Our BSc (Hons) Cyber Security Student, Qurbonov Adham Firuzovich, spoke with the Dean, Andy Tan Kien Chiang, this week to share his insights on AI-based cybersecurity applications project.

• Could you briefly introduce yourself and tell us which programme you are currently pursuing?

My name is Adham Qurbonov. I am currently studying in Teesside University’s Cyber Security Degree programme and I am 20 years old.  I have been interested in cybersecurity since I was 10, and began bug bounty work at the age 12 by identifying vulnerabilities in company websites and receiving rewards for my findings. Earning my first reward strengthened my passion for the field, and I have been actively involved ever since.

To date, I have assisted more than 150 companies and developed several cybersecurity products. I am now working on advanced AI-based cybersecurity applications that are open-source, free, and designed to support users with basic computer knowledge. I am also Certified Ethical Hacker (CEH v12) certified.

• What inspire your interest in Information Technology and Innovation?

When I was 8 years old, I accidentally unlocked my father’s car door while playing with the lock mechanism, and that was the first time I realised I had a natural curiosity for hardware hacking. And when I was 10, some of my game accounts were hacked and my password were leaked. That incident made me determined to study ethical hacking so I could learn how to protect myself from different types of attacks.

At age 11, as I was learning ethical hacking on my own through Google, my father began watching Mr Robot with me. He wanted to encourage my interest, and the series gave me a lot of motivation. Inspired by that, I defaced my first website at 12 years old. I believe many people in the cybersecurity field have a similar story of gaining early motivation from movies or shows that sparked their interest in the subject.

• How did you journey in IT begin, was there a specific moment or project that sparked your passion?

I began my IT journey by installing BackTrack on my main laptop after manually following instructions I found online. After the installation, I noticed several Wi-Fi hacking tools. When I ran my first tool, “Wifite”, a terminal full of numbers and commands appeared. I immediately started searching online to understand what they meant and how to use them.  After a year of experimenting with BackTrack. My learning accelerated quickly, and I began asking my father to purchase online courses that provided more detailed explanations of the tools, as well as networking and operating systems.

• Could you describe your project or discovery in simple terms?

The main goal of my projects is to make cybersecurity simple and accessible for everyone. I focus on developing AI-based tools that run locally on users’ devices without requiring an internet connection or high-performance hardware. These tools are simplified terminology to help users stay safe. So far, I have created three Chrome extensions, which can be found by searching “DataSec” on the Chrome Web Store. Two of them are AI-powered phishing detection tools, one analyses URLs to identify phishing websites, while the other scans any text for phishing indicators.

• What problem does your innovation aim to solve for individuals or organisations?

Availability is a key priority. Most enterprise-grade cybersecurity tools are expensive and require users to share their data with the companies that provide them. In contrast, my products ensure that all your data stays entirely on your device, nothing is sent to us and nothing is exposed online. Everything runs locally, with a simple and user-friendly interface that anyone can navigate and understand.

• What motivated you to develop his idea? Was it based on a real life issue you observed?

I wanted to use anti-phishing extensions, but I realised that most of them rely on an internet connection and cannot detect new attack methods. The higher quality tools are expensive and still require internet access, and once you are online, your IP address can be exposed, even when using a VPN, due to WebRTC leaks. One of my products addresses this issue.  Cybersecurity chatbots usually require significant computing power and are not automated, which is a major limitation of many so-called “high-end” tools. Even code-vulnerability assessment tools are costly and depend on the internet connect to send every piece of text to an AI server before returning results. My goal is to make these tools accessible to everyone by enabling them to run offline, at a low cost, or even completely free. No ads, no subscriptions, just install and use. What large corporations charge high fees for is now available directly in your browser, running seamlessly without causing any disruption. 

• What technologies, programming languages, or tools did you use in the development process?

All of the products were developed using Python, mainly with TensorFlow, and one of them using PyTorch. These are among the most commonly used frameworks for training machine learning models. I used to spend a significant amount of money renting GPU-powered servers to training these AI models. 

• What were some of the major challenges you encountered during development, and how did you overcome them?

The most frustrating challenge I faced while training these AI models was that the server could only run for two hours at a time. Another issue was that even 100 gigabytes of storage was not enough for training, so I had to keep renting additional space. I also had to automate the process of restrating the server, loading the saved training state from Google Drive, and continuing the training exactly from where I stopped. 

• How did your academic experience or modules at MDIS Dushanbe support you in this project?

Being in this university and learning from lecturers have motivated me to work hard and strive for success. Instead of relying completely on existing services, I want to create global products that will help me grow and achieve my goals.

• What advice would you give to other students who aspire to innovate or create something impactful?

Never delay anything. If you plan to learn or create something, start immediately. Postponing your plans will keep you stuck in the planning phase, and once you delay it once, you will likely continue delaying and end up regretting not starting sooner. If you want to learn cybersecurity, take the challenging route, install Linux without hesitation and begin exploring how to use it. If you feel afraid to start of become lazy, then this may not be the right path for you, and you should reconsider your direction. 

• What is the biggest lesson you learned from this experience?

Cybersecurity is a challenging field with many branches. It requires patience, strong critical thinking, and solid problem-solving skills. One of the biggest lessons I have learned is that timing is everything, if you are not fast enough, someone else will start the idea you had in mind, leaving you with nothing but regret. 

THANK YOU QURBONOV ADHAM FIRUZOVICH, MDIS DUSHANBE WISHES YOU EVERY SUCCESS IN YOUR STUDIES

                                                                       Writer: Dean, Andy Tan Kien Chiang