Syed Zainudeen Mohd Shaid, PhD PROFILE · Syed Zainudeen Mohd Shaid, PhD School of Computing,...
Transcript of Syed Zainudeen Mohd Shaid, PhD PROFILE · Syed Zainudeen Mohd Shaid, PhD School of Computing,...
Syed Zainudeen Mohd Shaid, PhD
School of Computing, Universiti Teknologi Malaysia,
81310 UTM Johor Bahru, Johor, Malaysia
Tel/WA/SMS: +60125995594
_______________________________________________________________________
PROFILE
Syed Zainudeen Mohd Shaid is a lecturer at Universiti Teknologi Malaysia (UTM) teaching
computer security subjects (e.g. Penetration Testing, Binary Exploitation, etc.), and a
researcher of the Information Assurance & Security Research Group (IASRG). His area of
interest includes Malware, Network Packet Analysis/Filtering, and UAV/Drones. He also
does training and consultancy on Reverse Engineering, Web Security, Penetration
Testing, Secure Coding, Android, and embedded systems/IoT security to various
organizations, from local government agencies to MNC. He is the author of several
security tools, some of which (e.g. JJDecode) is included in special purpose Linux distros
such as Kali Linux. He is also a Certified Penetration Testing Professional (CPTP), PGI
SOC Incident Responder, and PGI SOC Incident Responder (Trainer).
_______________________________________________________________________
ACHIEVEMENTS
_______________________________________________________________________
AWARDS
2019 Hall-of-Fame, Flare-on 6 reverse engineering challenge, FireEye
2019 1st, NanoSec Online CTF competition 2019
2019 Bronze Medal, Industrial Art & Technology Exhibition 2019 (INATEX), UTM.
2018 1st, Wargames.MY Online CTF competition
2018 2nd, NanoSec Online CTF competition 2018
2015 2nd, KPMG Cyber Security Challenge (Individual category)
2014 Bronze Medal, Industrial Art & Technology Exhibition 2014 (INATEX), UTM.
2014 Outstanding Service Award (APC 2013), UTM.
2012 1st, Hack@10 Hacking Competition, UNITEN.
2011 1st, Wargames.MY Online CTF competition
2011 2nd, Forensics Challenge, CyberSAFE Challenge Cup, UniKL.
2011 3rd, Hacking Competition at KL GreenHAT, UniKL
2007 Silver Medal, Industrial Art & Technology Exhibition 2007 (INATEX), UTM.
2007 Royal Education’s Award, UTM’s 39th Convocation
2007 Gold Winner (IT Category) & Second Runner-Up (Overall),
1st National Research & Innovation Competition (NRIC), USM
2005 Vice Chancellor’s Award, UTM’s 35th Convocation.
TV APPEARANCE
27 Dis 2018 “Keselamatan siber dan kebocoran maklumat” (LIVE), Nine 11, Bernama
News Channel (Ch 502).
02 Sep 2015 “Keselamatan server daripada ancaman penggodam”, Analisis Awani, Astro
Awani (Ch 501)
07 Oct 2014 “Godam ATM dan ancaman keselamatan transaksi dalam talian”, Analisis
Awani, Astro Awani (Ch 501)
01 Oct 2014 “Keselamatan sistem ATM” (LIVE), Malaysia Hari Ini (MHI), TV3 (Ch 103)
30 Sep 2014 “Isu penggodaman ATM”, Buletin Utama, TV3. (Ch 103)
_______________________________________________________________________
KNOWLEDGE
_______________________________________________________________________
PROFESSSIONAL CERTIFICATION
2018 PGI SOC Incident Responder Trainer
2018 PGI SOC Incident Responder
2014 Certified Penetration Testing Professional (CPTP)
2010 CompTIA A+ certified
2007 Linux System Administration: LP 101 & LP 102
FORMAL EDUCATION
2010-2013 Doctor of Philosophy (Comp. Science), Universiti Teknologi Malaysia
2008-2009 Masters of Science (Comp. Science), Universiti Teknologi Malaysia, CPA 4.0
2005-2007 Bachelor of Science (Computer), Universiti Teknologi Malaysia, CPA 4.0
2002-2005 Diploma in Comp. Science (IT), Universiti Teknologi Malaysia, CPA 4.0
TECHNICAL SKILLS
Operating Systems: Competent in Windows, GNU/Linux, FreeBSD.
Programming: ASM (x86, AMD64), C/C++, C#, X/HTML, Java, JavaScript, PHP,
Python 2/3, VB.Net, VBScript.
Network: Familiar with Cisco IOS commands, Competent in IPv4/IPv6.
Reverse Engineering: Competent in x86, AMD64, ARM reverse engineering
Penetration Testing: Competent in Penetration Testing of Network – Layer 2/3/4, Web
Application, Android Apps, WiFi
Forensics: Competent in Memory and Disk forensics
Shellcode: Competent in x86, and AMD64 shellcoding
Notable tools: Competent in using IDA Pro, WinDbg, x64dbg, gdb, OWASP ZAP,
Metasploit, Wireshark, tcpdump, etc.
_______________________________________________________________________
WORK EXPERIENCE
_______________________________________________________________________
EMPLOYMENT
2014-now Lecturer (Universiti Teknologi Malaysia)
2007-2014 Tutor (Universiti Teknologi Malaysia)
RESPONSIBILITIES
2016-2018 ICT Procurement Evaluator Panel (Technical), UTM
2015-2016 IT Manager, Faculty of Computing (FC), UTM
2014-2016 Coordinator of Innovation and Entrepreneurship Committee, FC, UTM
2012-2013 Web Security Advisor, UTM
2009-2010 Server Admin (Dept. of Comp. Systems & Communications), FSKSM, UTM
2008 Committee of the 4th Postgraduate Annual Research Seminar, UTM
2008 Server Admin (Undergraduate Student Project), FSKSM, UTM
TEACHING
Penetration Testing (Network, WiFi, Web App, Mobile App)
Binary Exploitation (x86, AMD64)
Malware Analysis (Windows malware)
Secure Coding, Secure Software Development
Network Programming (socket/winsock)
Cryptography
_______________________________________________________________________
RESEARCH & DEVELOPMENT
_______________________________________________________________________
NOTABLE PROJECTS
2019 IoT Firewall. (On going)
2019 JagaDrone. A special-purpose ground control system
for UAV/drone control and management.
2018 NKABOT. Web Scraping Tool.
2017 CTIP Data Visualization Project. A Malware Data
Warehouse and Visualization project. 2017 Web Content Filtering Firewall. A FreeBSD based
firewall (implemented as a kernel module written
from scratch) for filtering web content based on
pattern matching.
2012 APITRACE. A stealthy tool for capturing first-level API calls made by user
mode Win32 programs (for internal use by malware researchers in UTM).
2011 JJDecode. A decoder for JJEncode JavaScript encoder. (Open Source)
Available in Kali Linux, REMnux, etc.
INTELLECTUAL PROPERTY
2013 Method for Detecting Blurred Region in Highly Textured Image
(Application No.: UI 20095471, Patent No.: MY-149940-A)
RESEARCH GRANTS (LEADER)
2019 Development of Hardware Sensor for Network Monitoring and Detection of
Internet-of-Things Malware Threats. Prototype Research Grant Scheme
(PRGS), Ministry of Education Malaysia.
2015 Disaster relief and preparedness: Aerial Disaster Site Surveying System
through the use of a middleware for integrating web interface, mobile app,
and air drones. Prototype Research Grant Scheme (PRGS), Ministry of
Education Malaysia.
2014 Multi-platform Framework and Middleware for Data Aggregation. Flagship
grant, Research University Grant, UTM.
2014 A Stealthy Technique for Capturing Malware's User Mode API Call
Sequence. Potential Academic Staff grant, UTM.
_______________________________________________________________________
PUBLICATIONS
_______________________________________________________________________
JOURNAL
2018 BAS Al-rimy, MA Maarof, SZM Shaid. “Ransomware threat success factors,
taxonomy, and countermeasures: A survey and research directions”.
Computers & Security. Vol 74. pp. 144-166.
2017 Maktabdar Oghaz, Mahdi & Maarof, Mohd & Rohani, Mohd & Zainal,
Anazida & Mohd Shaid, Syed Zainudeen. “An optimized skin texture model
using gray-level co-occurrence matrix”. Neural Computing and
Applications. 10.1007/s00521-017-3164-8.
2016 Herve Nkiama, Syed Zainudeen Mohd Shaid, Muhammad Saidu, “A Subset
Feature Elimination Mechanism for Intrusion Detection System”
International Journal of Advanced Computer Science and
Applications(ijacsa), 7(4), 2016.
2014 Mohd Shaid, S.Z., Maarof, M.A. “Malware Behaviour Visualization”, Jurnal
Teknologi, Penerbit UTM Press. 70 (5), pp. 25-33
CONFERENCE PAPER
2017 Al-rimy B.A.S., Maarof M.A., Shaid S.Z.M. “A 0-Day Aware Crypto-
Ransomware Early Behavioral Detection Framework”. In: Saeed F., Gazem
N., Patnaik S., Saed Balaid A., Mohammed F. (eds) Recent Trends in
Information and Communication Technology. IRICT 2017. Lecture Notes on
Data Engineering and Communications Technologies, vol 5. Springer
2015 Mohd Shaid, S.Z., Maarof, M.A. (2015). “In Memory Detection of Windows
API Call Hooking Technique”. 2015 International Conference on Computer,
Communication, and Control Technology, Kuching, Sarawak, Malaysia.
2014 Mohd Shaid, S.Z., Maarof, M.A. (2014). “Malware behavior image for
malware variant identification”. International Symposium on Biometrics
and Security Technologies (ISBAST 2014), Kuala Lumpur. pp.238-243
2013 Mohd Shaid, S.Z., Maarof, M.A. (2013). “A Technique for Malware
Behaviour Visualization”. Proceedings of the 4th International Graduate
Conference on Engineering, Science, and Humanities (IGCESH 2013).
pp.1-7.
BOOK CHAPTER
2012 Introduction to Malware Reverse Engineering, Issues in Computer Security
& Networking, Part 1, UTM Press.
OTHER PUBLICATIONS
2015 Virus Lesap Wang, Dewan Masyarakat. Issue 1, Dewan Bahasa dan
Pustaka. pp 54 – 55
_______________________________________________________________________
CONSULTATION WORK
_______________________________________________________________________
NOTABLE PROJECTS
2018 Reverse Engineering (Professional Training). Vot 1366
2016 Secure Coding Practices (Professional Training). Vot 1027
Web Penetration Testing (Professional Training). Vot 1099
Web Penetration Testing (Professional Training). Vot 1117
2015 Android App Development (Professional Training). Vot 906
Ethical Web Application Hacking (Professional Training). Vot 944
PNEWELS (Embedded Systems Development). Vot 969
2014 Ethical Web Application Hacking (Professional Training). Vot 797
eyeNOON (Embedded Systems Development). Vot 799
Android App Development (Professional Training). Vot 816
Ethical Web Application Hacking (Professional Training). Vot 817
NOTABLE CLIENTS
PNE Univ. Teknologi Mara Ministry of Health Pahang State Government & Agencies
Malaysian Administrative Jabatan Penerangan UniSAS Micro Semiconductor Sdn Bhd Modernization, and Management Malaysia Planning Unit
- End of CV -
References available upon request. Last Updated: 16 October 2019