identification) technology: how RFID works (tag, reader, antenna), and the types of tags (passive, active, semi‑passive) depending on power source and read‑range. It outlines common modulation (ASK, FSK, PSK) and encoding schemes used in RFID communications. security problems and attack vectors associated with RFID: in particular — tag cloning/spoofing, data interception and decoding (skimming/eavesdropping), and potential Denial‑of‑Service (DoS) attacks against RFID readers. it highlights that due to these vulnerabilities, systems that rely on unprotected or legacy RFID (without strong cryptography or authentication mechanisms) are at risk — making clear that RFID security must be carefully evaluated in any real-world deployment
explores vulnerabilities and attack vectors against RFID systems:
This research focuses on the security analysis of 2G (GSM) mobile networks through both passive and active techniques. It includes:
By combining protocol‐level analysis with radio‑frequency monitoring and network‑level experimentation, the work reveals exploitable weaknesses in legacy GSM infrastructures, illustrates threat scenarios (e.g. fake‑BTS phishing, subscriber tracking), and aims to support the design of detection and mitigation mechanisms.
