S. M. Zia Ur Rashid
Chadgoan R/A, Block-B, Road-#13, House-#309 Chittagong 4212 Bangladesh
smziaurrashid@gmail.com, ziaur@ieee.org
+8801852575265, +8801317691125
Education
International Islamic University ChittagongChittagong, Bangladesh
B.Sc., Electrical & Electronic Engineering2015 - Present
CGPA: 3.22/4.0 [Till 7th semester out of total 8th semester]
Thesis: Belief Rule Based Expert System to Assess Scada Security (Ongoing)
Supervisor: Dr. Yasir Arafat
Research Interests
Cyber Security | Information Security
Experience
Teaching AssistantJune, 2019 - Present
Cybrary
Publications
Peer-Reviewed Conference Papers
[1] S. M. Z. U. Rashid, M. I. Kamrul and A. Islam, "Understanding the Security Threats of Esoteric Subdomain Takeover and Prevention Scheme," 2019 International Conference on Electrical, Computer and Communication Engineering (ECCE), Cox's Bazar, Bangladesh, 2019, pp. 1-4. doi: 10.1109/ECACE.2019.8679122
[2] A. Alam, H. Islam, M. T. Islam, S. M. Z. U. Rashid, M. J. Hossen and M. S. Mahmud, "CPG-Based Industrial Manipulators on AVR System for PTP Applications," 2019 International Conference on Electrical, Computer and Communication Engineering (ECCE), Cox's Bazar, Bangladesh, 2019, pp. 1-6. doi: 10.1109/ECACE.2019.8679138
[3] Md Jamshed Alam, M. I. Kamrul, S. M. Zia Ur Rashid and Syed Zahidur Rashid. "An Expert System Based on Belief Rule to Assess Bank Surveillance Security." In Proceedings of the 2018 2nd Int. Conf. on Innovations in Science, Engineering and Technology (ICISET), 27-28 October 2018, Chittagong; IEEE (In Press).
[4] A. Alam, S. M. Zia Ur Rashid, Md. Abdus Salam and Ariful Islam. "Towards Blockchain-based E-voting System." In Proceedings of the 2018 2nd Int. Conf. on Innovations in Science, Engineering and Technology (ICISET), 27-28 October 2018, Chittagong; IEEE (In Press).
CVE Published
  • CVE-2019-11196, NIST National Vulnerability Database
  • CVE-2018-16971, NIST National Vulnerability Database
  • CVE-2018-16970, NIST National Vulnerability Database
  • CVE-2018-16606, NIST National Vulnerability Database
Training And Courses
  • Software Security by University of Maryland, College Park on Coursera
  • Cryptography I by Stanford University on Coursera
  • CYBER501x: Cybersecurity Fundamentals (Rochester Institute of Technology, edX)
  • CYBER504x: Network Security (Rochester Institute of Technology, edX)
  • AWS Cloud Practitioner Essentials: Cloud Concepts
  • AWS Cloud Practitioner Essentials: Core Services
  • 7-days Industrial Training at Eastern Cables Limited
  • Microcontroller & Robotics Fundamental Course at Deshikarigor Research & Training Circle
  • Two-days Long Workshop on Industrial Automation Organized by IEEE IIUC SB
Honors And Achievements
  • Scholarship: Tuition fee waiver for outstanding semester result (GPA: 3.95) in Autumn 2018
May, 2019
  • CompTIA
March, 2018
Recieved CompTIA exam vouchers including Certmaster access and AITP IT Professional membership as a token of appreciation for reporting account takeover and cross-site scripting vulnerabilities.
  • Microsoft
2017 - 2018
Received acknowledgement from Microsoft and listed on their Hall of Security Researcher for three times for finding and reporting security vulnerabilities on their online services. Also received white hat swag from Microsoft Security Response Center (MSRC) as a token of appreciation.
  • Champion (Team), Software Development Competition, Tech Fest 2017, IIUC
December, 2017
Project Name: HackSlash : PHP-based Web Firewall
  • U.S. Department of Defense (DoD)
August, 2017
Listed on U.S. DoD Security Researcher Hall of Fame for reporting personal information disclosure vulnerability of their multiple website through their Hackerone program.
  • Uber
May, 2017
Listed on Uber Hall of Security Researcher for reporting two subdomain takeover vulnerability through their Hackerone bug bounty program.
  • Atlassian
May, 2017
Received swag pack as a token of appreciation from Atlassian for reporting a subdomain takeover vulnerability.
  • Intel
March, 2017
Received letter of appreciation from Intel Corporation for reporting information disclosure vulnerability of their website.
  • Adobe
2016 - 2017
Listed on Adobe Hall of Security Researcher for reporting multiple security vulnerabilities including internal repositories and information disclosure through their Hackerone program.
  • Github
March, 2016
Received bounty and swag pack as reward from Github for reporting subdomain hijacking vulnerability through their bug bounty program and also listed on their hall of security reseacher.
Organizations And Affiliations
National Cybersecurity Student Association (US), Student Member (#111363026)2018 - Present
CompTIA AITP, IT Professional Member (#887311)2018 - Present
IEEE, Student Member (#93889420)2016 - Present
IEEE Computer Society, Student Member (#93889420)2016 - Present
Volunteer Activities
  • Webmaster, IEEE Bangladesh Section Student Activities Committee, 2018
  • Webmaster, IEEE IIUC Student Branch Executive Committee, 2018
  • Ambassador, IEEEXtreme Programming Competition 12.0, 2018
  • Student Ambassador, IEEE madC (Mobile Applications Development Contest), 2018
  • Volunteer, International Conference on Innovations in Science, Engineering and Technology (ICISET 2018)
  • Student Member Secretary, ICISET Inter University Poster Presentation Competition 2018
  • Class Representative & Executive Member, EEE Club (IIUC), Oct. 2015 - April 2016
Technical Skills
  • Software & Tools - LaTeX, Matlab, Proteus, Nmap, Metasploit, Pentestbox
  • Functional Skills - Penetration Testing/Ethical Hacking, Vulnerability Assessment
  • Programming Skills - Elementary Knowledge on C, C++, PHP, Python
  • Operating Systems - Windows 7, 8.1 & 10, Kali Linux, VPS (CentOS & Ubuntu)
.5"
.5"
.25"
.25"