Zumna Usman

Academic

Verbatim text

Zumna Usman
03315158695
House number:654, street number: 103, sector: G-9/4, Islamabad
LinkedIn:
Education
FAST NUCES, Islamabad
BS(CY)
Computer Organization and Assembly Language, Networks and Cyber Security, Information Security,
Number Theory and Cryptography, Blockchain and Cryptocurrency, Vulnerability Assessment and Reverse
Engineering
Beaconhouse Margalla Islamabad
Mathematics, Physics, Computer Science, Chemistry
Islamabad Convent School
Physics, Mathematics, Biology
Projects
Final Project:
SENTRAC-IoT (Contiki, Cooja Simulator, GCC)
Developing and researching a Secure-RPL that secures constrained IoT devices by using ECC for Authentication
and SIMON for Confidentiality on Cooja Simulator.
Semester Projects:
Jihaadi (Bypassing Windows Defender & SmartScreen) (GCC, Python)
Bypassed Windows Defender by using obfuscation, encryption, and encoding techniques.
ML based IDS (Python)
Trained a model by using a dataset to detect malicious URLs using Python's Tkinter.
Malware Analysis (IDA Pro, Ghidra, x64dbg)
Static and Dynamic Malware Analysis of different malwares by using multiple tools.
AES-256 (C++)
Implementation of AES-256 in C++ performing encryption and decryption.
Work Experience
Cyber Security Intern, Software Productivity Strategists
April 2023 - October 2023
Paid internship for mapping Cyber Security Solutions/Products on NIST Framework including handling famous
organizations and their products.
Cyber Security Intern, Graxo Consulting
June 2022 - September 2022
Paid internship for GRC, blog writing and creating partnership proposals.
Threat Hunting & Intelligence Intern, Thincscorp
June 2022 - July 2022
Threat Hunting and Intelligence projects using Cuckoo Sandbox and Flare also including Malware Analysis
Skills & Tools
Professional Skills:
Technical & Business Writing, Communication & Presentation, Time Management
Technical
Skills:
C/C++/C#, Cryptography, Malware Analysis, Digital Forensics, Python, HTML/CSS/JS,
Mathematics
Achievements
Bronze Medal
Dean's List of Honor 4 times
Activities
General Secretary Events of Cyber Space Legion
General Secretary Management of Automotive Society
Teacher's Assistant of Artificial Intelligence, Information Security, Probability & Statistics.
Lab Demonstrator of Vulnerability Assessment and Reverse Engineering
zumna.u@gmail.com
https://www.linkedin.com/in/zumna-usman/
Majors:
Alevels (
)
Olevels (
)
AeroIntruder: Pioneering Autonomous Cybersecurity
Assessments with Drone Technology
AeroIntruder represents a groundbreaking leap in cybersecurity, leveraging autonomous
drone technology to create a comprehensive cybersecurity assessment & remote pen-
testing system. Targeting wireless networks and connected devices, AeroIntruder
adeptly navigates the complex stages of cyber threats, preemptively pinpointing
vulnerabilities to bolster digital defenses. At its core, the project involves thorough
network scanning and data collection, which lays the foundation for subsequent
vulnerability analysis and attack simulation. Users can command simulated attacks to
expose potential weaknesses, after which the system provides detailed security
enhancement recommendations and reports.
Key features include:
1. Autonomous Scanning: Drones autonomously scans the networks, collecting
extensive data for vulnerability analysis.
2. Vulnerability Assessment: Simulated attacks uncover potential weaknesses,
enabling proactive security measures.
3. User-Friendly Interface: Intuitive interface allows easy controlling of attacks and
gathering of data.
4. Versatile Applications: Beyond audits, AeroIntruder finds utility in critical
infrastructure protection and emergency response scenarios.
Technology Used:
Python, Bash, JS, AWS, KALI Linux,
DJI Drone, RasberryPi-4
Supervisor Name:
Ms. Hina Bint e Haq
Group Members:
Suleman Rehman (i19-1667)
Contact # - 03165011441
Saud Ul Huda (i19-1758)
Contact # - 03355885557
Hassaan Oumair (i19-1777)
Contact # - 03005599700
CTC-Crack the Case
Crack The Case is a SaaS platform for training, whilst keeping the perspective of individual
learners ranging from beginners to professionals and organizations who want to train their
employees regarding their cybersecurity needs. There are three views of this app –
Learners/Employee View, an Organizational Admin View and a Super Admin View (Platform
Admin) – the first is for the learners to use the features provided by our app to follow different
learning paths, solve cases, use forums, get AI chatbot assistance and master their
cybersecurity skills, after reaching a certain level, they are also able to create their own
content. The second is for Organizational Admins who have availed subscriptions and wish
to train their employees using custom learning paths, they are able to view employee
analytics and manage users for their particular organization. Lastly, we have the super
admin view, where platform users whether individual or organizations will be managed,
additionally, this dashboard will also be used to approve content uploaded by the platform
users.
Technology Used:
Python, FAST API, Firebase, Google
Cloud Platform, Tailwind, React, Docker
Supervisor Name:
Dr. Muhammad Asim
Co-Supervisor Name
Dr. Qaiser Shaf
Group Members:
Muhammad Huzaifa (i20 - 0604)
+92 300 9655860
Aisha Irfan (i20 - 1851)
+92 318 5703526
Abdullah Irfan (i20 - 2702)
+92 304  5403220
Green INT- Automated OSINT Tool
An automated open-source intelligence (OSINT) tool that scouts the surface and dark web
for human and network profiling information using various techniques such as web scraping,
data mining, and profile analysis. It compiles an intelligence report to aid in making well-
informed decisions.
Features:
1. Reverse checks email on 150+ sites.
2. Reverse checks usernames on 500+ sites.
3. Explore leaked Paksitani Databases by name, cnic, phone, province, city.
4. Explore Social Media Intelligence Anonymously.
Technology Used:
React, Python, Tor, Selenium, Firebase
Supervisor Name:
Dr. Muhammad Asim
Group Members:
Ashar Khalil (K20-1724)
+92 330 3511211
Faisal Subhani (i20-0955)
+92 310 7162277
Baqar Abbas (i20-0806)
++92 335 5185566
N-SAM
N-SAM is a web-based application that is developed while keeping in mind the importance
of security and specifically for small scale organizations that are unable to afford an
expensive SIEM or SOC. It can be defined better as a one stop network security and
management tool. An application that monitors the traffic details of the inbound and
outbound traffic of users over that network and log these details in a database. Performs a
detailed analysis on the logs and give Alerts based on the rules defined. It also gives a
detailed and enhanced report over different perimeters that a security engineer requires
for effective network security and management.
Features include:
- Active network logs monitoring, Fetching and parsing logs to be presentable and better
understandable
-Log Analysis with minimal delay
-Shows Alert for any violation or anomalies
-Modifiable rules and blocking of malicious traffic
- A detailed report with explanation of the behavior of network traffic behavior over a
defined range of time
Technology Used:
React, Java script, Mongo DB, Python,
Flask
Supervisor Name:
Mr. Muhammad Abdullah Abid
Group Members:
Umer Sajjad (I19 - 1795)
Contact: 0302-6436203
Osama Iftikhar (I19-1764)
Contact: 0317-5638091
Zein Rohail (I20-2441)
Contact: 0332-4422402
PARADEFENSE
This project aims to develop an advanced Intrusion Detection System (IDS) that harnesses
the power of parallel processing to effectively detect and analyze Distributed Denial of
Service (DDoS) attacks in real-time. The system is designed not only to promptly alert
administrators upon detecting a DDoS attack but also to generate comprehensive attack
reports for in-depth analysis. Additionally, it also includes a user-friendly front-end interface
that visualizes attack patterns, providing real-time monitoring of the incoming traffic. By
integrating parallel processing, our system aims to significantly enhance the speed and
accuracy of DDoS attack detection, empowering cybersecurity professionals to take
proactive measures against such attacks. Through this endeavor, the project aims to
contribute to the enhancement of cybersecurity measures by providing a sophisticated
detection tool against DDoS attacks, complete with real-time alerts and comprehensive
analytics. This proactive approach facilitates a deeper understanding of attack dynamics,
enabling more informed and timely defensive strategies.
Technology Used:
Python, React js, Open CL, Node js, ELK
stack.
Supervisor Name:
Dr. Qaisar Shafi
Group Members:
Syed Muhammad Owais Raza (i20 -
0403)
(Cell #) +923168311734
Syed Muhammad Farjad (i20 - 0872)
(Cell #) +923169550767
Sameel Ahmad (i20 - 0527)
(Cell #) +923046097333
PCAB – Peer Cab
Peer Cab is an innovative decentralized carpooling platform designed to address the
technology to ensure secure, tamper-proof, and transparent payment processes,
eliminating concerns related to financial fraud and monopolistic control. By fostering a
sense of community and environmental responsibility, Peer Cab transforms daily
commutes into shared, efficient, and secure journeys, positioning itself as a transformative
force in the carpooling industry. With the potential for global expansion, Peer Cab
represents a promising business opportunity in an evolving carpooling market.
Features:
1. Secure Payments through Decentralized Finance
2. Eco-Friendly Transport for a Greener Tomorrow
3. Simplifying your Commute with Ridesharing Services
4. Accessible ridesharing Solution designed for Women Travelers
5. PCAB Faucet: Your Gateway to Crypto Wealth
Technology Used:
React, React Native, Solidity, Remix,
Web3, Firebase, GitHub
Supervisor Name:
Dr. Muhammad Asim
Group Members:
Muhammad Ismail Ramzan(i20-0941)
+92 315 6991408
Muhammad Usman Shahid (i20-1797)
+92 312 6673713
Musaab Imran (i20-1794)
+92 322 7117752
Pocket Security: A Cyber Security Toolkit
Pocket Security is an android application for enhanced security awareness on the go.
With a suite of security tools, it empowers users to safeguard their digital presence
effortlessly.
After installing the app, the user needs to create a new account before he has access to
the application. Upon login the user is shown 2 features (1. Security Tools, 2. Security
Awareness). In bottom there is a chatbot icon from where user can ask anything.
Security Tools: Password Manager (remembers all your passwords and keeps them
encrypted) Intruder Photo Capture (takes picture of anyone trying to open your phone
when he inputs wrong password at lock screen) and Find my Phone (in a limited area with
clap or whistle)
Security Awareness: Common Cyber Attacks in the world, Cyber Security News and Blogs
to create digital security awareness among users.
Technology Used:
Android Studio, Firebase DB, Figma,
Kotlin
Supervisor Name:
Mr. Jawad Hassan
Group Members:
Khalil Ullah (19i-1951)
Contact # +92 3051851713
Haris Hameed (15i-0218)
Contact # +92 3212442747
SecT (Secure Transmission): A Zero Trust Network Access
Solution
SecT deploys a Zero Trust Network (ZTN) solution, independent of the underlying
infrastructure. Unlike traditional VPNs, which grant unsupervised, broad network access,
SecT follows the "Principle of Least Privilege," ensuring that users and devices receive
only the minimal required access. A unified management console centralizes control and
offers granular access policies with logging capabilities and analytics. This setup
enhances visibility across the organization and streamlines management.
When a SecT client requests access to a protected organizational asset, the request is
first verified by the controller. The controller then issues signed tokens and a Connector ID
based on the client's privileges. The client presents these tokens to the Relay, which
performs additional authorization before relaying the traffic to the designated Connector.
Acting as a proxy server, the Connector is responsible for facilitating communication
between the client and the internal resources.
Technology Used:
NextJs, NextAuth, Socket.IO, Python,
MongoDB, Docker
Supervisor Name:
Dr. Muhammad Asim
Group Members:
Fahad Waheed (20i-0651)
Contact # +92 320 9951882
Ubaidullah (20i-0541)
Contact # +92 333 5988256
Ghulam Murtaza (20i-0957)
Contact # +92 315 6130584
SENTRAC-IoT
SENTRAC-IoT focuses on researching and creating a Secure Routing Protocol for Low
Power and Lossy Networks (SRPL), designed to address the unmet challenges present in
the RPL within the expanding IoT landscape. While RPL efficiently transfers data in IoT
networks, it harbors significant security flaws, necessitating the development of an efficient
and secure routing protocol utilizing lightweight cryptography. Extensive research indicates
a lack of robust security mechanisms in IoT, leaving vulnerabilities such as external attacks
and privacy concerns such as forward and backward privacy unattended in the RPL. SRPL
offers authentication via Asymmetric Cryptography (ECC), which is also used for key
exchange and revocation, alongside SIMON for confidentiality and forward/backward
privacy, combining into a secure RPL. Evaluation metrics encompass Quality of Service
(packet delivery ratio, latency, throughput), resource efficiency (energy, memory,
bandwidth), and comprehensive security assessments.
Technology Used:
Cooja Simulator, Contiki, GCC, Ubuntu
Supervisor Name:
Mr. Jawad Hassan
Group Members:
Uzair Hassan (20i-0694)
Contact: 0315 5134394
Zumna Usman (20i-1873)
Contact: 0331 5158695
Fahad bin Rehan (19i-1702)
Contact: 0331 8855811

AI enrichment