I am a 5th year PhD student in the Department of Computer Science at Virginia Tech. I am advised by Dr. Na Meng. I have completed my B.Sc. in Computer Science and Engineerings from Ahsanullah University of Science & Technology (AUST).

My area of research is Software Engineering, and Software Security. I am currently working on helping developers maintain project configuration well, so that they face fewer run-time errors and security issues. I frequently use self-made external Domain Specific Language, Static Program Analysis, and optimized Algorithm & Data Structures to solve different research problems.

After graduation, I worked as a Software Engineer at Enosis Solutions, Bangladesh for 3.5 years. I am passionate about solving algorithmic problems. During my undergrad studies, I was an active participant in the national and international level programming contests.

Contact: mdmahirasefk (at) vt (dot) edu

Download CV

Research Publications

2022

• Md Mahir Asef Kabir, Ying Wang, Danfeng Yao, Na Meng, “How Do Developers Follow Security-Relevant Best Practices When Using NPM Packages?”, 2022 IEEE Secure Development Conference (SecDev) [Code] [Presentation] [Paper]

• Ying Zhang, Ya Xiao, Md Mahir Asef Kabir, Daphne Yao, Na Meng, “Example-Based Vulnerability Detection and Repair in Java Code”, ICPC ‘22: Proceedings of the 30th IEEE/ACM International Conference on Program Comprehension

• Ying Zhang, Md Mahir Asef Kabir, Ya Xiao, Danfeng Daphne Yao, Na Meng, “Automatic Detection of Java Cryptographic API Misuses: Are We There Yet”, IEEE Transactions on Software Engineering (TSE)

Recent News

• [Mar 2024] - Attended Bloomberg Tech Lab at Virginia Tech and learned about Docker containers and RabbitMQ message-broker.
• [Oct 2023] - Successfully passed the Ph.D. preliminary exam and has become a Ph.D. candidate.
• [Nov 2022] - Attended ACM CCS 2022.
• [Oct 2022] - Presented a paper at IEEE SecDev 2022.
• [Aug 2022] - Our paper on “How Do Developers Follow Security-Relevant Best Practices When Using NPM Packages?” was accepted by IEEE SecDev 2022.
• [Aug 2022] - Our paper on “Automatic Detection of Java Cryptographic API Misuses: Are We There Yet?” was selected for presentation by ASE 2022.
• [Mar 2022] - Our paper on “Example-Based Vulnerability Detection and Repair in Java Code” was accepted by ICPC 2022.
• [Feb 2022] - Our paper on “ Automatic Detection of Java Cryptographic API Misuses: Are We There Yet?” was accepted by TSE.