profile_picture
Masudul Hasan Masud Bhuiyan
Ph.D., CISPA Helmholtz Center for Information Security
masudul dot bhuiyan at cispa dot de

Welcome to my homepage. I am a Ph.D. candidate at CISPA Helmholtz Center for Information Security, advised by Cristian-Alexandru Staicu. I obtained my Master’s degree from the University of Nevada, Reno, USA, under the supervision of Engin Arslan. Prior to that, I received my Bachelor’s degree in Computer Science and Engineering from the Bangladesh University of Engineering & Technology. You can check my complete CV here.

My core research interest is in program security at the intersection of software/web security, software engineering, and programming languages. One of my research goals is to secure the open-source ecosystem by building program analysis tools to enhance programmer productivity and uncover new security vulnerabilities. My current research focuses on developing machine learning models to improve Static Call Graph techniques for Server-side JavaScript applications.

Interests

  • Program Analysis
  • Software Engineering
  • Programming Languages
  • Machine Learning

Academia

CISPA Helmholtz Center for Information Security
2021 - present
Ph.D. Computer Science
University of Nevada, Reno
2019 - 2020
M.Sc. Computer Science and Engineering
Result: 4.0/4.0
Bangladesh University of Engineering & Technology
2012 - 2017
B.Sc. Computer Science and Engineering

News

  • , December 2023
    • Presented our Poster at FSE'23
  • , December 2023
    • Presented our work at FSE'23
  • , August 2023
    • Paper got accepted at FSE'23 Student Research Competition
  • , July 2023
  • , May 2023
    • Presented our Poster at ICSE'23

Recent Publications

See my google scholar for the latest list
The Call Graph Chronicles: Unleashing the Power Within, 2023, ESEC/FSE 2023
Masudul Hasan Masud Bhuiyan
pdf poster
SecBench.js: An Executable Security Benchmark Suite for Server-Side JavaScript, 2023, International Conference on Software Engineering 2023
Masudul Hasan Masud Bhuiyan , Adithya Srinivas Parthasarathy , Nikos Vasilakis , Michael Pradel , Cristian-Alexandru Staicu
code pdf slides
A Tale of Frozen Clouds: Quantifying the Impact of Algorithmic Complexity Vulnerabilities in Popular Web Servers, 2022,
Masudul Hasan Masud Bhuiyan , Cristian-Alexandru Staicu
pdf
Be SMART, Save I/O: A Probabilistic Approach to Avoid Uncorrectable Errors in Storage Systems, 2022, IEEE Cluster 2022
Masud Bhuiyan , Md Arifuzzaman, and Engin Arslan
code pdf slides
Machine Learning for Data Transfer Anomaly Detection, 2020, The International Conference for High Performance Computing, Networking, Storage, and Analysis (SC 20)
Masud Bhuiyan , Sarah Cooper, and Engin Arslan
pdf poster

Projects

See my github for the complete list
Quantifying CPU based DoS attack in Web Servers
We proposed new metrics to quantify the effect of CPU-based Dos attacks under different attack scenarios. We tested our methodology in five different popular web frameworks and deployed our system on AWS, Azure, Heroku, and DigitalOcean.
Proactive Error Prediction to Detect Uncorrectable Bit Error
We designed and implemented a machine learning model based probabilistic framework to detect uncorrectable bit error on disk to improve storage system reliability.
Bottleneck Detection in End to End Data Transfer
In this work we developed a framework to find out the root cause of performance bottleneck in end to end transfer for HPC systems. Our framework use system, network, and storage level statistics to develop a machine learning model which can identify the source of failure.
website
Chakriguru: A job portal for illiterate people
In urban area, mainly economically challenged people are those who have little or no education and hardly have any access to existing technologies. Apart from their physical labor they have little to offer as their skill levels are typically very low. So, often it is very hard to find appropriate jobs for them. On top of that whatever job they can get may not be safe or secured. And as they cant easily access mobile technologies (e.g using smartphone) they are basically detached from the huge opportunity that internet today can provide. We tried to find a way to break this technology barrier. We interviewed around 35 people from different occupations and classes to find out what they expect from a job portal. We gathered a lot of insights from their experience and tried to build a noble system which can serve these people properly. We participated in the Brac Urban Urban Innovation Challenge with this project and was able to reach the semifinal of the competition."
website
Sentiment Analysis of Reader’s Comments in ESPNcricinfo: An Empirical Study
Sports news websites, like ESPNCricinfo, has become very popular nowadays, through which users can easily get updated about ongoing games, and express their opinions and enthusiasm about sports. The massive amount of user comments is a useful source that carries mass sentiment and opinions towards the game. There is no previous research on classifying sentiment of user’s comment in sports domain especially on ESPNCricinfo which is based on the game of cricket. In this work, we use a sentiment analysis algorithm and a lexical analysis tool to investigate the influence of various factors such as players form, type of the game,or even the time of the day on sentiments in the context of ESPNCricinfo. We start our analysis by looking at direct correlations, e.g.,we observe more positive sentiments on during the good form period of a player,weekends,more sentiment on the 4th day of a test match than others day.We then extend this basic analysis by investigating how team combination(visitor, host)pair affect the sentiment present in the comment.We also show that user’s sentiment differ for the same pair of team in different format of the game. The main contribution of this paper is the idea of using sentiment analysis to identify the major factors influencing user sentiments because we believe that understanding factors influencing the mood of users has interesting applications in advertising, recommendation, and search engine optimization.
website

Awards & Honors

  • Travel grant to attend ESEC/FSE23 , 2023
  • Selected for ESEC/FSE Student Research Competition 2023 , 2023
  • Travel grant to attend IMC22 , 2022
  • Semifinalist, Urban Innovation Challenge, Brac Bangladesh , 2017
  • Semifinalist, Telenor Youth Forum, Bangladesh , 2016
  • 1st Runner-Up, Battle of Speed, National Robotics Festival, Bangladesh ,Team performance of Team [Palashi_Burgers] , 2014
  • 2nd Runner-Up, CSE Fest Robotics Championship, Department of CSE, BUET, Team performance of Team [Palashi_Burgers] , 2012