I recently completed my Ph.D. in Computer Science at Virginia Tech, advised by Dr. Na Meng. I earned my B.Sc. in Computer Science and Engineering from Ahsanullah University of Science & Technology (AUST).

My work lies at the intersection of Software Engineering, Software Security, and AI-assisted software maintenance. I develop techniques for current-practice analysis, automatic bug detection, and automated program repair using domain-specific languages, static program analysis, and large language models (LLMs).

I have industry experience at both Google and Amazon. As a Software Engineering Intern at Google (Google Cloud), I developed a custom Java MCP server powering a team-specific virtual assistant and built an end-to-end evaluation-dataset pipeline using LLMs. As an Applied Scientist Intern at Amazon (AWS Security), I designed an end-to-end analysis pipeline to detect and classify sources of unsoundness in static taint analysis tools.

Before graduate school, I worked as a Software Engineer at Enosis Solutions for 3.5 years. I also enjoy solving algorithmic problems and was an active competitive programmer during my undergraduate years.

Contact: mdmahirasefk (at) vt (dot) edu

Download Resume

Recent News

• [Nov 2025] - Successfully defended my Ph.D. dissertation 🎓.

• [Nov 2025] - Completed my Software Engineering internship at Google (Google Cloud).

• [Aug 2025] - Completed my Applied Scientist internship at Amazon (AWS Security).

• [May 2025] - Served as a committee member in the Artifact Evaluation Committee for ECOOP 2025.

• [Mar 2025] - My first-author paper on investigating LLMs’ performance in revising software based on maintenance requests has been accepted at LLanMER 2025 (co-located with FSE 2025) 🎉🎉.

• [Mar 2025] - I have been awarded travel grants by Virginia Tech GPSS and Virginia Tech CS Grad Council to attend FSE 2025 in Norway.

• [Jan 2025] - My first-author paper on detecting metadata-related bugs in enterprise applications has been accepted at FSE 2025, a top-tier A* conference 🎉🎉🎉.

• [Oct 2024] - Served as a Committee Member in the Artifact Evaluation Committee of SLE 2024.
• [Mar 2024] - Attended Bloomberg Tech Lab at Virginia Tech and learned about Docker containers and RabbitMQ message-broker.
• [Oct 2023] - Successfully passed the Ph.D. preliminary exam and has become a Ph.D. candidate 🎉🎉.
• [Nov 2022] - Attended ACM CCS 2022.
• [Oct 2022] - Presented our work at IEEE SecDev 2022.
• [Aug 2022] - Our paper on “How Do Developers Follow Security-Relevant Best Practices When Using NPM Packages?” was accepted by IEEE SecDev 2022 🎉🎉.
• [Aug 2022] - Our paper on “Automatic Detection of Java Cryptographic API Misuses: Are We There Yet?” was selected for presentation by ASE 2022.
• [Mar 2022] - Our paper on “Example-Based Vulnerability Detection and Repair in Java Code” was accepted by ICPC 2022 🎉.
• [Feb 2022] - Our paper on “ Automatic Detection of Java Cryptographic API Misuses: Are We There Yet?” was accepted by TSE 🎉.

Research Publications

2025

• Md Mahir Asef Kabir, Adnan Hassan, “How Well Do ChatGPT Models Maintain Software?”, LLanMER 2025: The First International Workshop on Large Language Model-Oriented Empirical Research

• Md Mahir Asef Kabir, Xiaoyin Wang, Na Meng, “Detecting Java Projects’ Metadata-related Bugs”, FSE 2025: The ACM International Conference on the Foundations of Software Engineering [Code] [Paper]

2022

• Md Mahir Asef Kabir, Ying Wang, Danfeng Yao, Na Meng, “How Do Developers Follow Security-Relevant Best Practices When Using NPM Packages?”, 2022 IEEE Secure Development Conference (SecDev) [Code] [Presentation] [Paper]

• Ying Zhang, Ya Xiao, Md Mahir Asef Kabir, Daphne Yao, Na Meng, “Example-Based Vulnerability Detection and Repair in Java Code”, ICPC ‘22: Proceedings of the 30th IEEE/ACM International Conference on Program Comprehension

• Ying Zhang, Md Mahir Asef Kabir, Ya Xiao, Danfeng Daphne Yao, Na Meng, “Automatic Detection of Java Cryptographic API Misuses: Are We There Yet”, IEEE Transactions on Software Engineering (TSE)