Basics
| Name | Mohsin Khan |
| Label | PhD Cybersecurity | Aspiring Security Professional (Blue & Red Team) |
| khann.mohsin@icloud.com | |
| Url | https://khannmohsin.github.io |
| Img | assets/images/profile.jpg |
| Summary | PhD in cybersecurity with strong systems-level expertise in IoT/OT security, distributed trust, and applied cryptography. My background combines academic rigor—evaluating 130+ cryptographic primitives and designing secure distributed architectures, with hands-on industry skills in vulnerability management, detection fundamentals, cloud security, and governance. I am actively transitioning into blue-team, red-team, or security engineering roles. |
Work
-
2021.11 - 2025.12
PhD Research Fellow in Cybersecurity
UiT – The Arctic University of Norway
Conducted applied cybersecurity research on securing distributed IoT and OT systems under adversarial and resource-constrained conditions.
- Designed secure distributed IoT and cloud architectures using Zero Trust principles, IAM-based access control, and STRIDE threat modeling, reducing attack surface and strengthening trust enforcement across multi-node systems.
- Performed risk and impact analysis on distributed components to identify trust boundaries and failure modes, improving resilience against partial compromise, misconfiguration, and insider threats.
- Developed a taxonomy and benchmarking framework for ~130 lightweight cryptographic primitives, evaluating performance, memory, energy, and cryptanalytic properties to support secure algorithm selection on constrained devices.
-
2021.01 - 2021.11
Data Engineer (Security-Aware Systems)
Blackbuck Insight
Worked on large-scale data pipelines with a focus on secure cloud migration, access control, and operational reliability.
- Migrated on-premise data pipelines to AWS using IAM-based access controls and monitoring, improving security posture and reducing data access risk.
- Built and optimized distributed data processing workflows using PySpark, MapReduce, and Linux, enabling scalable and reliable analytics on high-volume datasets.
- Improved pipeline observability and access separation, supporting secure production analytics and downstream decision-making.
Education
-
2021.11 - 2025.12 Tromsø, Norway
-
2019.01 - 2022.07 New Delhi, India
-
2018.08 - 2020.11 Jammu & Kashmir, India
-
2014.08 - 2018.06 Jammu & Kashmir, India
Certificates
| ISO 27001:2022-Compliant Cybersecurity – Annex A Controls | ||
| LinkedIn Learning |
| ISO 27001:2022-Compliant Cybersecurity – Getting Started | ||
| LinkedIn Learning |
| Deloitte Australia – Cyber Job Simulation | ||
| Deloitte Australia (Forage) |
| AWS Certified Developer – Associate | ||
| Amazon Web Services (AWS) |
Projects
- 2025.12 - 2025.12
Cloud Security Architecture & Migration Risk Analysis
Assessed cloud migration risks and security controls for an industrial organization transitioning critical systems to the cloud.
- Evaluated IaaS, PaaS, and SaaS deployment models to identify security risks to data, applications, and infrastructure during migration.
- Applied shared responsibility principles and cloud security best practices to recommend mitigation strategies aligned with operational constraints.
- Strengthened practical skills relevant to cloud security, security engineering, and architecture-focused roles.
- 2025.12 - 2025.12
Deloitte Australia Cyber Job Simulation (Forage)
Completed a hands-on cyber incident simulation mirroring real SOC and consulting workflows.
- Analyzed web and activity logs to identify anomalous behavior and potential indicators of compromise during a simulated security breach.
- Supported incident investigation using structured reasoning to separate benign activity from suspicious patterns under incomplete information.
- Developed practical detection, triage, and communication skills directly applicable to SOC analyst and blue-team roles.
- 2025.12 - 2025.12
Healthcare Data Security & HIPAA Risk Assessment
Evaluated the data security posture of a healthcare provider against HIPAA requirements and real-world operational risks.
- Reviewed policies, workflows, and data handling practices to identify confidentiality, integrity, and availability risks to patient data.
- Mapped existing controls against HIPAA Security Rule requirements to identify compliance gaps and remediation priorities.
- Recommended encryption, backup, and access-control improvements suitable for a small healthcare organization.
- 2025.12 - 2025.12
Vulnerability Impact Analysis & Threat Mitigation
Performed structured vulnerability analysis and risk-based mitigation planning for an organizational environment.
- Identified technical and procedural vulnerabilities, then assessed likelihood and business impact to support risk-based prioritization.
- Ranked findings by severity to guide remediation decisions under limited time and resource constraints.
- Delivered a mitigation plan aligned with defensive security workflows and vulnerability analyst responsibilities.
- 2024.01 - 2025.11
BlockCap: Blockchain-Based Capability Access Control for IoT Systems
Designed a distributed trust and access-control architecture for IoT systems operating under partial trust and adversarial conditions.
- Designed capability-based authorization using smart contracts and validator coordination to enforce least-privilege IoT communication, reducing reliance on static credentials.
- Implemented token issuance, revocation, expiry, and auditability through blockchain-backed governance, improving traceability and resistance to misconfiguration and insider threats.
- Evaluated latency, resource overhead, and security guarantees using STRIDE threat modeling to validate deployability in resource-constrained environments.
- 2023.01 - 2025.09
Lightweight Cryptography Benchmarking & Taxonomy for IoT
Built a practitioner-oriented benchmarking and taxonomy framework to support secure cryptographic choices for constrained IoT and OT devices.
- Benchmarked 130+ lightweight primitives (hash, symmetric, asymmetric) across AVR and ARM platforms using ChipWhisperer and custom measurement tooling.
- Analyzed performance, memory footprint, energy cost, and known cryptanalytic properties to quantify real-world security–efficiency trade-offs.
- Produced a structured taxonomy to help engineers and security teams select algorithms aligned with device constraints and threat models.
- 2019.08 - 2021.01
CAV- and VANET-Enabled Traffic Congestion Reduction and Accident Circumvention
Designed a cooperative cyber-physical system using CAV and VANET communication to reduce traffic congestion and prevent accidents through coordinated vehicle decision-making.
- Designed distributed decision logic for safe-distance maintenance, controlled overtaking, and permission-based lane changes using inter-vehicle communication.
- Evaluated system behavior using MATLAB simulations under realistic traffic scenarios, demonstrating reduced congestion waves and lower collision risk.
- Built early systems expertise in trust, coordination, and failure propagation in distributed cyber-physical systems—foundational to later IoT/OT security work.
Skills
| Blue Team & Defensive Security | |
| Log Analysis | |
| Detection Fundamentals | |
| Incident Response | |
| Vulnerability Management | |
| SIEM Tools | |
| Threat Modeling (STRIDE) |
| Red Team & Adversarial Skills | |
| Penetration Testing Fundamentals | |
| Web Application Security | |
| Adversarial Thinking | |
| Attack Surface Analysis |
| Security Engineering & Architecture | |
| Zero Trust | |
| IAM | |
| Secure Distributed Systems | |
| IoT/OT Security | |
| Blockchain Security |
| Cryptography & Emerging Security | |
| Lightweight Cryptography | |
| Hash Functions | |
| Applied Cryptography | |
| Post-Quantum Cryptography (research exposure) |
Interests
| Cybersecurity Practice | |
| Blue Team Operations | |
| Red Team Techniques | |
| Security Architecture | |
| OT & Critical Infrastructure Security |
Publications
-
2025.12 A Comparative Analysis of Lightweight Hash Functions Using AVR ATXMega128 and ChipWhisperer
NordSec (Nordic Conference on Secure IT Systems)
Compared software-based lightweight hashes on ATxmega128 using ChipWhisperer measurements and E-RANK to highlight practical performance and energy trade-offs for embedded engineers.
-
2025.11 Survey of Lightweight Hardware-Based Hash Functions for Security in Constrained IoT Devices
IEEE Access
Surveyed lightweight hardware hash designs (sponge- and cipher-based), compared area/throughput/energy trade-offs, and synthesized cryptanalytic findings to guide resource-aware selection for IoT deployments.
-
2025.09 Software Benchmarking of NIST Lightweight Hash Function Finalists on Resource-Constrained AVR Platform via ChipWhisperer
SECRYPT (SCITEPRESS)
Benchmarked NIST lightweight hash finalists on AVR using ChipWhisperer-assisted profiling and a composite E-RANK metric spanning speed, memory footprint, and energy efficiency.
-
2025.07 System Support for Accountable and Trusted Data Collection and Fog Processing in Remote Electronic Monitoring
FMEC (IEEE)
Co-authored a fog/edge data-collection system focusing on integrity, accountability, and verifiability for compliance-driven remote monitoring scenarios.
-
2024.09 Performance Evaluation of Lightweight Cryptographic Ciphers on ARM Processor for IoT Deployments
SciSec (Springer, LNCS 15441)
Evaluated lightweight block/stream ciphers on ARM and introduced E-RANK to combine throughput, memory footprint, and energy cost into a single efficiency score for IoT.
-
2024.07 Performance Evaluation of Lightweight Stream Ciphers for Real-Time Video Feed Encryption on ARM Processor
Future Internet (MDPI)
Built a benchmarking tool for real-time video encryption on ARM, quantifying frame rate, cycles, memory/ROM, and energy to compare lightweight stream ciphers for practical deployments.
-
2023.11 A Multi-pronged Self-adaptive Controller for Analyzing Misconfigurations for Kubernetes Clusters and IoT Edge Devices
ESoCC (Springer)
Co-authored a controller to monitor and detect misconfigurations in Kubernetes clusters and IoT edge environments, linking observed behavior to hidden configuration states.
-
2021.11 Traffic Congestion Reduction and Accident Circumvention System via Incorporation of CAV and VANET
IGI Global
Proposed cooperative CAV/VANET decision logic (safe distance, overtaking, lane shifting) and validated via MATLAB/Simulink-style simulations to reduce phantom jams and collision risk.
-
2021.05 Traffic Jam Minimization and Accident Avoidance System Using IoT
ETCCS (Springer)
Designed IoT-enabled inter-vehicle coordination algorithms to mitigate congestion waves and improve safety for level-2 automation environments.
-
2018.09 Smart n Secure Home Using IoT
IJSRCSEIT
Built an IoT smart-home system with sensing, automation, and remote control; integrated safety/security features such as motion/gas detection and automated responses.
References
| Prof. Håvard Johansen | |
| Professor, Department of Computer Science, UiT The Arctic University of Norway. | |
| havard.johansen@uit.no |
| Prof. Dag Johansen | |
| Professor, Department of Computer Science, UiT The Arctic University of Norway. | |
| dag.johansen@uit.no |
| Dr. Elisavet Kozyri | |
| Associate Professor, Department of Computer Science, UiT The Arctic University of Norway. | |
| elisavet.kozyri@uit.no |